The ToDoAPI is a RESTful API built with Express.js and MongoDB, providing secure authentication, role-based access control, and robust task management capabilities. It allows users to create, update, and delete to-do lists and individual tasks, with role-specific functionalities for admins and superadmins.
- Introduction
- Features
- Getting Started
- Usage
- Routes
- Error Handling
- Testing
- Documentation
- Contributing
- License
The ToDoAPI is designed to facilitate task management for users with different roles. It includes user authentication, role-based access control (RBAC), and CRUD operations for both to-do lists and individual tasks.
- User registration and login with JWT authentication
- Role-based access control (User, Admin, SuperAdmin)
- CRUD operations for user profiles
- Create, update, and delete to-do lists
- Manage individual tasks within a list
- Admin and SuperAdmin functionalities
Before running the ToDoAPI, ensure you have the following installed:
- Node.js
- MongoDB
- Clone the repository:
git clone https://github.com/m-ehab2/ToDoAPI.git
- Navigate to the project directory:
cd ToDoAPI
- Install dependencies:
npm install
- Use the
/register
and/login
routes for user registration and login. - Include the JWT token received upon login in the Authorization header for authenticated routes.
- Access and update user profiles using the
/profile
route.
- Create, update, and delete to-do lists using the
/list
route. - Manage individual tasks within a list using nested routes under
/list/:listId/todos
.
- Access admin functionalities using the
/Dashboard
route (requires Admin or SuperAdmin role). - SuperAdmins can perform additional tasks through the
/SuperBoard
route.
-
Authentication Routes:
/register
(POST): User registration./login
(POST): User login.
-
User Routes:
/profile
(GET, PUT): Access and update user profiles.
-
To-Do List Routes:
/list
(POST): Create a new to-do list./list/:listId
(GET, PUT, DELETE): Access and manage individual to-do lists.
-
To-Do Routes (Within a List):
/list/:listId/todos
(GET): Get all to-dos in a list./list/:listId/todos/:todoId
(GET, PUT, DELETE): Access and manage individual to-dos within a list.
-
Admin and SuperAdmin Routes:
/Dashboard
(GET): Access admin functionalities (requires Admin or SuperAdmin role)./SuperBoard
(GET): Access SuperAdmin functionalities.
The API includes comprehensive error handling for various scenarios. Common HTTP error codes are used, along with detailed error messages in the response.
The project includes unit tests for critical functions and integration tests for API routes. Ensure to run tests to verify the correctness of the implementation.
For detailed API documentation, refer to the provided code comments, API routes, and the Postman collection.
Contributions are welcome! Feel free to open issues or submit pull requests.