β Project Title: CSTech Admin Panel β Agent Management and CSV Distribution (MERN Stack)
π― Objective
To build a secure and scalable MERN stack admin panel that allows:
Admin login with CSRF protection
Agent creation, management, soft deletion & restoration
Upload and structured distribution of contact lists from CSV/XLSX files
Full login analytics and geoIP tracking
Dark/light mode and branded dashboard UI
βοΈ Implemented Features
π 1. Admin Authentication
- Secure login using Email & Password
- CSRF token protection with SameSite cookie handling
- JWT stored in HttpOnly cookies
- Rate limiting to prevent brute-force
- Location-based login alerts sent on new IP
- Protected routes via middleware (
auth,isAdmin) - Logout and current user fetch (
/me) - Login history analytics (
/login-analytics)
π₯ 2. Agent Management
- Create agent with: Name, Email, Mobile Number, Country Code, Password
- Strict validations (e.g., password strength, mobile format based on country)
- Soft delete an agent
- Restore a deleted agent
- Search, pagination, and inclusion of deleted agents
- Clear feedback messages on success/error
π 3. CSV/XLSX Upload & Distribution
- Upload files:
.csv,.xlsx,.xls(max 5MB) - Client-side & server-side file format validation
- Data must include: FirstName, Phone, Notes
- Tasks distributed evenly among 5 agents
- Remainders handled sequentially
- Data saved in MongoDB under timestamped batches
- History of uploaded batches retrievable with pagination, search, filters
- Each agentβs share displayed clearly
π 4. Dark/Light Mode Toggle
- Global
ThemeContextvia React - Toggle on Login & Dashboard pages
- Tailwind
darkMode: 'class'setup - Smooth transition animation
πΌοΈ 5. Branding & UI Polish
- Custom CSTech favicon and page title
- Removed default React branding
- Responsive layout and smooth UI interactions
- Alerts and modals (e.g., file validation, confirm deletion)
π οΈ Tech Stack
| Layer | Technology |
|---|---|
| Frontend | React.js + TailwindCSS |
| Backend | Node.js + Express.js |
| Database | MongoDB (Mongoose) |
| Auth | JWT + HttpOnly Cookies |
| Upload | Multer + Express Validator |
| Security | Helmet, mongoSanitize, Rate Limit, CSRF |
| Analytics | IP-based login history, location detection |
π§ͺ Tested Scenarios
β
Invalid login: shows proper message
β
Invalid email/password: handled
β
New IP: triggers geoIP email alert
β
Token tampering: access denied
β
Upload invalid file: error shown
β
File > 5MB: upload rejected
β
Less than 5 agents: distribution still succeeds
β
Agent with duplicate email: error shown
β
Restore deleted agent: success confirmed
β
Dark/light mode persists across pages
π How to Run Locally
π Backend
cd backend
npm install
npm run dev
π» Frontend
cd frontend
npm install
npm start
π .env File (backend)
env
Copy
Edit
PORT=5000
MONGO_URI=your_mongo_uri
JWT_SECRET=your_secret
NODE_ENV=development