A comprehensive MERN stack backend for a micro-tasking and earning platform where workers complete small tasks for payment and buyers create tasks for workers.
- β User registration with email validation & password hashing
- β JWT-based login system
- β Role-based access control (Worker, Buyer, Admin)
- β Secure token storage
- β Profile management
- β View available tasks with pagination
- β Submit task work with details
- β Track submission status (Pending/Approved/Rejected)
- β View earnings from approved submissions
- β Request withdrawals (with 20 coins = $1 rate)
- β Minimum withdrawal requirement (200 coins = $10)
- β Withdrawal history tracking
- β Create tasks with detailed requirements
- β View task submissions from workers
- β Approve/Reject submissions
- β Automatic coin deduction on task creation
- β Purchase coins using 4 different packages
- β Payment history tracking
- β Update and delete tasks
- β Refund coins for deleted uncompleted tasks
- β Dashboard with platform statistics
- β User management (view, update roles, delete)
- β Task management (view, delete)
- β Withdrawal request management
- β Approve/Reject withdrawals
- β Real-time notifications for all major actions
- β Notifications for task submissions, approvals, rejections
- β Withdrawal notifications
- β Read/Unread status tracking
- β Notification history
- β Intelligent coin management system
- β Worker receives 10 coins on registration
- β Buyer receives 50 coins on registration
- β Task cost calculation: required_workers Γ payable_amount
- β Automatic coin updates on transactions
- β Withdrawal percentage (Platform: 50%, Workers: 50%)
- Node.js (v14+)
- npm or yarn
- MongoDB Atlas account (free tier available)
# Clone repository
cd server
# Install dependencies
npm install
# Create .env file
cp .env.example .env
# Edit .env with your MongoDB URI and JWT_SECRET
# Start development server
npm run devcurl http://localhost:5000/api/healthResponse:
{
"status": "OK",
"message": "Server is running"
}| Document | Purpose |
|---|---|
| QUICK_START.md | 5-minute setup guide with testing examples |
| API_DOCUMENTATION.md | Complete API reference with all endpoints |
| BACKEND_SETUP.md | Detailed installation & configuration |
| ENV_VARIABLES.md | Environment variable reference |
server/
βββ index.js # Main application entry point
βββ package.json # Dependencies & scripts
βββ .env # Environment variables (create this)
βββ .env.example # Example env file
β
βββ middleware/
β βββ auth.js # JWT authentication & role authorization
β
βββ models/ # Database schemas
β βββ User.js # User schema
β βββ Task.js # Task schema
β βββ Submission.js # Submission schema
β βββ Withdrawal.js # Withdrawal schema
β βββ Payment.js # Payment schema
β βββ Notification.js # Notification schema
β
βββ routes/ # API endpoints
β βββ auth.js # /api/auth (register, login, profile)
β βββ tasks.js # /api/tasks (CRUD, viewing)
β βββ submissions.js # /api/submissions (submit, review)
β βββ withdrawals.js # /api/withdrawals (request, manage)
β βββ payments.js # /api/payments (purchase coins)
β βββ notifications.js # /api/notifications (manage)
β βββ admin.js # /api/admin (statistics, management)
β
βββ docs/
βββ QUICK_START.md # Quick start guide
βββ API_DOCUMENTATION.md # Full API docs
βββ BACKEND_SETUP.md # Setup guide
βββ ENV_VARIABLES.md # Env variables reference
POST /register Register new user
POST /login Login user
GET /me Get current user profile
PUT /profile Update user profile
GET / Get all available tasks
GET /:id Get task details
POST / Create task (Buyer only)
PUT /:id Update task (Buyer only)
DELETE /:id Delete task (Buyer only)
GET /buyer/my-tasks Get buyer's tasks
GET /admin/top-workers Get top 6 workers
POST / Submit task (Worker only)
GET /worker/my-submissions Get worker's submissions
GET /buyer/review Get submissions to review (Buyer only)
PUT /:id/approve Approve submission (Buyer only)
PUT /:id/reject Reject submission (Buyer only)
GET /worker/approved Get approved submissions (Worker)
POST / Request withdrawal (Worker only)
GET /worker/history Get withdrawal history (Worker)
GET /admin/pending Get pending withdrawals (Admin only)
PUT /:id/approve Approve withdrawal (Admin only)
PUT /:id/reject Reject withdrawal (Admin only)
GET /packages Get coin packages
POST /create-payment Create payment (Buyer only)
PUT /confirm/:paymentId Confirm payment (Buyer only)
POST /dummy-payment Dummy payment for testing
GET /history Get payment history (Buyer only)
GET / Get user notifications
GET /unread/count Get unread count
PUT /:id/read Mark as read
PUT /read-all Mark all as read
DELETE /:id Delete notification
GET /stats Get dashboard statistics
GET /users Get all users
PUT /users/:id/role Update user role
DELETE /users/:id Delete user
GET /tasks Get all tasks
DELETE /tasks/:id Delete task
- Workers: 10 coins
- Buyers: 50 coins
- 10 coins = $1
- 150 coins = $10
- 500 coins = $20
- 1000 coins = $35
- 20 coins = $1
- Minimum withdrawal: 200 coins = $10
- Maximum: User's available balance
- Buy Rate: 10 coins = $1
- Sell Rate: 20 coins = $1
- Platform Margin: 50%
- β Password Hashing: bcryptjs with salt rounds
- β JWT Authentication: Secure token-based auth
- β Role-Based Access: Protect sensitive operations
- β Input Validation: Email format, password strength
- β Error Handling: Safe error messages without exposing internals
- β CORS Enabled: Configured for all origins
- β MongoDB Security: Connection string in environment variables
- Import endpoints from API_DOCUMENTATION.md
- Create environment variables for token and URLs
- Set Authorization header:
Bearer <token>
# Register
curl -X POST http://localhost:5000/api/auth/register \
-H "Content-Type: application/json" \
-d '{"name":"John","email":"john@example.com","password":"Pass123","role":"worker"}'
# Login
curl -X POST http://localhost:5000/api/auth/login \
-H "Content-Type: application/json" \
-d '{"email":"john@example.com","password":"Pass123"}'
# Get profile (with token)
curl -X GET http://localhost:5000/api/auth/me \
-H "Authorization: Bearer <token>"- Stores user profiles, roles, and available coins
- Indexed by email for faster lookups
- Password stored as bcrypt hash
- Task listings created by buyers
- Tracks required workers and payable amount
- Automatically manages status and worker count
- Worker task submissions for review
- Tracks submission status and dates
- Links worker to task and buyer
- Worker withdrawal requests
- Tracks coin amount and dollar equivalent
- Manages withdrawal status and payment method
- Records all coin purchases
- Tracks transaction IDs and payment status
- Links purchases to buyer accounts
- System-generated notifications
- Supports read/unread status
- Soft delete through archiving
- Buyer creates task β Coins deducted from buyer
- Worker submits β Notification sent to buyer
- Buyer reviews β Can approve or reject
- If approved β Coins credited to worker, task worker count reduced
- If rejected β Worker count increased, refund available workers
- Worker requests withdrawal β Creates pending withdrawal
- Admin reviews β Can approve or reject
- If approved β Coins deducted, worker notified
- If rejected β Coins remain, worker notified
- Buyer selects package β Payment created (pending)
- Payment confirmed β Transaction ID stored
- Status updated β Coins added to buyer account
- Notification sent β Logged in payment history
- Create free account at mongodb.com/cloud/atlas
- Create cluster (M0 free tier)
- Create database user
- Whitelist IP address (0.0.0.0/0 for development)
- Get connection string
- Update MONGODB_URI in .env
node -e "//(require('crypto').randomBytes(32).toString('hex'))"Add result to JWT_SECRET in .env
Monitor coin flow with these queries:
// Total coins in system
db.users.aggregate([{ $group: { _id: null, total: { $sum: "$coins" } } }])
// Coins by role
db.users.aggregate([{ $group: { _id: "$role", count: { $sum: 1 }, totalCoins: { $sum: "$coins" } } }])
// Most paid tasks
db.tasks.find().sort({payable_amount: -1}).limit(10)
// Pending withdrawals
db.withdrawals.find({status: "pending"})- Set NODE_ENV=production
- Use strong JWT_SECRET (32+ chars)
- Configure MongoDB IP whitelist
- Enable HTTPS
- Set specific CORS origins
- Add rate limiting
- Set up logging/monitoring
- Enable database backups
- Test all critical flows
- Document admin credentials
- Set up error alerts
When adding new features:
- Follow existing code structure
- Add proper error handling
- Validate all inputs
- Add relevant notifications
- Update API documentation
- Test with multiple roles
If you encounter issues:
- Check QUICK_START.md for common problems
- Review API_DOCUMENTATION.md for endpoint details
- Check MongoDB connection in .env
- Verify role permissions
- Look at console error messages
This project is part of a job assessment for Junior MERN Stack Developer position.
- β Backend setup complete
- βοΈ Build React frontend
- βοΈ Connect frontend to API
- βοΈ Add Stripe payment integration
- βοΈ Deploy to production
Last Updated: January 2024
Status: β
Production Ready for Assessment