Full-stack Task Manager Dashboard with secure JWT authentication (httpOnly cookies), protected routes, user-specific tasks, and complete CRUD functionality.
Modern, production-ready authentication practices + responsive UI.
- Register / Login with strong password validation
- JWT + httpOnly, Secure, SameSite cookies
- Secure logout (cookie clearing)
- Backend route protection via middleware
- Frontend protected routes + auto-redirect
- Protected dashboard with user verification on mount
- Private tasks β each user sees only their own tasks
- Full CRUD operations:
- Create task
- List all user tasks
- Update task (title, description, status)
- Delete task
- Responsive & clean UI with Tailwind CSS
| Layer | Technologies |
|---|---|
| Frontend | React 18, React Router v6, Tailwind CSS, Vite, Fetch API |
| Backend | Node.js, Express.js, MongoDB + Mongoose |
| Auth | JWT (jsonwebtoken), bcrypt, cookie-parser |
| Security | httpOnly + Secure cookies, CORS, input validation |
| Other | dotenv, nodemon (dev) |
- User registers β password hashed with bcrypt
- User logs in β valid credentials β JWT signed
- JWT stored in httpOnly cookie (not accessible via JavaScript)
- Every protected request β cookie sent automatically β middleware verifies JWT
- Logout β clear cookie + 200 response
- Frontend checks auth status β redirects to login if invalid/expired
"dependencies": {
"bcrypt": "^6.0.0",
"cookie-parser": "^1.4.7",
"cors": "^2.8.6",
"dotenv": "^17.3.1",
"express": "^5.2.1",
"jsonwebtoken": "^9.0.3",
"mongoose": "^9.2.1"
} "dependencies": {
"@tailwindcss/vite": "^4.2.0",
"react": "^19.2.0",
"react-dom": "^19.2.0",
"react-router-dom": "^7.13.0",
"tailwindcss": "^4.2.0"
}Task-Manager-MERN/
βββ backend/
β βββ config/
β β βββ db.js
β βββ middleware/
β β βββ authMiddleware.js
β βββ models/
β β βββ Task.js
β β βββ User.js
β βββ routes/
β β βββ auth.js
β β βββ dashboard.js # optional / user info
β β βββ tasks.js
β βββ .env
β βββ server.js
β βββ package.json
β
βββ frontend/
β βββ public/
β βββ src/
β β βββ assets/
β β βββ components/ # (suggested: add if you refactor)
β β βββ pages/
β β β βββ Dashboard.jsx
β β β βββ Login.jsx
β β β βββ Register.jsx
β β βββ api.js # centralized API calls
β β βββ App.jsx
β β βββ main.jsx
β β βββ index.css
β βββ vite.config.js
β βββ package.json
β βββ .env.local (optional)
β
βββ .gitignore
βββ README.md
βββ LICENSE
To scale this application for production:
- Use HTTPS with
secure: truecookies - Implement refresh tokens with rotation
- Add rate limiting (express-rate-limit)
- Add request validation middleware (Joi/Zod)
- Implement CSRF protection
- Add Helmet for secure HTTP headers
- Deploy frontend on Vercel
- Deploy backend on Render / Railway / AWS
- Use MongoDB Atlas for cloud database
- Add Redis for caching frequent requests
- Use environment-based configuration
- Enable database indexing for faster queries
- Separate services (Auth Service / Task Service)
- Add logging (Winston / Morgan)
- Add monitoring (Sentry)
- Implement pagination & filtering
- Use Docker for containerization
- CI/CD pipeline with GitHub Actions
This architecture ensures horizontal scalability and production readiness.
git clone https://github.com/VipinKumar-70/Frontend-task-intern.git
cd Frontend-task-interncd backend
npm installCreate .env file:
PORT=3000
MONGO_URI=your_mongodb_connection
JWT_SECRET=your_secret_key
CLIENT_URL=http://localhost:5173Run backend:
run backendcd frontend
npm install
npm run devFrontend runs on:
- Implemented JWT authentication securely
- Used httpOnly cookies for improved security
- Built custom authentication middleware
- Protected frontend routes properly
- Structured scalable MERN application
- Implemented full CRUD functionality
Contributions are welcome! If you'd like to contribute to this project, please fork the repository and submit a pull request with your changes. Make sure to follow the standard coding conventions and best practices.
This project is licensed under the MIT License. See the LICENSE file for details. MIT License
If you have any questions or need further assistance, please don't hesitate to contact me at
Vipin Kumar. I'll be happy to help!




