Files
EmployeeManagementSystem/backend
2025-11-27 22:50:08 +00:00
..
2025-11-27 22:50:08 +00:00
2025-11-27 22:50:08 +00:00
2025-11-27 22:50:08 +00:00
2025-11-27 22:50:08 +00:00
2025-11-27 22:50:08 +00:00
2025-11-27 22:50:08 +00:00
2025-11-27 22:50:08 +00:00
2025-11-27 22:50:08 +00:00
2025-11-27 22:50:08 +00:00
2025-11-27 22:50:08 +00:00
2025-11-27 22:50:08 +00:00

Work Allocation Backend API

Simple Node.js/Express backend with MySQL database for the Work Allocation System.

Setup

1. Install Dependencies

cd backend
npm install

2. Setup MySQL Database

  1. Install MySQL if not already installed
  2. Create the database and tables:
mysql -u root -p < database/schema.sql

Or manually:

  • Login to MySQL: mysql -u root -p
  • Run the SQL commands from database/schema.sql

3. Configure Environment

Copy .env.example to .env and update with your database credentials:

cp .env.example .env

Edit .env:

DB_HOST=localhost
DB_USER=root
DB_PASSWORD=your_mysql_password
DB_NAME=work_allocation
DB_PORT=3306

JWT_SECRET=your_secret_key_here
JWT_EXPIRES_IN=7d

PORT=3000

4. Start Server

Development mode (with auto-reload):

npm run dev

Production mode:

npm start

The server will run on http://localhost:3000

Default Credentials

Super Admin:

  • Username: admin
  • Password: admin123

Note: Change the default password immediately after first login!

API Endpoints

Authentication

  • POST /api/auth/login - Login
  • GET /api/auth/me - Get current user
  • POST /api/auth/change-password - Change password

Users

  • GET /api/users - Get all users (with filters)
  • GET /api/users/:id - Get user by ID
  • POST /api/users - Create user
  • PUT /api/users/:id - Update user
  • DELETE /api/users/:id - Delete user

Departments

  • GET /api/departments - Get all departments
  • GET /api/departments/:id - Get department by ID
  • GET /api/departments/:id/sub-departments - Get sub-departments
  • POST /api/departments - Create department (SuperAdmin only)
  • POST /api/departments/:id/sub-departments - Create sub-department (SuperAdmin only)

Work Allocations

  • GET /api/work-allocations - Get all work allocations
  • GET /api/work-allocations/:id - Get work allocation by ID
  • POST /api/work-allocations - Create work allocation (Supervisor only)
  • PUT /api/work-allocations/:id/status - Update status (Supervisor only)
  • DELETE /api/work-allocations/:id - Delete work allocation (Supervisor only)

Attendance

  • GET /api/attendance - Get all attendance records
  • GET /api/attendance/:id - Get attendance by ID
  • POST /api/attendance/check-in - Check in employee (Supervisor only)
  • POST /api/attendance/check-out - Check out employee (Supervisor only)
  • GET /api/attendance/summary/stats - Get attendance summary

Contractor Rates

  • GET /api/contractor-rates - Get contractor rates
  • GET /api/contractor-rates/contractor/:contractorId/current - Get current rate
  • POST /api/contractor-rates - Set contractor rate (Supervisor/SuperAdmin only)

Roles & Permissions

SuperAdmin

  • Full access to all features
  • Can create/manage all users and departments
  • Can view all data across departments

Supervisor

  • Can manage users (employees, contractors) in their department
  • Can create work allocations for their department
  • Can check in/out employees
  • Can set contractor rates
  • Can mark work as completed

Contractor

  • Can view work allocations assigned to them
  • Can view employees under them

Employee

  • Can view their own work allocations
  • Can view their attendance records
  • Can see contractor rates

Database Schema

Tables

  • departments - Main departments (Tudki, Dana, Groundnut)
  • sub_departments - Sub-departments (17 for Groundnut)
  • users - All users (SuperAdmin, Supervisor, Contractor, Employee)
  • contractor_rates - Contractor rate history
  • work_allocations - Work assignments
  • attendance - Check-in/out records

Development Notes

  • The server uses ES modules (type: "module" in package.json)
  • JWT tokens are used for authentication
  • Passwords are hashed using bcryptjs
  • All timestamps are in UTC
  • The API uses role-based access control (RBAC)