Todo API - NestJS REST API

About

Todo API is a NestJS REST API created as a learning project to get hands-on with NestJS, dependency injection, modules, and building production-style backends. It provides JWT authentication and CRUD operations for notes (or todos), with each user only able to access their own data.

Repository: github.com/HarshnaNHaswani/todo-api

Features

• JWT authentication – Sign up, login, and protected routes using JSON Web Tokens.
• CRUD for notes – Create, read, update, and delete notes with validation.
• User isolation – Notes are scoped per user; users only see and modify their own data.
• Input validation – Request validation via class-validator and class-transformer.
• Swagger documentation – Interactive API docs at /api when the server is running.
• Security – Passwords hashed with bcrypt, CORS configured, structured error responses.

Tech Stack

• NestJS – Framework and structure (modules, controllers, services, guards).
• TypeScript – End-to-end type safety.
• MongoDB + Mongoose – Data persistence and schemas.
• Passport + JWT – Authentication strategy and token handling.
• class-validator / class-transformer – DTO validation and serialization.
• Swagger/OpenAPI – API documentation.

What I Learned

Building this API was a focused way to learn NestJS: modules, decorators, guards, and the overall architecture. I got practical experience with JWT-based auth, Mongoose schemas, global pipes and exception filters, and keeping responses consistent. The project reinforced how to structure a backend so it stays testable and easy to extend.

API Overview

• Auth: POST /auth/signup, POST /auth/login
• Notes (protected): GET /notes, GET /notes/:id, POST /notes, PATCH /notes/:id, DELETE /notes/:id

Protected routes expect Authorization: Bearer <token>. Full details and request/response shapes are in the repo README and the Swagger UI when the app is running.