A minimal CRUD mobile app built with React Native (Expo) + Node.js (Express) demonstrating full-stack development.
This project was developed with AI assistance using Droid agent with Claude 4.5 and GLM 4.6 models
- Node.js ≥ 18.x
- pnpm ≥ 8.x (or use
npm install -g pnpm) - Docker + Docker Compose (for backend)
- Expo Go app (for mobile testing)
git clone https://github.com/lishine/assignment-rsbr-react-native.git
pnpm install- Create
.env.local(copy from.env.example) - Configure mobile API URL:
EXPO_PUBLIC_API_URL=http://YOUR_IP:3000- Replace
YOUR_IPwith your machine IP (find withipconfig getifaddr en0on macOS) or Tailscale service ip
- Replace
Backend environment variables (handled by docker-compose):
JWT_SECRET- Secret key for JWT signingJWT_EXPIRES_IN- Token expiration (default: 7d)
docker compose up --buildThe backend will:
- Initialize PostgreSQL database
- Seed test data with 2 users and sample tasks
- Run on
http://localhost:3000 - Expose Swagger UI at
http://localhost:3000/api-docs - Expose health check at
http://localhost:3000/health
cd packages/mobile
pnpm start- Scan the QR code with Expo Go app
- Login with test credentials:
- Email:
test1@example.com| Password:password123 - Email:
test2@example.com| Password:password123
- Email:
- If backend running by then and tunnel to PC created, you will be able to login.
✅ User authentication with JWT
✅ PostgreSQL database with seed data
✅ Full CRUD operations on tasks
✅ Two screens: Login + Task Management
✅ Responsive mobile UI
✅ API documentation (Swagger)
✅ Docker-ready deployment
After running docker compose up --build, the database is seeded with:
| Password | Available Tasks | |
|---|---|---|
| test1@example.com | password123 | 5 sample tasks |
| test2@example.com | password123 | 3 sample tasks |
POST /api/auth/register- Register new userPOST /api/auth/login- Login user
GET /api/tasks- Get user's tasksPOST /api/tasks- Create new taskPUT /api/tasks/:id- Update taskDELETE /api/tasks/:id- Delete task
GET /api-docs- Swagger UI documentationGET /health- Service health check
- Express.js - REST API framework
- TypeScript - Type-safe backend
- PostgreSQL - Production-ready database
- JWT - Authentication
- Swagger UI - API documentation
- tsx - Run TypeScript directly (no build step)
- Vitest - Fast unit testing framework
- React Native - Cross-platform mobile
- Expo - Easy development & APK builds
- React Navigation - Stack navigation
- ofetch - Lightweight HTTP client
- expo-secure-store - Secure token storage
- Docker + Docker Compose - Containerized backend
- pnpm - Monorepo package manager
# Stop containers
docker compose down
# Rebuild
docker compose up --build --force-recreate
# View logs
docker compose logs backend -fThe backend includes comprehensive unit tests using Vitest with 55+ test cases covering:
-
Authentication Tests (
auth.controller.test.ts)- User registration with validation
- User login with credential verification
- Error handling for invalid inputs
- JWT token generation and validation
-
Task Management Tests (
tasks.controller.test.ts)- CRUD operations (Create, Read, Update, Delete)
- Task ownership verification
- Image and drawing data handling
- Error handling and edge cases
-
Database Models Tests (
models.test.ts)- User operations (create, find by email/id)
- Task operations (CRUD with user isolation)
- SQL query validation
- Database connection handling
-
Security Tests (
utils/crypto.test.ts)- Password hashing with salt
- Password comparison with timing attack protection
- Edge cases and malformed inputs
-
Middleware Tests (
middleware/)- JWT token verification middleware
- Error handling middleware
- Security validation
# Run all backend tests
cd packages/backend
pnpm test
# Run tests in watch mode
npm run test:watch
# Run tests with coverage
npm run test:coverage- Refresh token rotation
- Input validation (Zod/Joi)
- Rate limiting
- Pagination for tasks
- Task filtering/sorting
- [v] Unit tests (Vitest)
- [v] Including image in a task
- [v] Drawing in a task
- Pull-to-refresh
- Search/filter UI
- Theme, Dark mode, Animations
- Unit tests
- Offline support (local SQLite)
- CI/CD pipelines (GitHub Actions)
- Environment configs (dev/staging/prod)
- Logging & monitoring
- JWT authentication for all protected routes
- Bcrypt password hashing (10 rounds)
- CORS enabled for frontend
- Error handling middleware
- SQL injection prevention (parameterized queries)
- Use HTTPS/TLS
- Rotate JWT_SECRET regularly
- Add rate limiting
- Use PostgreSQL instead of SQLite
- Add input validation with Zod/Joi
- Implement refresh tokens
- Add request logging
- Use environment-specific configs
# Build image
docker build -f packages/backend/Dockerfile -t task-api:latest .
# Tag for registry
docker tag task-api:latest your-registry/task-api:latest
# Push to registry
docker push your-registry/task-api:latest
# Deploy with environment variables
# Set: JWT_SECRET, NODE_ENV=production-
Setup EAS CLI (one-time):
npm install -g eas-cli eas login
-
Configure build profile in
eas.json(already included):{ "build": { "preview": { "android": { "buildType": "apk" } } } } -
Build APK:
cd packages/mobile eas build --platform android --profile preview -
Download APK from the provided link or EAS dashboard
-
Install APK on Android device:
- Enable "Install from unknown sources" in settings
- Transfer APK file to device and install
- Direct sharing: Send APK file via email/messaging
- Google Play Store: Requires developer account ($25)
- Enterprise distribution: For internal company use
MIT
This project demonstrates:
- ✅ Full-stack TypeScript development
- ✅ JWT authentication patterns
- ✅ CRUD operations with SQL
- ✅ Mobile-backend integration
- ✅ Docker containerization
- ✅ Clean code architecture
- ✅ API documentation
- ✅ Production-ready patterns