A single-page web application that helps users monitor and categorise their spending. The app helps users record, search, categorise and review their spending. Registered users can manage their own expenses and administrators can manage user accounts and review user activity logs.
- Frontend: Svelte
- Backend: SvelteKit server Node.js
- Database: MongoDB
- Authentication: JWT stored in a cookie
- Password security: bcrypt password hashing
- Styling: CSS with custom global variables and Google Fonts
- User registration and login
- Password hashing with bcrypt
- JWT-based session authentication
- Role based access control for admin only pages and API routes
- Create, read, update and delete expenses
- Live expense search as the user types
- Category filtering
- Spending summary by category and month
- Admin user management including updating names/roles and deleting users
- Admin activity log for login, logout, uswer and expense actions
- Popup notifications for completed actions and errors
- Delete confirmation dialogs
- Client side and server side validation for form inputs
- Loading and error states for API/database failures
- Responsive layout for desktop and mobile
This assignment requires at least three conceptual entities. This project uses:
- user: users can register/login, and admins can read, update and delete user accounts.
- expense: authenticated users can create, read, update, delete, search and filter their expenses.
user_activity: the app creates and reads activity records for login, logout, expense CRUD and admin user management actions.
This project uses SvelteKit so the frontend and backend are kept in the same src tree instead of separate top-level frontend and backend folders.
- Install dependencies
npm install- Create a .env file in the project root
MONGODB_URI=mongodb://localhost:27017
MONGODB_DB=expense_tracker
JWT_SECRET=replace_this_with_a_long_random_secret-
Make sure MongoDB is running locally or update MONGODB_URI to point to your MongoDB server
-
Start the development server
npm run devThe first registered user is automatically assigned the admin role. Later users are assigned the normal user role unless an admin changes their role from the admin screen.
The repository includes db_export.json as the database export for submission. It contains sample MongoDB data for the project entities.
This assignment was completed individually. All source files, frontend components, backend API routes, database helpers, authentication logic and styling were completed by Jake Nicholls.
- Svelte state is used for local UI state because the app has a compact single-page interface with simple view switching.
- Server routes are used for backend logic so database access, JWT verification, password hashing and role checks cannot be accessed from the client.
- JWT is stored in an HTTP only cookie to reduce exposure to client-side JavaScript.
- Admin only routes do server side role checks before returning protected data.
- MongoDB text indexes support live search across expense title, category and description.