Node.js/Express REST API for authentication, secure journaling, mood analytics, and chat session storage using MongoDB with field-level encryption.
- Node.js + Express
- MongoDB (Mongoose)
- JWT for auth, bcrypt for hashing
- AES-256-GCM for sensitive field encryption
- Auth: register, login, refresh tokens
- Journals: create/read/update/delete (encrypted content)
- Analytics: streaks, weekly mood trends, positivity score, pie chart data
- Chat: session creation, history persistence
- Prerequisites: Node 18+, MongoDB
- Install dependencies:
npm install
- Create .env (see below) and run in dev:
npm run dev
- MONGODB_URI=mongodb+srv://...
- JWT_SECRET=your_jwt_secret
- ENCRYPTION_KEY=32-byte-hex-or-base64
- PORT=3000
- CORS_ORIGIN=https://your-frontend
// Email configuration
- EMAIL_HOST=smtp.example.com
- EMAIL_PORT=587
- EMAIL_USER=your_smtp_username
- EMAIL_PASSWORD=your_smtp_password
- EMAIL_SECURE=false
- EMAIL_FROM="Eunoia no-reply@your-domain"
// bcrypt configuration
- BCRYPT_SALT_ROUNDS=10
- Auth:
POST /auth/register,POST /auth/login,POST /auth/refresh - Journals:
GET/POST /journals,GET/PUT/DELETE /journals/:id - Analytics:
GET /analytics/weekly,GET /analytics/streaks,GET /analytics/pie - Chat:
POST /chat/sessions,GET /chat/sessions/:id
npm run dev– start with nodemonnpm start– start production server
- Sensitive fields encrypted at rest using AES-256-GCM
- JWT-based auth on protected routes
- Works on Railway/Vercel/Render. Ensure environment variables are set and IP allowlist on MongoDB is configured.