A comprehensive backend API system for managing land plots, tracking sales transactions, calculating commissions, and generating reports for Gbewaa Palace.
The CLMS is built with Node.js and Express.js, using SQLite for data persistence and JWT for authentication. The system follows a layered architecture with clear separation of concerns.
- Runtime: Node.js
- Framework: Express.js
- Database: SQLite (lightweight, file-based)
- ORM: Sequelize
- Authentication: JWT (JSON Web Tokens)
- Password Hashing: bcrypt
- PDF Generation: PDFKit
- Environment Management: dotenv
gbewaa-clms/
βββ config/
β βββ db.js # Database configuration
βββ controllers/
β βββ authController.js # Authentication endpoints
β βββ landController.js # Land management endpoints
β βββ transactionController.js # Transaction endpoints (planned)
β βββ reportsController.js # Reporting endpoints (planned)
βββ middlewares/
β βββ auth.js # JWT verification & role-based access
β βββ validation.js # Input validation utilities
βββ models/
β βββ index.js # Model relationships
β βββ User.js # User model with roles
β βββ LandPlot.js # Land plot model
β βββ Transaction.js # Transaction model
βββ routes/
β βββ auth.js # Authentication routes
β βββ lands.js # Land management routes
β βββ transactions.js # Transaction routes (planned)
β βββ reports.js # Reports routes (planned)
βββ services/
β βββ authService.js # Authentication business logic
β βββ landService.js # Land management business logic
β βββ transactionService.js # Transaction business logic (planned)
β βββ reportsService.js # Reports business logic (planned)
βββ tests/ # Test files
βββ utils/ # Utility functions
βββ .env # Environment variables
βββ database.sqlite # SQLite database file
βββ package.json # Dependencies and scripts
βββ server.js # Application entry point
- Node.js (v14 or higher)
- npm or yarn
-
Clone the repository
git clone <repository-url> cd clms-api
-
Install dependencies
npm install
-
Set up environment variables
cp .env.example .env # Edit .env with your configuration -
Initialize the database
node tests/test-db.js
-
Start the server
npm run dev # Development mode with nodemon # or npm start # Production mode
The server will start on http://localhost:3000
- ADMIN: Full system access including user management
- STAFF: Land management, transaction recording, receipt generation
- AUDITOR: Read-only access to reports and transaction data
- Login:
POST /api/auth/login - Get JWT token: Include in Authorization header as
Bearer <token> - Access protected routes: Token verified on each request
Create the first admin user:
node tests/test-auth-service.js| Method | Endpoint | Description | Access |
|---|---|---|---|
| POST | /api/auth/login |
User login | Public |
| POST | /api/auth/register |
Create new user | Admin only |
| GET | /api/auth/profile |
Get user profile | Private |
| POST | /api/auth/refresh |
Refresh JWT token | Private |
| PUT | /api/auth/change-password |
Change password | Private |
| Method | Endpoint | Description | Access |
|---|---|---|---|
| POST | /api/lands |
Create land plot | Admin/Staff |
| GET | /api/lands |
List all land plots | All users |
| GET | /api/lands/:id |
Get land plot by ID | All users |
| PUT | /api/lands/:id |
Update land plot | Admin/Staff |
| GET | /api/lands/available |
Get available plots | All users |
| PATCH | /api/lands/:id/mark-sold |
Mark plot as sold | Admin/Staff |
| GET | /api/lands/statistics |
Get plot statistics | All users |
page: Page number (default: 1)limit: Items per page (default: 10, max: 100)status: Filter by status (AVAILABLE, SOLD, DISPUTED, RESERVED)location: Filter by location (partial match)sortBy: Sort field (plotNumber, location, size, status, etc.)sortOrder: Sort order (ASC, DESC)
- AVAILABLE: Ready for sale
- SOLD: Transaction completed
- DISPUTED: Under dispute resolution
- RESERVED: Reserved for specific buyer
- ACRES: Imperial measurement
- HECTARES: Metric measurement
- SQ_METERS: Square meters
# Test database connection
node tests/test-db.js
# Test user model
node tests/test-user-model.js
# Test land plot model
node tests/test-landplot-model.js
# Test transaction model
node tests/test-transaction-model.js
# Test authentication service
node tests/test-auth-service.js
# Test authentication middleware
node tests/test-auth-middleware-simple.js
# Test land service
node tests/test-land-service.js
# Test land endpoints
node tests/test-land-endpoints.js
# Test authentication endpoints
node tests/test-auth-endpoints.js- β Database connection and synchronization
- β User model with authentication
- β Land plot model with validation
- β Transaction model with relationships
- β Authentication service (register, login, JWT)
- β Authentication middleware (token verification, roles)
- β Land service (CRUD operations)
- β Land controller (API endpoints)
- β Error handling and validation
- Database Setup: SQLite with Sequelize ORM
- User Management: Registration, authentication, role-based access
- Land Management: Full CRUD operations with filtering and pagination
- Security: JWT authentication, password hashing, input validation
- Testing: Comprehensive test suite for all implemented features
- Transaction Management: Sales recording with commission calculation
- PDF Receipt Generation: Automated receipt creation
- Reporting System: Business analytics and summaries
- API Documentation: Swagger/OpenAPI documentation
- Frontend Interface: Web dashboard (future phase)
# Database Configuration
DB_PATH=./database.sqlite
NODE_ENV=development
# JWT Configuration
JWT_SECRET=your-super-secret-jwt-key
JWT_EXPIRES_IN=24h
# Server Configuration
PORT=3000
# Application Settings
COMMISSION_RATE=0.10The system uses SQLite for simplicity and portability:
- File:
database.sqlite(created automatically) - No server setup required
- Easy backup: Just copy the database file
- Development friendly: Reset by deleting the file
- Password Hashing: bcrypt with 12 salt rounds
- JWT Tokens: Secure authentication with expiration
- Role-Based Access: Different permissions for different user types
- Input Validation: Prevent SQL injection and malicious data
- Error Handling: Secure error messages without sensitive data exposure
{
"success": true,
"message": "Operation completed successfully",
"data": {
// Response data here
}
}{
"success": false,
"error": {
"code": "ERROR_CODE",
"message": "Human readable error message",
"details": [] // Optional validation details
}
}- Follow the existing code structure and patterns
- Write tests for new features
- Use meaningful commit messages
- Update documentation for API changes
This project is proprietary software for Custom Land Commision.
For technical support or questions:
- Check the test files for usage examples
- Review the API endpoint documentation above
- Examine the service layer for business logic implementation