This is the backend of a task management and collaboration platform built during a 36-hour hackathon. It handles user auth, task CRUD, AI suggestions, and group-based role management — built from scratch using raw SQL queries and cookie-based JWT auth.
🚀 No Firebase. No ORM. Just raw backend logic.
- User registration with hashed passwords (
bcryptjs) - Login sets
httpOnlyJWT token - Protected routes via custom middleware
- Logout clears cookie
- CRUD operations for personal and group tasks
- Task ownership and role-based access control
PATCHto update status or details- AI-based suggestions via Gemini API (based on current task list)
- Users can create groups (auto-assigned as admin)
- Admins can add members to groups
- Role management handled via a
group_memberstable - All logic enforced through server-side ownership checks
- Raw SQL queries using
pgmodule - Manual transaction management for critical ops
- Schemas with proper constraints and cascading behavior
- Works on Render (free-tier friendly)
- Frontend consumes these APIs successfully
.envdriven configuration for secrets and DB
- Node.js + Express.js
- PostgreSQL (raw SQL, no ORM)
- JWT (cookie-based auth)
- Google Gemini API (task suggestions)
- bcryptjs (password hashing)
- dotenv, cookie-parser, cors
Optional: Add
DATABASE_URLfor production deployments
# Install dependencies
pnpm install
# Run DB table creation (auto on start)
node initDB.js
# Start server
node server.js- All these routes require the user to be logged-in , all routes are protected by a middleware that checks for the jwt token .
Request Body :
{
"username": "john123",
"email": "john@example.com",
"password": "strongPassword123"
} Response :
201 Created on success
400 if user/email already exists
Request Body :
{
"email": "john@example.com",
"password": "strongPassword123"
} Response :
200 On succesful login else status codes and message accordingly.
Clears the cookie
Request Body :
{
"title": "Finish report", // required
"description": "Complete the final draft",
"priority": "High", // optional: Low | Medium | High
"duedate": "2025-07-01T18:30:00.000Z",
"tag": "work", // optional
"groupId": 1, // optional
"assignedTo": 2 // optional user ID
}
Response :
201 Created on success
Other status codes accordingly.
Request Body : Id of task taken from params.
Response :
Status codes accordingly.
Request Body :
{
"title": "New title",
"description": "Updated description",
"duedate": "2025-07-05T14:00:00.000Z",
"priority": "Medium",
"tag": "updated",
"is_completed": false // optional
}Response :
Status codes accordingly.
Returns all tasks of the logged-in user.
Return the task with "id" only if created by the user
Get AI-generated suggestions based on the user's tasks.
- The live task collaboration feature is currently under development. Check out the feat/live-collab branch for the following experimental APIs and logic.
Request Body :
{
"name": "Project X" // required, string
}Response : Status codes accordingly.
Notes
-
This route runs a transactional query to create the group and assign admin rights atomically.
-
Only logged-in users can create groups.
Request Body :
{
"userToAddId": 7 // required: ID of the user to be added
}Notes
- This checks if the requester is the admin of the group.
- The new member is added with the role member