Backend / API
REST API for job postings and applications built with Express and TypeScript. Mongoose models link users to jobs they create and jobs they apply to, with JWT-based sessions and role checks for admin-only user deletion. Request bodies for registration and login are validated with Joi; passwords are hashed with bcrypt. Routes are grouped under /api and /api/auth. No OpenAPI spec or health-check route is present in the repository.
API surface
Jobnest API — job board backend
/Returns a short welcome JSON message.
/api/auth/registerCreate a user account with validated registration fields.
/api/auth/loginAuthenticate and issue a JWT (cookie and JSON body).
/api/auth/logoutClear the auth cookie for the signed-in user.
/api/auth/usersList users (authenticated).
/api/auth/users/:idFetch one user by id (authenticated).
/api/auth/users/:idDelete a user by id (authenticated admin only).
/api/jobsList all jobs with sorting and populated relations.
/api/jobs/:idFetch a single job by id.
/api/jobsCreate a job for the authenticated user.
/api/jobs/:idUpdate a job if the caller is the creator.
/api/jobs/:idDelete a job if the caller is the creator.
/api/jobs/user/createdList jobs created by the authenticated user.
/api/jobs/user/appliedList jobs the authenticated user has applied to.
/api/jobs/apply/:idRecord an application to a job for the authenticated user.
Express app in src/index.ts mounts auth and job routers and connects Mongoose when MONGODB_URI is set.
HTTP routes live under src/routers/authRouter.ts and src/routers/jobRouter.ts (prefixes /api/auth and /api).
Controllers in src/controllers/* implement handlers and call Mongoose models User and Job.
Joi schemas in src/utils/validator.ts validate auth payloads; bcrypt hashing in src/utils/hashing.ts.
isAuthenticated verifies JWT from cookie or Bearer header and attaches req.user; isAdmin gates admin-only deletes.
No dedicated API versioning segment (e.g. /v1); public surface uses /api and /api/auth.