A robust and scalable backend server for GitHub Club SRM (GCSRM) built with Node.js, Express.js, and MongoDB. This server provides RESTful APIs for managing club activities, events, team members, sponsors, certificates, and contact submissions.
- RESTful API Architecture - Clean and intuitive REST API design
- MongoDB Integration - Robust database management with Mongoose ODM
- Event Management - Complete CRUD operations for club events
- Team Management - Manage team members and their roles
- Sponsor Management - Track and manage club sponsors
- Certificate Generation - Automated certificate generation and verification system
- Contact Form Handler - Process and store contact form submissions with email notifications
- Interactive API Documentation - Swagger UI for easy API exploration and testing
- Security First - Helmet.js for security headers, CORS configuration
- Request Logging - Morgan for HTTP request logging
- Error Handling - Centralized error handling middleware
- Database Health Checks - Automatic connection monitoring
- Performance Monitoring - Sentry integration for error tracking
- Development Hot Reload - Nodemon for efficient development
- Runtime: Node.js (v16+)
- Framework: Express.js 5.x
- Database: MongoDB 6.x with Mongoose 8.x
- Language: JavaScript (ES6+)
- Security: Helmet, CORS
- Validation: Express-validator
- Logging: Morgan
- Documentation: Swagger (swagger-jsdoc, swagger-ui-express)
- Email: Nodemailer
- Image Processing: Sharp
- PDF Generation: PDFKit
- Font Handling: OpenType.js
- Monitoring: Sentry
- Environment: dotenv
- Process Manager: Nodemon
- Version Control: Git
The server follows a modular MVC (Model-View-Controller) architecture:
βββββββββββββββ
β Client β
ββββββββ¬βββββββ
β
βΌ
βββββββββββββββββββββββββββββββββββ
β Express.js Server β
β βββββββββββββββββββββββββββββ β
β β Middleware Layer β β
β β - CORS β β
β β - Helmet (Security) β β
β β - Request Logging β β
β β - Error Handling β β
β β - DB Health Check β β
β βββββββββββββββββββββββββββββ β
β βββββββββββββββββββββββββββββ β
β β Routes Layer β β
β β - /api/teams β β
β β - /api/sponsors β β
β β - /api/events β β
β β - /api/certificates β β
β β - /api/contact β β
β βββββββββββββββββββββββββββββ β
β βββββββββββββββββββββββββββββ β
β β Controllers Layer β β
β β - Business Logic β β
β β - Request Handling β β
β βββββββββββββββββββββββββββββ β
β βββββββββββββββββββββββββββββ β
β β Models Layer β β
β β - Mongoose Schemas β β
β β - Data Validation β β
β βββββββββββββββββββββββββββββ β
βββββββββββββββ¬ββββββββββββββββββββ
β
βΌ
βββββββββββββββββββ
β MongoDB β
βββββββββββββββββββ
Before you begin, ensure you have the following installed:
- Node.js (v16 or higher) - Download
- MongoDB (v6.x or higher) - Download or use MongoDB Atlas
- npm (comes with Node.js) or yarn
- Git - Download
-
Clone the repository
git clone https://github.com/SRM-IST-KTR/gcsrm_server.git cd gcsrm_server -
Install dependencies
npm install
-
Set up environment variables
Create a
.envfile in the root directory:cp .env.example .env
Then edit
.envwith your configuration (see Configuration section below). -
Start MongoDB
If using local MongoDB:
# macOS brew services start mongodb-community # Linux sudo systemctl start mongod # Windows net start MongoDB
-
Start the development server
npm run dev
-
Verify the installation
- API Server:
http://localhost:3000 - API Documentation:
http://localhost:3000/api-docs - Health Check:
http://localhost:3000/health
- API Server:
Create a .env file with the following variables:
# Server Configuration
PORT=3000
NODE_ENV=development
# Database Configuration
MONGODB_URI=mongodb://localhost:27017/gcsrm
DB_NAME=gcsrm
# CORS Configuration (for production)
# ALLOWED_ORIGINS=https://yourdomain.com,https://www.yourdomain.com
# Sentry Configuration (Optional - for error monitoring)
SENTRY_DSN=your_sentry_dsn_here
# Email Configuration (for contact form notifications)
ZOHO_SMTP_PASS=your_app_specific_password
ZOHO_SMTP_USER=[email protected]
# Certificate Configuration
CERTIFICATE_SECRET=YOUR_CERTIFICATE_SECRET| Variable | Description | Required | Default |
|---|---|---|---|
PORT |
Server port | No | 3000 |
NODE_ENV |
Environment (development/production) | No | development |
MONGODB_URI |
MongoDB connection string | Yes | - |
DB_NAME |
Database name | Yes | - |
SENTRY_DSN |
Sentry error tracking DSN | No | - |
ZOHO_SMTP_USER |
Email account username | Yes* | - |
ZOHO_SMTP_PASS |
Email account password | Yes* | - |
CERTIFICATE_SECRET |
Certificate verification | Yes* | - |
This project uses Swagger/OpenAPI for comprehensive, interactive API documentation.
Once the server is running, access the Swagger UI at:
http://localhost:3000/api-docs
The Swagger interface provides:
- π Complete API reference - All endpoints with descriptions
- π§ͺ Interactive testing - Try out APIs directly from the browser
- π Request/Response schemas - Detailed data models
- π Authentication details - Required headers and authorization
- π‘ Example requests - Sample payloads for each endpoint
gcsrm_server/
βββ src/
β βββ app.js # Express application setup
β βββ controller/ # Request handlers & business logic
β β βββ certificate.controller.js
β β βββ contact.controller.js
β β βββ event.controller.js
β β βββ sponsor.controller.js
β β βββ team.controller.js
β βββ middleware/ # Custom middleware functions
β β βββ dbCheck.js # Database health check
β β βββ errorMiddleware.js # Centralized error handling
β β βββ requestLogging.js # Request logging middleware
β βββ models/ # Mongoose schemas & models
β β βββ certificate.model.js
β β βββ event.model.js
β β βββ sponsor.model.js
β β βββ team.model.js
β βββ routes/ # API route definitions
β β βββ index.js # Main router
β β βββ certificate.route.js
β β βββ contact.route.js
β β βββ event.route.js
β β βββ sponsor.route.js
β β βββ team.route.js
β βββ utils/ # Helper functions & utilities
β βββ db.js # Database connection
β βββ instrument.js # Sentry instrumentation
β βββ mailer.js # Email service
β βββ swagger.js # Swagger configuration
β βββ certificates/ # Certificate generation
β βββ overlay-sharp.js # Image processing for certificates
βββ index.js # Application entry point
βββ package.json # Dependencies & scripts
βββ Dockerfile # Docker configuration
βββ vercel.json # Vercel deployment config
βββ .env # Environment variables (not in repo)
βββ .env.example # Environment template
βββ README.md # Project documentation
controllers/- Contains business logic and request handlingmodels/- Database schemas and data validation rulesroutes/- API endpoint definitions and route handlersmiddleware/- Custom Express middleware for cross-cutting concernsutils/- Helper functions, database connection, and utilities
# Start development server with hot reload
npm run dev
# Start production server
npm startThis project is configured for Vercel deployment.
-
Install Vercel CLI
npm install -g vercel
-
Deploy to Vercel
vercel
-
Production deployment
vercel --prod
-
Build Docker image
docker build -t gcsrm-server . -
Run container
docker run -p 3000:3000 --env-file .env gcsrm-server
Production Checklist:
- β
Set
NODE_ENV=production - β Use production MongoDB URI
- β Configure proper CORS origins
- β Set up Sentry DSN for error monitoring
- β Use strong email credentials
- β Enable HTTPS
- β Set up rate limiting (if needed)
- β Configure proper logging
- β Set up monitoring and alerts
Common HTTP Status Codes:
| Code | Meaning | Description |
|---|---|---|
| 200 | OK | Request successful |
| 201 | Created | Resource created successfully |
| 400 | Bad Request | Invalid request data |
| 404 | Not Found | Resource not found |
| 500 | Internal Server Error | Server error occurred |
This project is licensed under the ISC License. See the LICENSE file for details.
ISC License
Copyright (c) 2025 GitHub Club SRM
Permission to use, copy, modify, and/or distribute this software for any
purpose with or without fee is hereby granted, provided that the above
copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
Need help? We're here for you!
- π API Documentation: Visit
/api-docswhen the server is running - π Certificate System: See CERTIFICATE_SYSTEM.md
- π Bug Reports: Open an issue
- π‘ Feature Requests: Open an issue
- π¬ Discussions: GitHub Discussions
- π§ Email: [email protected]
- Express.js Documentation
- MongoDB Documentation
- Mongoose Documentation
- Node.js Documentation
- Swagger Documentation
If you discover a security vulnerability, please DO NOT open a public issue. Instead:
- Email us at [email protected]
- Include a detailed description of the vulnerability
- Provide steps to reproduce (if applicable)
- We'll respond within 48 hours
This project implements:
- β Helmet.js for security headers
- β CORS configuration
- β Input validation with express-validator
- β Environment variable protection
- β Error message sanitization
- β MongoDB injection prevention (via Mongoose)
- Database Indexing - Optimized queries with proper indexes
- Connection Pooling - Efficient database connection management
- Error Monitoring - Sentry integration for tracking issues
We use Sentry for:
- Error tracking
- Performance monitoring
- Release health tracking