# Axion Backend API Backend server for the Axion HR/Payroll System with SQLite database. ## Features - SQLite database with comprehensive schema - RESTful API endpoints - JWT authentication - Role-based access control - CORS enabled for frontend integration ## Database Schema The database includes tables for: - Users (authentication) - Employees (extended employee info) - Timecards - Shifts (scheduling) - Disciplinary Actions - Receipts/Invoices - Payroll Runs - Payroll Line Items - Audit Logs - Performance Reviews - Documents ## Setup ### 1. Install Dependencies ```bash cd server npm install ``` ### 2. Initialize Database ```bash npm run init-db ``` This will: - Create the database file at `server/data/axion.db` - Create all tables - Insert default users (admin, hr, payroll, manager, employee) ### 3. Configure Environment Create a `.env` file: ```bash cp .env.example .env ``` Edit `.env` and set: - `PORT` - Server port (default: 3001) - `JWT_SECRET` - Secret key for JWT tokens (change in production!) ### 4. Start Server Development mode (with auto-reload): ```bash npm run dev ``` Production mode: ```bash npm start ``` The server will run on `http://localhost:3001` ## API Endpoints ### Authentication - `POST /api/auth/login` - Login with email/password - `GET /api/auth/me` - Get current user info ### Users - `GET /api/users` - Get all users (admin/hr only) - `GET /api/users/:id` - Get user by ID - `POST /api/users` - Create user (admin only) - `PUT /api/users/:id` - Update user (admin/hr only) - `DELETE /api/users/:id` - Delete user (admin only) ### Receipts - `GET /api/receipts` - Get receipts (filtered by user) - `GET /api/receipts/:id` - Get receipt by ID - `POST /api/receipts` - Create receipt (from OCR) - `PUT /api/receipts/:id` - Update receipt - `DELETE /api/receipts/:id` - Delete receipt ### Timecards - `GET /api/timecards` - Get timecards - `POST /api/timecards` - Create timecard - `PATCH /api/timecards/:id/status` - Update timecard status ## Default Users After initialization, these users are available: | Email | Password | Role | |-------|----------|------| | admin@company.com | admin123 | admin | | hr@company.com | hr123 | hr | | payroll@company.com | payroll123 | payroll | | manager@company.com | manager123 | manager | | employee@company.com | employee123 | employee | ## Database Location The SQLite database file is stored at: ``` server/data/axion.db ``` This file is gitignored. To backup, copy this file. ## Development ### Database Migrations To add new tables or modify schema: 1. Update `src/database/schema.sql` 2. Run `npm run init-db` (this will recreate the database) For production, use proper migration tools. ### Adding New Routes 1. Create route file in `src/routes/` 2. Import and use in `src/server.js` Example: ```javascript import newRoutes from './routes/new.js'; app.use('/api/new', newRoutes); ``` ## Production Considerations 1. **Change JWT_SECRET** - Use a strong, random secret 2. **Use PostgreSQL/MySQL** - SQLite is fine for development, but use a proper database for production 3. **Add rate limiting** - Prevent abuse 4. **Enable HTTPS** - Use reverse proxy (nginx) with SSL 5. **Database backups** - Set up regular backups 6. **Environment variables** - Never commit `.env` file ## Frontend Integration Update your frontend to use the API: ```javascript const API_URL = 'http://localhost:3001/api'; // Login const response = await fetch(`${API_URL}/auth/login`, { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ email, password }) }); const { token, user } = await response.json(); localStorage.setItem('token', token); // Authenticated requests const usersResponse = await fetch(`${API_URL}/users`, { headers: { 'Authorization': `Bearer ${token}` } }); ``` ## Troubleshooting ### Database locked error - SQLite uses WAL mode for better concurrency - If issues persist, check file permissions ### Port already in use - Change PORT in `.env` - Or kill the process using port 3001 ### Module not found - Run `npm install` again - Check Node.js version (requires Node 18+)