Planify Me - Task Management Application

A back-end task management application built with Node.js/Express (backend), featuring multiple authentication methods including local registration/login and OAuth integration with Google and Discord.

🚀 Features

• Multi-Authentication System
  • Local registration and login with email/password
  • Google OAuth 2.0 integration
  • Discord OAuth integration
• Task Management (planned/in development)
• User Session Management
• MySQL Database Integration
• Type-Safe Development with TypeScript
• RESTful API Architecture

📁 Project Structure

PLANIFY_ME
├── backend
│   ├── node_modules
│   └── src
│       ├── auth
│       │   ├── Oauth
│       │   │   ├── discord.ts  # Discord OAuth strategy
│       │   │   └── google.ts   # Google OAuth strategy
│       │   ├── auth.controller.ts  # Authentication logic
│       │   ├── auth.routes.ts  # Auth route definitions
│       │   ├── validate-login-req.ts  # Middleware to validate login requests
│       │   └── validate-register-req.ts  # Middleware to validate register requests
│       ├── controllers
│       │   ├── events.controller.ts  # User events logic
│       │   ├── notes.controller.ts   # User notes logic
│       │   └── tasks.controller.ts   # User tasks logic
│       ├── middlewares
│       │   └── auth.middleware.ts   # Middleware to protect the routes
│       ├── routes
│       │   ├── events.routes.ts  # User events routes
│       │   ├── notes.routes.ts   # User notes routes
│       │   └── tasks.routes.ts   # User tasks routes
│       ├── types
│       │   ├── events-types
│       │   │   └── events.types.ts  # TypeScript type definitions 
│       │   ├── notes-types
│       │   │   └── notes.types.ts
│       │   ├── tasks-types
│       │   │   └── tasks.types.ts
│       │   ├── login-user.ts
│       │   └── register-user.ts
│       ├── utils
│       │   ├── date-formatter.ts  # Util to convert Date object to MySQL DATETIME
│       │   ├── generate-token.ts  # Util to generate authentication token
│       │   ├── validate-body-req.ts  # Util to validate the `req.body` object
│       │   └── validate-notes-body.ts  # Util to validate the create note request
│       ├── conn.ts  # Database connection
│       └── index.ts  # Express server setup

🛠 Tech Stack

Backend

• Node.js - Runtime environment
• Express.js - Web framework
• TypeScript - Type safety
• Passport.js - Authentication middleware
• MySQL2 - Database driver
• bcrypt - Password hashing
• JWT - Token-based authentication
• dotenv - Environment variable management

Database

• MySQL - Relational database

🔧 Installation & Setup

Prerequisites

• Node.js (v14 or higher)
• MySQL database
• Google OAuth credentials
• Discord OAuth credentials

Environment Variables

Create a .env file in the backend directory:

# Database Configuration
DB_HOST=localhost
DB_USER=your_db_user
DB_PASSWORD=your_db_password
DB_NAME=planify_me

# JWT Configuration
JWT_SECRET=your_jwt_secret

# Google OAuth
GOOGLE_CLIENT_ID=your_google_client_id
GOOGLE_CLIENT_SECRET=your_google_client_secret
GOOGLE_CALLBACK_URL=http://localhost:3000/api/auth/google/redirect

# Discord OAuth
DISCORD_CLIENT_ID=your_discord_client_id
DISCORD_CLIENT_SECRET=your_discord_client_secret
DISCORD_CALLBACK_URL=http://localhost:3000/api/auth/discord/redirect

# Server Configuration
NODE_ENV=development
PORT=3000

Database Setup

CREATE DATABASE planify_me;

USE planify_me;

CREATE TABLE Users (
  user_id INT PRIMARY KEY AUTO_INCREMENT,
  first_name VARCHAR(255),
  last_name VARCHAR(255),
  email VARCHAR(255) UNIQUE NOT NULL,
  username VARCHAR(255),
  password VARCHAR(255),
  auth_provider ENUM('local', 'google', 'discord') DEFAULT 'local',
  google_id VARCHAR(255) UNIQUE,
  discord_id VARCHAR(255) UNIQUE,
  created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
  updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP
);

Backend Installation

cd backend
npm install
npm run dev

🔐 Authentication System

Local Authentication

Registration

• Endpoint: POST /api/auth/register
• Body:

{
  "firstName": "John",
  "lastName": "Doe",
  "email": "[email protected]",
  "password": "securePassword123"
}

Login

• Endpoint: POST /api/auth/login
• Body:

{
  "email": "[email protected]",
  "password": "securePassword123"
}

OAuth Authentication

Google OAuth Flow

1. Initiate: GET /api/auth/google
2. Callback: GET /api/auth/google/redirect

Discord OAuth Flow

1. Initiate: GET /api/auth/discord
2. Callback: GET /api/auth/discord/redirect

Session Management

The application uses Passport.js for session management:

// User serialization for session storage
passport.serializeUser((user: Express.User, done) => {
  done(null, user.user_id);
});

// User deserialization from session
passport.deserializeUser(async (id: number, done) => {
  // Fetch user from database
  const user = await getUserById(id);
  done(null, user);
});

📡 API Routes

Authentication Routes (/api/auth)

Method	Endpoint	Description
POST	/register	User registration
POST	/login	Local login
POST	/logout	User logout
GET	/google	Initiate Google OAuth
GET	/google/redirect	Google OAuth callback
GET	/discord	Initiate Discord OAuth
GET	/discord/redirect	Discord OAuth callback

🔧 Core Components

Database Connection (conn.ts)

• MySQL connection pool setup
• Environment-based configuration
• Connection error handling

Authentication Controller (auth.controller.ts)

• createLoginHandler(provider): Generic login handler for different providers
• register(): User registration with password hashing
• logout(): Session termination

OAuth Strategies

• Google Strategy: Handles Google OAuth 2.0 flow
• Discord Strategy: Handles Discord OAuth flow
• User creation/retrieval logic
• Profile data mapping to database schema

Type Definitions (types/login-user.ts)

• TypeScript interfaces for request/response objects
• User model definitions
• Provider enum definitions

🔒 Security Features

• Password Hashing: bcrypt with salt rounds
• JWT Tokens: Secure token-based authentication
• Environment Variables: Sensitive data protection
• Input Validation: Request validation for all endpoints
• Session Security: Passport.js session management
• OAuth Security: Secure OAuth 2.0 implementation

🚦 Error Handling

The application implements comprehensive error handling:

// Example error response structure
{
  "success": `false`
  "error": "Unauthorized access",
  "code": TaskErrorCode.UNAUTHORIZED,
  "status": 401
}

Common Error Scenarios

• Invalid credentials
• User already exists
• Database connection errors
• OAuth provider errors
• Missing required fields

🧪 Development

Running in Development Mode

# Backend
cd backend
npm run dev

### TypeScript Compilation

```bash
# Backend
npm run build

# Type checking
npm run type-check

🔄 User Flow

Registration Flow

1. User submits registration form
2. Server validates input data
3. Password is hashed using bcrypt
4. User record created in database
5. Success response sent to client

Login Flow

1. User submits credentials
2. Server validates email/password
3. Password comparison using bcrypt
4. JWT token generated
5. Token sent as HTTP-only cookie
6. User session established

OAuth Flow

1. User clicks OAuth provider button
2. Redirect to provider's authorization server
3. User grants permissions
4. Provider redirects back with authorization code
5. Server exchanges code for access token
6. User profile fetched from provider
7. User created/updated in database
8. Session established

🔮 Future Enhancements

• Team collaboration features
• Real-time notifications
• Advanced user permissions
• File attachments
• Activity logging