Task Manager System API

A robust project and task management REST API built with Node.js, Express, Prisma ORM, and PostgreSQL (Supabase).

🌐 Live Demo

The API is deployed and available at:

https://task-manager-system-uqus.onrender.com

Base API URL: https://task-manager-system-uqus.onrender.com/api/v1

Note: The application is hosted on Render's free tier, so the first request may take a few seconds as the server spins up from sleep mode.

✨ Features

🔐 Authentication

User registration and login
JWT-based authentication (access & refresh tokens)
Cookie-based token management
Password change functionality
Account deletion
Protected routes with middleware

📁 Project Management

Create, read, update, and delete projects
Role-based access control (Owner, Admin, Manager, Contributor, Viewer)
Team collaboration with member management
Add/remove project members
Update member roles
Permission-based operations

✅ Task Management

Create and organize tasks within projects
Subtask support for better task breakdown
Full CRUD operations on tasks and subtasks
Role-based task permissions
Task filtering and retrieval

🛠 Tech Stack

Runtime: Node.js
Framework: Express.js v5
Database: PostgreSQL (Supabase)
ORM: Prisma
Authentication: JWT + bcryptjs
Validation: Zod
HTTP Logging: Morgan
Security: CORS, cookie-parser
Deployment: Render
Testing: Vitest

🚀 Getting Started

Prerequisites

Node.js (v14 or higher)
npm or yarn
PostgreSQL database (Supabase account)

Installation

Clone the repository

git clone https://github.com/yourusername/task-manager-system.git
cd task-manager-system

Install dependencies

npm install

Set up environment variables

cp .env.example .env

Edit .env with your configuration (see Environment Variables)

Generate Prisma Client

npx prisma generate

Run database migrations

npx prisma migrate dev

Start the development server

npm run dev

The API will be available at http://localhost:8000

📚 API Documentation

Base URL

Production: https://task-manager-system-uqus.onrender.com/api/v1

Local Development: http://localhost:8000/api/v1

Endpoints

Health Check

GET /healthcheck - Check API status

Authentication Routes (`/auth`)

Method	Endpoint	Description	Auth Required
POST	`/register`	Register new user	No
POST	`/login`	Login user	No
POST	`/refresh-token`	Refresh access token	No
POST	`/logout`	Logout user	Yes
GET	`/me`	Get current user	Yes
DELETE	`/me`	Delete account	Yes
PATCH	`/me/change-password`	Change password	Yes

Project Routes (`/projects`)

Method	Endpoint	Description	Required Role
GET	`/`	Get all projects	Authenticated
POST	`/`	Create project	Authenticated
GET	`/:projectId`	Get project by ID	Member
PATCH	`/:projectId`	Update project	Manager+
DELETE	`/:projectId`	Delete project	Owner
POST	`/:projectId/members`	Add members	Manager+
GET	`/:projectId/members`	Get members	Member
DELETE	`/:projectId/members/:userId`	Remove member	Admin+
PATCH	`/:projectId/members/:userId/role`	Update member role	Admin+

Task Routes (`/tasks`)

Method	Endpoint	Description	Required Role
GET	`/projects/:projectId/tasks`	Get all tasks	Member
POST	`/projects/:projectId/tasks`	Create task	Contributor+
GET	`/:projectId/tasks/:taskId`	Get task by ID	Member
PATCH	`/:projectId/tasks/:taskId`	Update task	Contributor+
DELETE	`/:projectId/tasks/:taskId`	Delete task	Manager+
POST	`/:taskId/subtasks`	Create subtask	Contributor+
PATCH	`/:taskId/subtasks/:subTaskId`	Update subtask	Contributor+
DELETE	`/:taskId/subtasks/:subTaskId`	Delete subtask	Manager+

Role Hierarchy

The system uses five distinct user roles with hierarchical permissions:

Owner: Full control over the project (can delete project, manage all members)
Admin: Can manage members and all project content
Manager: Can manage tasks and project settings
Member: Can contribute to tasks (create, edit tasks and subtasks)
Viewer: Read-only access to project and tasks

Permission Groups

Project Operations:

ADMIN_ROLES: Owner, Admin
MANAGER_ROLES: Owner, Admin, Manager

Task Operations:

CONTRIBUTOR_ROLES: Owner, Admin, Manager, Member
MANAGER_ROLES: Owner, Admin, Manager

📁 Project Structure

task-manager-system/
├── src/
│   ├── controllers/      # Request handlers
│   │   ├── auth.controller.js
│   │   ├── healthchecker.routes
│   │   ├── project.controller.js
│   │   └── task.controller.js
│   ├── middlewares/      # Custom middleware
│   │   ├── auth.middleware.js
│   │   ├── error-handler.middleware.js
│   │   ├── validate.middleware.js
│   ├── routes/          # API routes
│   │   ├── auth.routes.js
│   │   ├── healthchecker.routes
│   │   ├── project.routes.js
│   │   └── task.routes.js
│   ├── schemas/         # Zod validation schemas
│   ├── utils/           # Utility functions
│   └── app.js           # Express app setup
├── prisma/
│   └── schema.prisma    # Database schema
├── .env                 # Environment variables
├── .gitignore
└── package.json

🔐 Environment Variables

Create a .env file in the root directory:

# Server
PORT=
NODE_ENV=

# Database
DATABASE_URL=
DIRECT_URL=

# JWT
REFRESH_TOKEN_SECRET=
ACCESS_TOKEN_SECRET=

JWT_EXPIRY=
JWT_REFRESH_

# CORS
CORS_ORIGIN=

🔒 Security Features

JWT-based authentication with access and refresh tokens
Password hashing with bcryptjs
HTTP-only cookies for token storage
CORS protection
Input validation with Zod schemas
Role-based access control (RBAC)
Protected routes with authentication middleware

🧪 Middleware

Authentication Middleware (`verifyJWT`)

Validates JWT tokens and attaches user to request object.

Validation Middleware (`validate`)

Validates request data against Zod schemas.

Project Permission Middleware (`validateProjectPermission`)

Checks user's role and permissions for project operations.

Error Handler Middleware

Centralized error handling with consistent response format.

📦 Dependencies

{
  "@prisma/client": "^6.19.0",
  "bcryptjs": "^3.0.3",
  "cookie-parser": "^1.4.7",
  "cors": "^2.8.5",
  "dotenv": "^17.2.3",
  "express": "^5.1.0",
  "jsonwebtoken": "^9.0.2",
  "morgan": "^1.10.1",
  "prisma": "^6.19.0",
  "zod": "^4.1.12"
}

🚀 Deployment

This application is deployed on Render with the following configuration:

Platform: Render Web Service
Database: Supabase PostgreSQL
Build Command: npm install && npx prisma generate && npx prisma migrate deploy
Start Command: npm start

Deploying Your Own Instance

Fork this repository
Create a new Web Service on Render
Connect your GitHub repository
Set up environment variables in Render dashboard
Deploy!

📄 License

This project is licensed under the MIT License.

👤 Author

Lucas Herzinger Souza

Name		Name	Last commit message	Last commit date
Latest commit History 23 Commits
prisma		prisma
requests		requests
src		src
.gitignore		.gitignore
Dockerfile		Dockerfile
README.md		README.md
package-lock.json		package-lock.json
package.json		package.json
vitest.config.js		vitest.config.js
vitest.setup.js		vitest.setup.js

luchersou/task-manager-system

Folders and files

Latest commit

History

Repository files navigation

Task Manager System API

🌐 Live Demo

📋 Table of Contents

✨ Features

🔐 Authentication

📁 Project Management

✅ Task Management

🛠 Tech Stack

🚀 Getting Started

Prerequisites

Installation

📚 API Documentation

Base URL

Endpoints

Health Check

Authentication Routes (/auth)

Project Routes (/projects)

Task Routes (/tasks)

Role Hierarchy

Permission Groups

📁 Project Structure

🔐 Environment Variables

🔒 Security Features

🧪 Middleware

Authentication Middleware (verifyJWT)

Validation Middleware (validate)

Project Permission Middleware (validateProjectPermission)

Error Handler Middleware

📦 Dependencies

🚀 Deployment

Deploying Your Own Instance

📄 License

👤 Author

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0