IMSP Backend API Documentation

Overview
Authentication
Database Models
API Endpoints
Error Handling
File Upload
Environment Variables
Deployment

Overview

The Industrial Maintenance & Safety Portal (IMSP) Backend API is a RESTful service built with Node.js, Express.js, and MongoDB. It provides comprehensive endpoints for managing industrial maintenance operations, safety incidents, machine monitoring, and user management.

Technology Stack

Runtime: Node.js
Framework: Express.js
Database: MongoDB with Mongoose ODM
Authentication: JWT (JSON Web Tokens)
File Storage: Cloudinary
Password Hashing: bcryptjs
CORS: Enabled for cross-origin requests

Base URL

Development: http://localhost:5000
Production: https://your-domain.com

Authentication

The API uses JWT-based authentication with Bearer tokens.

Authentication Flow

User logs in with email/password
Server validates credentials
Server returns JWT token
Client includes token in Authorization header for protected routes

Token Format

Authorization: Bearer <jwt_token>

Token Expiration

Default: 7 days
Configurable via JWT_SECRET environment variable

Database Models

User Model

{
  name: {
    type: String,
    required: true,
    trim: true
  },
  email: {
    type: String,
    required: true,
    unique: true,
    lowercase: true
  },
  password: {
    type: String,
    required: true,
    minlength: 6
  },
  role: {
    type: String,
    enum: ["admin", "maintenance_engineer", "operator", "safety_officer"],
    default: "operator"
  },
  department: {
    type: String,
    enum: ["Rolling Mill", "Smelting", "Casting", "Quality Control", "Maintenance"],
    required: true
  },
  phone: {
    type: String,
    trim: true
  },
  isActive: {
    type: Boolean,
    default: true
  },
  createdAt: Date,
  updatedAt: Date
}

Role Permissions:

admin: Full system access
maintenance_engineer: Maintenance operations, machine management
safety_officer: Safety incidents, compliance monitoring
operator: Basic operations, reporting issues

Machine Model

{
  name: {
    type: String,
    required: true,
    trim: true
  },
  machineId: {
    type: String,
    required: true,
    unique: true
  },
  department: {
    type: String,
    enum: ["Rolling Mill", "Smelting", "Casting", "Quality Control"],
    required: true
  },
  status: {
    type: String,
    enum: ["Running", "Down", "Maintenance", "Idle"],
    default: "Idle"
  },
  location: {
    type: String,
    required: true
  },
  model: {
    type: String,
    required: true
  },
  manufacturer: {
    type: String,
    required: true
  },
  installationDate: {
    type: Date,
    required: true
  },
  lastMaintenanceDate: Date,
  nextMaintenanceDate: Date,
  operatingHours: {
    type: Number,
    default: 0
  },
  specifications: {
    capacity: String,
    power: String,
    dimensions: String,
    weight: String
  },
  qrCode: {
    type: String,
    unique: true
  },
  isActive: {
    type: Boolean,
    default: true
  },
  createdAt: Date,
  updatedAt: Date
}

Ticket Model

{
  ticketNumber: {
    type: String,
    required: true,
    unique: true,
    auto-generated: "TKT-XXXXXX"
  },
  title: {
    type: String,
    required: true,
    trim: true
  },
  description: {
    type: String,
    required: true
  },
  machine: {
    type: ObjectId,
    ref: "Machine",
    required: true
  },
  reportedBy: {
    type: ObjectId,
    ref: "User",
    required: true
  },
  assignedTo: {
    type: ObjectId,
    ref: "User"
  },
  priority: {
    type: String,
    enum: ["Low", "Medium", "High", "Critical"],
    default: "Medium"
  },
  status: {
    type: String,
    enum: ["Pending", "In Progress", "Resolved", "Closed"],
    default: "Pending"
  },
  category: {
    type: String,
    enum: ["Electrical", "Mechanical", "Hydraulic", "Pneumatic", "Software", "Other"],
    required: true
  },
  estimatedHours: Number,
  actualHours: Number,
  comments: [{
    user: { type: ObjectId, ref: "User" },
    comment: String,
    timestamp: { type: Date, default: Date.now }
  }],
  attachments: [{
    filename: String,
    originalName: String,
    path: String,
    uploadedBy: { type: ObjectId, ref: "User" },
    uploadedAt: { type: Date, default: Date.now }
  }],
  resolvedAt: Date,
  closedAt: Date,
  createdAt: Date,
  updatedAt: Date
}

Incident Model

{
  incidentNumber: {
    type: String,
    required: true,
    unique: true,
    auto-generated: "INC-XXXXXX"
  },
  title: {
    type: String,
    required: true,
    trim: true
  },
  description: {
    type: String,
    required: true
  },
  type: {
    type: String,
    enum: ["Near Miss", "Injury", "Property Damage", "Environmental", "Security"],
    required: true
  },
  severity: {
    type: String,
    enum: ["Low", "Medium", "High", "Critical"],
    required: true
  },
  location: {
    type: String,
    required: true
  },
  department: {
    type: String,
    enum: ["Rolling Mill", "Smelting", "Casting", "Quality Control", "Maintenance"],
    required: true
  },
  reportedBy: {
    type: ObjectId,
    ref: "User",
    required: true
  },
  involvedPersons: [{
    name: String,
    role: String,
    department: String
  }],
  witnesses: [{
    name: String,
    contact: String
  }],
  immediateActions: String,
  rootCause: String,
  correctiveActions: [{
    action: String,
    assignedTo: { type: ObjectId, ref: "User" },
    dueDate: Date,
    status: {
      type: String,
      enum: ["Pending", "In Progress", "Completed"],
      default: "Pending"
    }
  }],
  status: {
    type: String,
    enum: ["Open", "Under Investigation", "Closed"],
    default: "Open"
  },
  attachments: [{
    filename: String,
    originalName: String,
    path: String,
    uploadedBy: { type: ObjectId, ref: "User" },
    uploadedAt: { type: Date, default: Date.now }
  }],
  incidentDate: {
    type: Date,
    required: true
  },
  closedAt: Date,
  createdAt: Date,
  updatedAt: Date
}

MaintenanceSchedule Model

{
  machine: {
    type: ObjectId,
    ref: "Machine",
    required: true
  },
  title: {
    type: String,
    required: true
  },
  description: String,
  type: {
    type: String,
    enum: ["Preventive", "Predictive", "Corrective", "Emergency"],
    default: "Preventive"
  },
  frequency: {
    type: String,
    enum: ["Daily", "Weekly", "Monthly", "Quarterly", "Semi-Annual", "Annual", "Custom"],
    required: true
  },
  scheduledDate: {
    type: Date,
    required: true
  },
  estimatedDuration: {
    type: Number, // in hours
    required: true
  },
  assignedTo: {
    type: ObjectId,
    ref: "User"
  },
  status: {
    type: String,
    enum: ["Scheduled", "In Progress", "Completed", "Overdue", "Cancelled"],
    default: "Scheduled"
  },
  priority: {
    type: String,
    enum: ["Low", "Medium", "High", "Critical"],
    default: "Medium"
  },
  checklist: [{
    task: String,
    completed: { type: Boolean, default: false },
    notes: String
  }],
  actualStartTime: Date,
  actualEndTime: Date,
  notes: String,
  nextScheduledDate: Date,
  reminderSent: { type: Boolean, default: false },
  attachments: [{
    filename: String,
    originalName: String,
    path: String,
    uploadedBy: { type: ObjectId, ref: "User" },
    uploadedAt: { type: Date, default: Date.now }
  }],
  completedBy: { type: ObjectId, ref: "User" },
  completedAt: Date,
  partsUsed: [{
    partName: String,
    quantity: Number,
    cost: Number
  }],
  totalCost: { type: Number, default: 0 },
  createdAt: Date,
  updatedAt: Date
}

API Endpoints

Authentication Endpoints

POST /api/auth/register

Request Body:

{
  "name": "John Doe",
  "email": "john@example.com",
  "password": "password123",
  "role": "maintenance_engineer",
  "department": "Maintenance",
  "phone": "+1234567890"
}

Response:

{
  "token": "jwt_token_here",
  "user": {
    "id": "user_id",
    "name": "John Doe",
    "email": "john@example.com",
    "role": "maintenance_engineer",
    "department": "Maintenance"
  }
}

POST /api/auth/login

Authenticate user and get token.

Request Body:

{
  "email": "john@example.com",
  "password": "password123"
}

Response:

{
  "token": "jwt_token_here",
  "user": {
    "id": "user_id",
    "name": "John Doe",
    "email": "john@example.com",
    "role": "maintenance_engineer",
    "department": "Maintenance"
  }
}

GET /api/auth/me

Get current user information.

Headers:

Authorization: Bearer <token>

Response:

{
  "user": {
    "id": "user_id",
    "name": "John Doe",
    "email": "john@example.com",
    "role": "maintenance_engineer",
    "department": "Maintenance"
  }
}

Machine Endpoints

GET /api/machines

Get all machines with optional filtering.

Query Parameters:

department: Filter by department
status: Filter by status
search: Search by name, machineId, or location

Headers:

Authorization: Bearer <token>

Response:

[
  {
    "_id": "machine_id",
    "name": "Rolling Mill #1",
    "machineId": "RM-001",
    "department": "Rolling Mill",
    "status": "Running",
    "location": "Building A - Floor 1",
    "model": "RM-2000X",
    "manufacturer": "SteelTech Industries",
    "installationDate": "2020-01-15T00:00:00.000Z",
    "operatingHours": 8760,
    "specifications": {
      "capacity": "500 tons/hour",
      "power": "2000 kW",
      "dimensions": "15m x 8m x 6m",
      "weight": "150 tons"
    },
    "qrCode": "QR-RM-001",
    "isActive": true,
    "createdAt": "2024-01-01T00:00:00.000Z",
    "updatedAt": "2024-01-01T00:00:00.000Z"
  }
]

GET /api/machines/:id

Get machine by ID.

Headers:

Authorization: Bearer <token>

Response:

{
  "_id": "machine_id",
  "name": "Rolling Mill #1",
  "machineId": "RM-001",
  // ... other machine fields
}

POST /api/machines

Create a new machine.

Required Role: admin, maintenance_engineer

Headers:

Authorization: Bearer <token>
Content-Type: application/json

Request Body:

{
  "name": "New Machine",
  "machineId": "NM-001",
  "department": "Rolling Mill",
  "location": "Building A - Floor 2",
  "model": "NM-1000",
  "manufacturer": "TechCorp",
  "installationDate": "2024-01-01",
  "specifications": {
    "capacity": "100 tons/hour",
    "power": "500 kW",
    "dimensions": "10m x 5m x 3m",
    "weight": "50 tons"
  }
}

PUT /api/machines/:id

Update machine information.

Required Role: admin, maintenance_engineer

Headers:

Authorization: Bearer <token>
Content-Type: application/json

PATCH /api/machines/:id/status

Update machine status only.

Headers:

Authorization: Bearer <token>
Content-Type: application/json

Request Body:

{
  "status": "Maintenance"
}

DELETE /api/machines/:id

Soft delete machine (sets isActive to false).

Required Role: admin

Headers:

Authorization: Bearer <token>

Ticket Endpoints

GET /api/tickets

Get all tickets with pagination and filtering.

Query Parameters:

status: Filter by status
priority: Filter by priority
assignedTo: Filter by assigned user
department: Filter by department
page: Page number (default: 1)
limit: Items per page (default: 10)

Headers:

Authorization: Bearer <token>

Response:

{
  "tickets": [
    {
      "_id": "ticket_id",
      "ticketNumber": "TKT-000001",
      "title": "Hydraulic leak in Rolling Mill #1",
      "description": "Small hydraulic leak detected...",
      "machine": {
        "_id": "machine_id",
        "name": "Rolling Mill #1",
        "machineId": "RM-001",
        "department": "Rolling Mill"
      },
      "reportedBy": {
        "_id": "user_id",
        "name": "Jane Operator",
        "email": "jane@example.com",
        "department": "Rolling Mill"
      },
      "assignedTo": {
        "_id": "user_id",
        "name": "John Engineer",
        "email": "john@example.com"
      },
      "priority": "High",
      "status": "In Progress",
      "category": "Hydraulic",
      "estimatedHours": 6,
      "comments": [],
      "attachments": [],
      "createdAt": "2024-01-25T09:00:00.000Z",
      "updatedAt": "2024-01-25T10:30:00.000Z"
    }
  ],
  "totalPages": 5,
  "currentPage": 1,
  "total": 50
}

GET /api/tickets/:id

Get ticket by ID with full details.

Headers:

Authorization: Bearer <token>

Response:

{
  "_id": "ticket_id",
  "ticketNumber": "TKT-000001",
  "title": "Hydraulic leak in Rolling Mill #1",
  "description": "Small hydraulic leak detected...",
  "machine": {
    "_id": "machine_id",
    "name": "Rolling Mill #1",
    "machineId": "RM-001",
    "department": "Rolling Mill",
    "location": "Building A - Floor 1"
  },
  "reportedBy": {
    "_id": "user_id",
    "name": "Jane Operator",
    "email": "jane@example.com",
    "department": "Rolling Mill"
  },
  "assignedTo": {
    "_id": "user_id",
    "name": "John Engineer",
    "email": "john@example.com",
    "department": "Maintenance"
  },
  "priority": "High",
  "status": "In Progress",
  "category": "Hydraulic",
  "estimatedHours": 6,
  "comments": [
    {
      "user": {
        "_id": "user_id",
        "name": "Jane Operator",
        "email": "jane@example.com"
      },
      "comment": "Leak first noticed during morning shift. Getting worse.",
      "timestamp": "2024-01-25T09:00:00.000Z"
    }
  ],
  "attachments": [],
  "createdAt": "2024-01-25T09:00:00.000Z",
  "updatedAt": "2024-01-25T10:30:00.000Z"
}

POST /api/tickets

Create a new maintenance ticket.

Headers:

Authorization: Bearer <token>
Content-Type: application/json

Request Body:

{
  "title": "Machine malfunction",
  "description": "Detailed description of the issue",
  "machine": "machine_id",
  "priority": "High",
  "category": "Mechanical",
  "estimatedHours": 4
}

Response:

{
  "_id": "ticket_id",
  "ticketNumber": "TKT-000002",
  "title": "Machine malfunction",
  "description": "Detailed description of the issue",
  "machine": {
    "_id": "machine_id",
    "name": "Machine Name",
    "machineId": "M-001",
    "department": "Department"
  },
  "reportedBy": {
    "_id": "user_id",
    "name": "Current User",
    "email": "user@example.com",
    "department": "Department"
  },
  "priority": "High",
  "status": "Pending",
  "category": "Mechanical",
  "estimatedHours": 4,
  "createdAt": "2024-01-25T12:00:00.000Z",
  "updatedAt": "2024-01-25T12:00:00.000Z"
}

PUT /api/tickets/:id

Update ticket information.

Headers:

Authorization: Bearer <token>
Content-Type: application/json

Request Body:

{
  "status": "Resolved",
  "assignedTo": "user_id",
  "actualHours": 5,
  "resolvedAt": "2024-01-25T16:00:00.000Z"
}

POST /api/tickets/:id/comments

Add comment to ticket.

Headers:

Authorization: Bearer <token>
Content-Type: application/json

Request Body:

{
  "comment": "Work in progress. Ordered replacement parts."
}

POST /api/tickets/:id/attachments

Upload attachment to ticket.

Headers:

Authorization: Bearer <token>
Content-Type: multipart/form-data

Form Data:

file: File to upload (max 10MB)

Incident Endpoints

GET /api/incidents

Get all incidents with pagination and filtering.

Query Parameters:

type: Filter by incident type
severity: Filter by severity
status: Filter by status
department: Filter by department
page: Page number (default: 1)
limit: Items per page (default: 10)

Headers:

Authorization: Bearer <token>

Response:

{
  "incidents": [
    {
      "_id": "incident_id",
      "incidentNumber": "INC-000001",
      "title": "Near miss - Falling object",
      "description": "A loose bolt fell from overhead equipment...",
      "type": "Near Miss",
      "severity": "Medium",
      "location": "Building A - Rolling Mill Section",
      "department": "Rolling Mill",
      "reportedBy": {
        "_id": "user_id",
        "name": "Jane Operator",
        "email": "jane@example.com",
        "department": "Rolling Mill"
      },
      "status": "Under Investigation",
      "incidentDate": "2024-01-20T14:30:00.000Z",
      "createdAt": "2024-01-20T15:00:00.000Z",
      "updatedAt": "2024-01-20T15:00:00.000Z"
    }
  ],
  "totalPages": 3,
  "currentPage": 1,
  "total": 25
}

GET /api/incidents/:id

Get incident by ID with full details.

Headers:

Authorization: Bearer <token>

POST /api/incidents

Create a new safety incident.

Headers:

Authorization: Bearer <token>
Content-Type: application/json

Request Body:

{
  "title": "Safety incident title",
  "description": "Detailed description of what happened",
  "type": "Near Miss",
  "severity": "Medium",
  "location": "Specific location",
  "department": "Rolling Mill",
  "incidentDate": "2024-01-20T14:30:00.000Z",
  "involvedPersons": [
    {
      "name": "Person Name",
      "role": "Operator",
      "department": "Rolling Mill"
    }
  ],
  "witnesses": [
    {
      "name": "Witness Name",
      "contact": "+1234567890"
    }
  ],
  "immediateActions": "Actions taken immediately after the incident"
}

PUT /api/incidents/:id

Update incident information.

Required Role: admin, safety_officer

Headers:

Authorization: Bearer <token>
Content-Type: application/json

POST /api/incidents/:id/attachments

Upload attachment to incident.

Headers:

Authorization: Bearer <token>
Content-Type: multipart/form-data

Maintenance Schedule Endpoints

GET /api/maintenance

Get all maintenance schedules with filtering.

Query Parameters:

status: Filter by status
machine: Filter by machine ID
assignedTo: Filter by assigned user
startDate: Filter by start date (YYYY-MM-DD)
endDate: Filter by end date (YYYY-MM-DD)

Headers:

Authorization: Bearer <token>

Response:

[
  {
    "_id": "schedule_id",
    "machine": {
      "_id": "machine_id",
      "name": "Rolling Mill #1",
      "machineId": "RM-001",
      "department": "Rolling Mill",
      "location": "Building A - Floor 1"
    },
    "title": "Monthly Hydraulic System Check",
    "description": "Check hydraulic fluid levels...",
    "type": "Preventive",
    "frequency": "Monthly",
    "scheduledDate": "2024-02-10T00:00:00.000Z",
    "estimatedDuration": 4,
    "assignedTo": {
      "_id": "user_id",
      "name": "John Engineer",
      "email": "john@example.com",
      "department": "Maintenance"
    },
    "status": "Scheduled",
    "priority": "Medium",
    "checklist": [
      {
        "task": "Check hydraulic fluid level",
        "completed": false,
        "notes": ""
      }
    ],
    "createdAt": "2024-01-01T00:00:00.000Z",
    "updatedAt": "2024-01-01T00:00:00.000Z"
  }
]

GET /api/maintenance/:id

Get maintenance schedule by ID.

Headers:

Authorization: Bearer <token>

POST /api/maintenance

Create new maintenance schedule.

Required Role: admin, maintenance_engineer

Headers:

Authorization: Bearer <token>
Content-Type: application/json

Request Body:

{
  "machine": "machine_id",
  "title": "Maintenance task title",
  "description": "Detailed description",
  "type": "Preventive",
  "frequency": "Monthly",
  "scheduledDate": "2024-02-10",
  "estimatedDuration": 4,
  "assignedTo": "user_id",
  "priority": "Medium",
  "checklist": [
    {
      "task": "Task description",
      "completed": false
    }
  ]
}

PUT /api/maintenance/:id

Update maintenance schedule.

Required Role: admin, maintenance_engineer

Headers:

Authorization: Bearer <token>
Content-Type: application/json

PATCH /api/maintenance/:id/checklist/:itemIndex

Update specific checklist item.

Headers:

Authorization: Bearer <token>
Content-Type: application/json

Request Body:

{
  "completed": true,
  "notes": "Task completed successfully"
}

GET /api/maintenance/calendar/:year/:month

Get maintenance schedules for specific month.

Headers:

Authorization: Bearer <token>

Response:

[
  {
    "_id": "schedule_id",
    "machine": {
      "_id": "machine_id",
      "name": "Rolling Mill #1",
      "machineId": "RM-001",
      "department": "Rolling Mill"
    },
    "title": "Monthly Hydraulic System Check",
    "scheduledDate": "2024-02-10T00:00:00.000Z",
    "estimatedDuration": 4,
    "assignedTo": {
      "_id": "user_id",
      "name": "John Engineer",
      "email": "john@example.com"
    },
    "status": "Scheduled",
    "priority": "Medium"
  }
]

[
  {
    "_id": "Near Miss",
    "count": 8
  },
  {
    "_id": "Injury",
    "count": 3
  },
  {
    "_id": "Property Damage",
    "count": 2
  }
]

GET /api/analytics/incidents/monthly-trends

Get monthly incident trends for last 12 months.

Headers:

Authorization: Bearer <token>

GET /api/analytics/maintenance/completion-rate

Get maintenance completion rate.

Headers:

Authorization: Bearer <token>

Response:

{
  "completionRate": 85.5,
  "completed": 34,
  "total": 40
}

File Upload Endpoints

POST /api/upload/single

Upload single file to Cloudinary.

Headers:

Authorization: Bearer <token>
Content-Type: multipart/form-data

Form Data:

file: File to upload (max 10MB)

Response:

{
  "message": "File uploaded successfully",
  "file": {
    "url": "https://res.cloudinary.com/...",
    "public_id": "imsp/1234567890",
    "original_name": "document.pdf",
    "size": 1024000
  }
}

POST /api/upload/multiple

Upload multiple files (max 5).

Headers:

Authorization: Bearer <token>
Content-Type: multipart/form-data

Form Data:

files: Array of files to upload

DELETE /api/upload/:public_id

Delete file from Cloudinary.

Headers:

Authorization: Bearer <token>

Error Handling

Error Response Format

{
  "message": "Error description",
  "error": "Detailed error information (development only)"
}

HTTP Status Codes

Code	Description
200	OK - Request successful
201	Created - Resource created successfully
400	Bad Request - Invalid request data
401	Unauthorized - Authentication required
403	Forbidden - Insufficient permissions
404	Not Found - Resource not found
409	Conflict - Resource already exists
422	Unprocessable Entity - Validation error
500	Internal Server Error - Server error

Common Error Responses

Authentication Error:

{
  "message": "No token, authorization denied"
}

Validation Error:

{
  "message": "Validation failed",
  "errors": [
    {
      "field": "email",
      "message": "Email is required"
    }
  ]
}

Permission Error:

{
  "message": "Access denied. Insufficient permissions."
}

Resource Not Found:

{
  "message": "Machine not found"
}

File Upload

Supported File Types

Images: JPG, JPEG, PNG, GIF
Documents: PDF, DOC, DOCX
Maximum Size: 10MB per file
Storage: Cloudinary cloud storage

Upload Configuration

const storage = new CloudinaryStorage({
  cloudinary: cloudinary,
  params: {
    folder: "imsp",
    allowed_formats: ["jpg", "jpeg", "png", "pdf", "doc", "docx"],
    resource_type: "auto",
    public_id: (req, file) => {
      return `${Date.now()}-${Math.round(Math.random() * 1e9)}`
    }
  }
})

File URL Format

https://res.cloudinary.com/{cloud_name}/image/upload/v{version}/{public_id}.{format}

Environment Variables

Required Variables

NODE_ENV=development|production
PORT=5000
MONGODB_URI=mongodb://localhost:27017/imsp
JWT_SECRET=your-super-secret-jwt-key-here
CORS_ORIGIN=http://localhost:3000

Optional Variables

# Cloudinary Configuration
CLOUDINARY_CLOUD_NAME=your_cloud_name
CLOUDINARY_API_KEY=your_api_key
CLOUDINARY_API_SECRET=your_api_secret

# Email Configuration
EMAIL_HOST=smtp.gmail.com
EMAIL_PORT=587
EMAIL_USER=your-email@gmail.com
EMAIL_PASS=your-app-password

# SMS Configuration (Twilio)
TWILIO_ACCOUNT_SID=your-twilio-sid
TWILIO_AUTH_TOKEN=your-twilio-token
TWILIO_PHONE_NUMBER=your-twilio-phone

Deployment

Production Checklist

Environment Variables
- Set NODE_ENV=production
- Use strong JWT_SECRET
- Configure production database URI
- Set up Cloudinary credentials
Database
- Use MongoDB Atlas for production
- Enable authentication
- Set up proper indexes
- Configure backup strategy
Security
- Enable HTTPS
- Configure CORS properly
- Use environment variables for secrets
- Implement rate limiting
Monitoring
- Set up error logging
- Monitor API performance
- Track database queries
- Set up health checks

Deployment Platforms

Railway:

# Install Railway CLI
npm install -g @railway/cli

# Login and deploy
railway login
railway init
railway up

Heroku:

# Install Heroku CLI
npm install -g heroku

# Create app and deploy
heroku create your-app-name
git push heroku main

Render:

Connect GitHub repository
Set environment variables
Deploy automatically on push

Health Check Endpoint

GET /api/health

Response:

{
  "message": "IMSP API is running!",
  "timestamp": "2024-01-25T12:00:00.000Z",
  "environment": "production"
}

Rate Limiting

Default Limits

Authentication endpoints: 5 requests per 15 minutes
General API: 100 requests per 15 minutes
File upload: 10 requests per hour

Implementation

const rateLimit = require("express-rate-limit")

const authLimiter = rateLimit({
  windowMs: 15 * 60 * 1000, // 15 minutes
  max: 5, // limit each IP to 5 requests per windowMs
  message: "Too many authentication attempts, please try again later."
})

app.use("/api/auth", authLimiter)

Database Indexes

Recommended Indexes

// Users
db.users.createIndex({ email: 1 }, { unique: true })
db.users.createIndex({ role: 1 })
db.users.createIndex({ department: 1 })

// Machines
db.machines.createIndex({ machineId: 1 }, { unique: true })
db.machines.createIndex({ department: 1 })
db.machines.createIndex({ status: 1 })
db.machines.createIndex({ isActive: 1 })

// Tickets
db.tickets.createIndex({ ticketNumber: 1 }, { unique: true })
db.tickets.createIndex({ machine: 1 })
db.tickets.createIndex({ reportedBy: 1 })
db.tickets.createIndex({ assignedTo: 1 })
db.tickets.createIndex({ status: 1 })
db.tickets.createIndex({ priority: 1 })
db.tickets.createIndex({ createdAt: -1 })

// Incidents
db.incidents.createIndex({ incidentNumber: 1 }, { unique: true })
db.incidents.createIndex({ reportedBy: 1 })
db.incidents.createIndex({ department: 1 })
db.incidents.createIndex({ type: 1 })
db.incidents.createIndex({ severity: 1 })
db.incidents.createIndex({ status: 1 })
db.incidents.createIndex({ incidentDate: -1 })

// Maintenance Schedules
db.maintenanceschedules.createIndex({ machine: 1 })
db.maintenanceschedules.createIndex({ assignedTo: 1 })
db.maintenanceschedules.createIndex({ scheduledDate: 1 })
db.maintenanceschedules.createIndex({ status: 1 })

This documentation provides a comprehensive overview of the IMSP Backend API. For additional support or questions, please refer to the project repository or contact the development team.

To configure the generation, complete these steps:

Setup Integrations

Prerequisites Installation

1. Install Node.js and npm

2. Install Git (if not already installed)

3. Create React App (Optional - for new projects)

Frontend Setup Commands

1. Navigate to Frontend Directory

2. Install Frontend Dependencies

3. Install Development Dependencies

4. Initialize Tailwind CSS

5. Create Environment File

Complete Package Installation

Quick Installation Script

‍️ Running the Frontend

Verify Installation

Common Issues & Solutions

IMSP Backend API Documentation

Table of Contents

Overview

Technology Stack

Base URL

Authentication

Authentication Flow

Token Format

Token Expiration

Database Models

User Model

Machine Model

Ticket Model

Incident Model

MaintenanceSchedule Model

API Endpoints

Authentication Endpoints

POST /api/auth/register

POST /api/auth/login

GET /api/auth/me

Machine Endpoints

GET /api/machines

GET /api/machines/:id

POST /api/machines

PUT /api/machines/:id

PATCH /api/machines/:id/status

DELETE /api/machines/:id

Ticket Endpoints

GET /api/tickets

GET /api/tickets/:id

POST /api/tickets

PUT /api/tickets/:id

POST /api/tickets/:id/comments

POST /api/tickets/:id/attachments

Incident Endpoints

GET /api/incidents

GET /api/incidents/:id

POST /api/incidents

PUT /api/incidents/:id

POST /api/incidents/:id/attachments

Maintenance Schedule Endpoints

GET /api/maintenance

GET /api/maintenance/:id

POST /api/maintenance

PUT /api/maintenance/:id

PATCH /api/maintenance/:id/checklist/:itemIndex

GET /api/maintenance/calendar/:year/:month

Analytics Endpoints

GET /api/analytics/dashboard

GET /api/analytics/machines/status-distribution

GET /api/analytics/machines/department-distribution

GET /api/analytics/tickets/trends

GET /api/analytics/tickets/mttr

GET /api/analytics/incidents/type-trends

GET /api/analytics/incidents/monthly-trends

GET /api/analytics/maintenance/completion-rate

File Upload Endpoints

POST /api/upload/single

POST /api/upload/multiple

DELETE /api/upload/:public_id

Error Handling

Error Response Format

HTTP Status Codes

Common Error Responses

File Upload