This is the backend API for the DevConnect platform — a developer networking application that enables users to connect, collaborate on projects, and grow their professional network.
The backend is built with Express.js, TypeScript, and MongoDB, using HTTP-only cookies for secure authentication and token management.
- 🔐 JWT Authentication (Access + Refresh Tokens stored in cookies)
- 👤 User Registration & Login
- 🔄 Token Refresh & Secure Logout
- 🧱 Role-Based Authorization
- 🧩 Project Management (CRUD)
- ⚙️ TypeScript for type safety
- 🧰 Modular architecture (controllers, services, repositories)
- 🚧 Error handling middleware
- 🧼 Input validation
src/ │ ├── config | └── db.ts | ├── controllers │ ├── authController.ts │ └── errorController.ts | └── userController.ts | ├── middleware │ ├── authMiddleware.ts │ └── errorMiddleware.ts | └── roleMiddleware.ts | ├── models │ ├── BlacklistedToken.ts │ └── project.ts | └── user.ts | ├── repositories │ ├── projectRepositories.ts │ └── userRepository.ts | ├── routes │ ├── authRoutes.ts │ └── projectRoutes.ts | └── userRoutes.ts | ├── services/auth │ ├── loginService.ts │ └── logOutService.ts | └── refreshTokenService.ts | └── registerService.ts ├── types/ │ └── index.tsx ├── utils/ │ └── cookieStore.ts | └── tokenUtils.ts | └── validation.ts └── server.tsx
| Category | Technologies |
|---|---|
| Runtime | Node.js |
| Framework | Express.js |
| Language | TypeScript |
| Database | MongoDB (Mongoose) |
| Auth | JWT + HTTP-only Cookies |
| Validation | Zod / Joi |
| Environment | dotenv |
| Logging | morgan |
| Frontend | DevConnect-Fe |
| Method | Endpoint | Description |
|---|---|---|
| POST | /register |
Register new user |
| POST | /login |
Authenticate user and set cookies |
| POST | /refresh-token |
Refresh access token |
| POST | /logout |
Log out user and clear cookies |
| Method | Endpoint | Description |
|---|---|---|
| GET | / |
Get all users (Admin only) |
| GET | /:id |
Get user by ID |
| Method | Endpoint | Description |
|---|---|---|
| GET | / |
Get all projects |
| POST | / |
Create new project |
| PATCH | /:id |
Update project |
| DELETE | /:id |
Delete project |
- User logs in / registers → server sends JWT access and refresh tokens as HTTP-only cookies.
- Subsequent requests include cookies automatically.
- Access token expires → client silently requests
/refresh-tokento get a new one. - Logout → both tokens are invalidated (blacklisted) and cookies cleared.
git clone https://github.com/your-username/DevConnect-Be.git
cd DevConnect-Be2️⃣ Install dependencies npm install
3️⃣ Configure environment variables
Create a .env file in the root directory:
PORT=5000 MONGO_URI=your_mongodb_connection_string JWT_ACCESS_SECRET=your_access_secret JWT_REFRESH_SECRET=your_refresh_secret COOKIE_SECRET=your_cookie_secret CLIENT_URL=https://devconnect-fe.vercel.app NODE_ENV=development
4️⃣ Run the server npm run dev
Server will start on http://localhost:5000
🧪 Scripts Command Description npm run dev Run server in development mode (ts-node-dev) npm run build Compile TypeScript to JavaScript npm start Start server from build directory 🤝 Frontend Integration
Frontend repo: DevConnect-Fe
Ensure your CORS configuration allows:
origin: process.env.CLIENT_URL, credentials: true
so cookies are sent securely between frontend and backend.
🧾 License
This project is licensed under the MIT License .