This is the backend API for the polling application, built with Node.js and Express. It is designed for clarity, security, and rapid prototyping, using an in-memory data store for simplicity.
- JWT Authentication: Only authenticated users can create polls.
- RESTful API: Endpoints for poll creation, voting, retrieval, and statistics.
- Vote Limiting: Each user (public or authenticated) can only vote once per poll.
- Input Validation: All inputs are validated using Joi.
- Security: Includes CORS, rate limiting, and security headers via Helmet.
- API Documentation: Interactive Swagger UI at
/api-docs.
- Node.js (>=18)
- Express.js
- Joi (validation)
- UUID (unique IDs)
- Helmet, CORS, express-rate-limit (security)
- Swagger (API docs)
src/controllers/– Request handlerssrc/services/– Business logicsrc/routes/– API route definitionssrc/middleware/– Authentication, validation, error handlingsrc/models/– Data models (in-memory)src/utils/– Utilities and logging
- Node.js (v18 or higher)
- npm
npm installnpm run dev- The API will be available at
http://localhost:3000 - Interactive API docs:
http://localhost:3000/api-docs - Health check:
http://localhost:3000/health
POST /api/auth/login– User login (returns JWT)POST /api/polls– Create poll (auth required)GET /api/polls– List all pollsGET /api/polls/:id– Get poll by IDPOST /api/polls/:id/vote– Vote on a poll (one vote per user)GET /api/polls/stats/overview– Poll statistics
Create a .env file in the server directory with the following content:
JWT_SECRET=your_super_secret_key
- In-Memory Store: Fast prototyping, no external DB required.
- Security First: Rate limiting, CORS, and Helmet out of the box.
- Clean Architecture: Clear separation between controllers, services, and middleware.
- Swagger Docs: Self-documented API for easy testing and review.