A comprehensive backend API for managing campus operations, built with Node.js, Express, and PostgreSQL.
- 🔐 JWT-based authentication with refresh tokens
- 👥 User management (students, faculty, admins)
- 📧 Email verification and password reset
- 📁 File uploads with Cloudinary integration
- 📚 Swagger API documentation
- 🛡️ Security middleware (Helmet, XSS protection, rate limiting)
- 🗄️ PostgreSQL database with Sequelize ORM
- 🐳 Docker support
- 📝 Database migrations
- Runtime: Node.js 18+
- Framework: Express.js
- Database: PostgreSQL
- ORM: Sequelize
- Authentication: JWT (jsonwebtoken)
- Validation: Joi
- Documentation: Swagger
- Logging: Winston
- Testing: Jest
- Node.js 18 or higher
- PostgreSQL 14 or higher
- npm or yarn
- Docker (optional, for containerized deployment)
-
Clone the repository
git clone <repository-url> cd campus-management-system-backend
-
Install dependencies
npm install
-
Set up environment variables
cp .env.example .env
Edit
.envand fill in your configuration values. -
Set up the database
# Create PostgreSQL database createdb campus_db # Run migrations npm run migrate
-
Seed the database (optional)
npm run seed
See .env.example for all required environment variables. Key variables include:
NODE_ENV: Environment (development/production)PORT: Server port (default: 5000)DB_HOST,DB_PORT,DB_NAME,DB_USER,DB_PASS: Database configurationJWT_SECRET: Secret key for JWT tokensCLOUDINARY_*: Cloudinary credentials for file uploadsFRONTEND_URL: Frontend application URL for CORS
npm run devThe server will start on http://localhost:5000 with hot-reload enabled.
npm start# Build and run with docker-compose
docker-compose up -d
# View logs
docker-compose logs -f backendThis project uses Sequelize CLI for database migrations.
npx sequelize-cli migration:generate --name migration-namenpm run migrate
# or
npx sequelize-cli db:migratenpx sequelize-cli db:migrate:undo
npx sequelize-cli db:migrate:undo:allnpx sequelize-cli db:migrate:statusOnce the server is running, access the Swagger API documentation at:
http://localhost:5000/api-docs
src/
├── app.js # Main application entry point
├── config/ # Configuration files
│ ├── constants.js # Application constants
│ └── swagger.js # Swagger configuration
├── controllers/ # Request handlers
│ ├── authController.js
│ └── userController.js
├── middleware/ # Express middleware
│ ├── authMiddleware.js
│ ├── error.js
│ ├── uploadMiddleware.js
│ └── validationMiddleware.js
├── models/ # Sequelize models
│ ├── department.js
│ ├── faculty.js
│ ├── student.js
│ └── user.js
├── routes/ # API routes
│ ├── authRoutes.js
│ └── userRoutes.js
├── scripts/ # Utility scripts
│ └── seed.js
└── utils/ # Helper utilities
├── emailService.js
├── errorResponse.js
├── jwtHelper.js
└── logger.js
Run tests:
npm testRun tests with coverage:
npm run test:coveragePOST /api/v1/auth/register- Register a new userPOST /api/v1/auth/login- Login userPOST /api/v1/auth/refresh- Refresh access tokenGET /api/v1/auth/verify-email/:token- Verify email addressPOST /api/v1/auth/forgot-password- Request password resetPOST /api/v1/auth/reset-password/:token- Reset password
GET /api/v1/users- Get all users (protected)GET /api/v1/users/:id- Get user by ID (protected)PUT /api/v1/users/:id- Update user (protected)DELETE /api/v1/users/:id- Delete user (protected)
- Helmet: Sets various HTTP headers for security
- XSS Protection: Cleans user input to prevent XSS attacks
- Rate Limiting: Prevents abuse with request rate limiting
- CORS: Configured for specific frontend origins
- JWT Authentication: Secure token-based authentication
- Password Hashing: Bcrypt for password security
- Fork the repository
- Create your feature branch (
git checkout -b feature/AmazingFeature) - Commit your changes (
git commit -m 'Add some AmazingFeature') - Push to the branch (
git push origin feature/AmazingFeature) - Open a Pull Request
ISC
For support, email support@example.com or open an issue in the repository.