Monify is a high-performance, secure, and professional personal finance management backend. It provides a robust API for tracking income, expenses, and transfers with advanced features like role-based access control, JWT-based authentication, and a modular dashboard.
- Multi-Role RBAC: Support for
ADMIN,USER,ANALYST, andVIEWERroles. - Dual Token System: JWT-based access and refresh tokens with rotation and cookie support.
- API Key Protection: All endpoints (except health) require a valid
x-api-key. - Hardened: Built with
Helmet,CORS, and Redis-backedRate Limiting. - Audit Logs: Automatic tracking of sensitive database actions.
- Transactions: Create and manage Income, Expense, and Transfer records.
- Categorization: Customizable categories with metadata like colors and icons for UI integration.
- Dashboard API: Ready-to-use endpoints for summary stats, category-wise breakdowns, and spending trends.
- Swagger Documentation: Automated OpenAPI 3.0 documentation with role-based details.
- Validation: Strict runtime schema validation using
Zod. - Database: Type-safe queries with
PrismaandPostgreSQL. - Logging: Production-grade daily rotating logs using
Winston.
- Runtime: Node.js
- Language: TypeScript
- Framework: Express.js
- Database: PostgreSQL (Prisma ORM)
- Caching/Queue: Redis (for Rate Limiting)
- Validation: Zod
- Documentation: Swagger UI / zod-to-openapi
Monify/
├── server/
│ ├── prisma/ # Database schema and migrations
│ ├── scripts/ # Database seeding and utility scripts
│ ├── src/
│ │ ├── controllers/ # Request handling logic
│ │ ├── services/ # Business logic layer
│ │ ├── repositories/ # Data access layer (Prisma)
│ │ ├── routes/ # API route definitions
│ │ ├── middlewares/ # Auth, Role, Validation middlewares
│ │ ├── docs/ # Swagger/OpenAPI setup
│ │ ├── core/ # Standardized API response & error handling
│ │ ├── helpers/ # Utility & validator helpers
│ │ └── index.ts # Server entry point
│ ├── .env # Environment secrets
│ └── tsconfig.json # TypeScript configuration
└── .gitignore # Git ignore rules
- Node.js: v18+
- PostgreSQL: Running instance
- Redis: Running instance (for rate limiting)
git clone https://github.com/allanjoseph01/Monify.git
cd Monify/server
npm installCreate a .env file in the server/ directory:
PORT=8000
NODE_ENV=development
# Database
DATABASE_URL="postgresql://user:password@localhost:5432/monify"
# Redis (for Rate Limiting)
REDIS_URL="redis://localhost:6379"
# Security
JWT_PRIVATE_KEY="your_private_key"
JWT_PUBLIC_KEY="your_public_key"
ACCESS_TOKEN_VALIDITY_SEC=3600
REFRESH_TOKEN_VALIDITY_SEC=2592000
# API Key
X_API_KEY="your_secret_api_key"# Push schema to database
npx prisma db push
# (CRITICAL) Seed required roles
npx ts-node scripts/seed-roles.ts# Development mode
npm run dev
# Production build
npm run build
npm startOnce the server is running, visit:
http://localhost:8000/api-docs
Use the Authorize button to set your x-api-key.
| Endpoint Group | ADMIN | ANALYST | USER | VIEWER |
|---|---|---|---|---|
| Auth | ✅ | ✅ | ✅ | ✅ |
| Financial Records | Manages All | View All | View Own | View Only |
| User Mgmt | ✅ | ❌ | ❌ | ❌ |
| Dashboard | ✅ | ✅ | ❌ | ❌ |
This project is licensed under the ISC License.
Built with ❤️ for better financial management.