First Execise : User Management System Backend Created with Test Cases and also add pretier and pre-commit hook in Node.js

Brij/Exec_1/planning.md

@@ -0,0 +1,179 @@
+# 🛡️ User Management System Specification
+
+A secure and scalable API for managing user accounts, authentication, and role-based access control.
+
+---
+
+## 📌 Overview
+
+This system provides endpoints for user registration, login, profile management, and role assignment. It ensures security through password hashing, JWT-based authentication, and role-based authorization.
+
+---
+
+## 🗂️ Database Schema
+
+### 🧑 Users Table
+
+| Field          | Type         | Description                              |
+|----------------|--------------|------------------------------------------|
+| id             | UUID / INT   | Unique identifier                        |
+| email          | VARCHAR      | Unique user email                        |
+| password_hash  | TEXT         | Hashed password                          |
+| role_id        | INT / UUID   | Foreign key to roles table               |
+| name           | VARCHAR      | Optional user name                       |
+| created_at     | TIMESTAMP    | Account creation time                    |
+| updated_at     | TIMESTAMP    | Last profile update                      |
+
+### 🛡️ Roles Table
+
+| Field        | Type       | Description                              |
+|--------------|------------|------------------------------------------|
+| id           | INT / UUID | Unique identifier                        |
+| name         | VARCHAR    | Role name (e.g., admin, editor, user)    |
+| description  | TEXT       | Role description                         |
+
+---
+
+## 🔐 Security Features
+
+- **Password Hashing**: Use `bcrypt` for secure one-way password hashing.
+- **Authentication**: Implement JWT for stateless authentication.
+- **Authorization**: Middleware to enforce role-based access control.
+- **Rate Limiting**: Protect login endpoint from brute-force attacks.
+- **Sensitive Data Protection**: Never expose passwords or tokens in logs or responses.
+- **Logging**: Log login attempts, role changes, and critical errors.
+
+---
+
+## 🚀 API Endpoints
+
+### 1. `POST /api/users/register` — Register User
+
+**Description**: Create a new user account.
+
+**Request Body**:
+```json
+{
+  "email": "user@example.com",
+  "password": "StrongP@ssw0rd!",
+  "name": "John Doe"
+}
+```
+
+**Validations**:
+- Email format
+- Unique email
+- Password strength (min 8 chars, 1 special char, 1 number)
+
+**Responses**:
+- 201 Created: User registered
+- 400 Bad Request: Validation error
+- 409 Conflict: Email already exists
+
+### 2. `POST /api/users/login` — Authenticate User
+
+**Description**: Login and receive JWT token.
+
+**Request Body**:
+```json
+{
+  "email": "user@example.com",
+  "password": "StrongP@ssw0rd!"
+}
+```
+
+**Validations**:
+- Correct credentials
+- Rate limiting on failed attempts
+
+**Responses**:
+- 200 OK: JWT token returned
+- 401 Unauthorized: Invalid credentials
+- 429 Too Many Requests: Rate limit exceeded
+
+### 3. `GET /api/users/{id}` — Get User Profile
+
+**Description**: Retrieve public profile of a user.
+
+**Headers**: `Authorization: Bearer <token>`
+
+**Validations**:
+- Valid user ID
+- Authenticated user
+- Permission to view
+
+**Responses**:
+- 200 OK: User profile
+- 403 Forbidden: Unauthorized access
+- 404 Not Found: User not found
+
+### 4. `PUT /api/users/{id}` — Update User Profile
+
+**Description**: Update profile info or role (admin only).
+
+**Headers**: `Authorization: Bearer <token>`
+
+**Request Body**:
+```json
+{
+  "name": "Jane Doe",
+  "role_id": 2
+}
+```
+
+**Validations**:
+- Valid user ID
+- Authenticated user or admin
+- Valid fields
+
+**Responses**:
+- 200 OK: Profile updated
+- 403 Forbidden: Unauthorized
+- 404 Not Found: User not found
+
+### 5. `DELETE /api/users/{id}` — Delete User
+
+**Description**: Delete a user account (admin only).
+
+**Headers**: `Authorization: Bearer <token>`
+
+**Validations**:
+- Valid user ID
+- Admin permission
+
+**Responses**:
+- 200 OK: User deleted
+- 403 Forbidden: Unauthorized
+- 404 Not Found: User not found
+
+### 6. `GET /api/roles` — List Roles
+
+**Description**: Retrieve all available roles.
+
+**Headers**: `Authorization: Bearer <token>`
+
+**Responses**:
+- 200 OK: List of roles
+
+### 7. `PUT /api/users/{id}/assign-role` — Assign Role
+
+**Description**: Assign a role to a user (admin only).
+
+**Headers**: `Authorization: Bearer <token>`
+
+**Request Body**:
+```json
+{
+  "role_id": 1
+}
+```
+
+**Validations**:
+- Valid user ID
+- Valid role ID
+- Admin permission
+
+**Responses**:
+- 200 OK: Role assigned
+- 403 Forbidden: Unauthorized
+- 404 Not Found: User or role not found

Brij/Exec_1/user-management-system/.env

@@ -0,0 +1,4 @@
+PORT=3000
+JWT_SECRET=your-super-secret-jwt-key-change-this-in-production
+DB_PATH=./database.sqlite
+NODE_ENV=development

Brij/Exec_1/user-management-system/.eslintrc.json

@@ -0,0 +1,34 @@
+{
+  "env": {
+    "browser": false,
+    "es2021": true,
+    "node": true,
+    "jest": true
+  },
+  "extends": [
+    "eslint:recommended"
+  ],
+  "parserOptions": {
+    "ecmaVersion": "latest",
+    "sourceType": "module"
+  },
+  "rules": {
+    "indent": ["error", 2],
+    "linebreak-style": ["error", "unix"],
+    "quotes": ["error", "single"],
+    "semi": ["error", "always"],
+    "no-unused-vars": ["error", { "argsIgnorePattern": "^_" }],
+    "no-console": "warn",
+    "no-debugger": "error",
+    "prefer-const": "error",
+    "no-var": "error",
+    "object-shorthand": "error",
+    "prefer-template": "error",
+    "template-curly-spacing": "error",
+    "arrow-spacing": "error",
+    "no-duplicate-imports": "error",
+    "no-useless-concat": "error",
+    "prefer-arrow-callback": "error",
+    "prefer-destructuring": ["error", { "object": true, "array": false }]
+  }
+}

Brij/Exec_1/user-management-system/.husky/pre-commit

@@ -0,0 +1,4 @@
+#!/usr/bin/env sh
+. "$(dirname -- "$0")/_/husky.sh"
+
+npx lint-staged

Brij/Exec_1/user-management-system/.lintstagedrc.json

@@ -0,0 +1,3 @@
+{
+  "*.{js,json,md,yml,yaml}": ["prettier --write"]
+}

Brij/Exec_1/user-management-system/.prettierignore

@@ -0,0 +1,61 @@
+# Logs
+logs
+*.log
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+lerna-debug.log*
+.pnpm-debug.log*
+
+# Runtime data
+pids
+*.pid
+*.seed
+*.pid.lock
+
+# Coverage directory used by tools like istanbul
+coverage
+*.lcov
+
+# nyc test coverage
+.nyc_output
+
+# Dependency directories
+node_modules/
+
+# Optional npm cache directory
+.npm
+
+# Optional eslint cache
+.eslintcache
+
+# Microbundle cache
+.rpt2_cache/
+.rts2_cache_cjs/
+.rts2_cache_es/
+.rts2_cache_umd/
+
+# Optional REPL history
+.node_repl_history
+
+# Output of 'npm pack'
+*.tgz
+
+# Yarn Integrity file
+.yarn-integrity
+
+# dotenv environment variables file
+.env
+.env.test
+.env.production
+
+# Stores VSCode versions used for testing VSCode extensions
+.vscode-test
+
+# Database
+*.sqlite
+*.db
+
+# Build outputs
+dist/
+build/

Brij/Exec_1/user-management-system/.prettierrc.json

@@ -0,0 +1,8 @@
+{
+  "semi": true,
+  "trailingComma": "es5",
+  "singleQuote": true,
+  "printWidth": 80,
+  "tabWidth": 2,
+  "useTabs": false
+}