EmployeeManagementSystem/backend/README.md

# Work Allocation Backend API

Simple Node.js/Express backend with MySQL database for the Work Allocation System.

## Setup

### 1. Install Dependencies

```bash
cd backend
npm install
```

### 2. Setup MySQL Database

1. Install MySQL if not already installed
2. Create the database and tables:

```bash
mysql -u root -p < database/schema.sql
```

Or manually:

- Login to MySQL: `mysql -u root -p`
- Run the SQL commands from `database/schema.sql`

### 3. Configure Environment

Copy `.env.example` to `.env` and update with your database credentials:

```bash
cp .env.example .env
```

Edit `.env`:

```env
DB_HOST=localhost
DB_USER=root
DB_PASSWORD=your_mysql_password
DB_NAME=work_allocation
DB_PORT=3306

JWT_SECRET=your_secret_key_here
JWT_EXPIRES_IN=7d

PORT=3000
```

### 4. Start Server

Development mode (with auto-reload):

```bash
npm run dev
```

Production mode:

```bash
npm start
```

The server will run on `http://localhost:3000`

## Default Credentials

**Super Admin:**

- Username: `admin`
- Password: `admin123`

**Note:** Change the default password immediately after first login!

## API Endpoints

### Authentication

- `POST /api/auth/login` - Login
- `GET /api/auth/me` - Get current user
- `POST /api/auth/change-password` - Change password

### Users

- `GET /api/users` - Get all users (with filters)
- `GET /api/users/:id` - Get user by ID
- `POST /api/users` - Create user
- `PUT /api/users/:id` - Update user
- `DELETE /api/users/:id` - Delete user

### Departments

- `GET /api/departments` - Get all departments
- `GET /api/departments/:id` - Get department by ID
- `GET /api/departments/:id/sub-departments` - Get sub-departments
- `POST /api/departments` - Create department (SuperAdmin only)
- `POST /api/departments/:id/sub-departments` - Create sub-department (SuperAdmin only)

### Work Allocations

- `GET /api/work-allocations` - Get all work allocations
- `GET /api/work-allocations/:id` - Get work allocation by ID
- `POST /api/work-allocations` - Create work allocation (Supervisor only)
- `PUT /api/work-allocations/:id/status` - Update status (Supervisor only)
- `DELETE /api/work-allocations/:id` - Delete work allocation (Supervisor only)

### Attendance

- `GET /api/attendance` - Get all attendance records
- `GET /api/attendance/:id` - Get attendance by ID
- `POST /api/attendance/check-in` - Check in employee (Supervisor only)
- `POST /api/attendance/check-out` - Check out employee (Supervisor only)
- `GET /api/attendance/summary/stats` - Get attendance summary

### Contractor Rates

- `GET /api/contractor-rates` - Get contractor rates
- `GET /api/contractor-rates/contractor/:contractorId/current` - Get current rate
- `POST /api/contractor-rates` - Set contractor rate (Supervisor/SuperAdmin only)

## Roles & Permissions

### SuperAdmin

- Full access to all features
- Can create/manage all users and departments
- Can view all data across departments

### Supervisor

- Can manage users (employees, contractors) in their department
- Can create work allocations for their department
- Can check in/out employees
- Can set contractor rates
- Can mark work as completed

### Contractor

- Can view work allocations assigned to them
- Can view employees under them

### Employee

- Can view their own work allocations
- Can view their attendance records
- Can see contractor rates

## Database Schema

### Tables

- `departments` - Main departments (Tudki, Dana, Groundnut)
- `sub_departments` - Sub-departments (17 for Groundnut)
- `users` - All users (SuperAdmin, Supervisor, Contractor, Employee)
- `contractor_rates` - Contractor rate history
- `work_allocations` - Work assignments
- `attendance` - Check-in/out records

## Development Notes

- The server uses ES modules (type: "module" in package.json)
- JWT tokens are used for authentication
- Passwords are hashed using bcryptjs
- All timestamps are in UTC
- The API uses role-based access control (RBAC)