"Plan faster, collaborate clearly, and ship with confidence across teams and projects."
Heed is a full-stack collaboration platform for teams managing projects, tasks, and delivery workflows.
It combines:
- a React 19 dashboard frontend,
- an Express 5 backend API,
- Prisma + PostgreSQL data access,
- and secure auth with a 7-day JWT session cookie.
The result is a practical workspace where members can create teams, run projects, manage tasks, and collaborate through task comments.
- Register, login, logout, refresh, profile bootstrap, forgot/reset password, and authenticated password change.
- Single JWT session stored in an HttpOnly cookie with a 7-day expiry.
- Create teams, update team metadata, join by invite code.
- Add/remove members with permission checks.
- Team-scoped projects with status/result handling.
- Member management per project.
- Create/update/delete tasks, fetch by project, and fetch single task details.
- Priority/type/status-driven workflows.
- Load, add, and delete comments per task.
- Access-controlled by project/team membership.
- Route guards, app-level ErrorBoundary, global theme support, loading states, and improved null-safe date rendering.
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β CLIENT β
β React 19 Β· Vite 7 Β· Redux Toolkit Β· RTK Query Β· MUI Β· β
β Tailwind v4 Β· React Router v7 Β· Axios + cookie sessions β
ββββββββββββββββββββββββββββ¬βββββββββββββββββββββββββββββββββββ
β REST / JSON + cookies
ββββββββββββββββββββββββββββΌβββββββββββββββββββββββββββββββββββ
β SERVER β
β Express 5 Β· JWT Β· bcrypt Β· cookie-parser Β· CORS Β· helmet β
β Rate limiting Β· Brevo Transactional Email Β· Prisma adapter (pg) β
ββββββββββββββββββββββββββββ¬βββββββββββββββββββββββββββββββββββ
β Prisma Client
ββββββββββββββββββββββββββββΌβββββββββββββββββββββββββββββββββββ
β DATABASE β
β PostgreSQL (Neon-ready) β
β Teams Β· Projects Β· Tasks Β· Comments Β· Invites Β· Notificationsβ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Heed/
βββ client/ # React frontend
β βββ src/
β β βββ components/ # Layout, dashboards, project/team/task UI
β β βββ context/ # AuthContext
β β βββ hooks/ # App initialization + helpers
β β βββ lib/ # Axios client with cookie-session handling
β β βββ pages/ # Auth + app pages
β β βββ store/ # Redux slices, selectors, thunks, RTK Query
β β βββ theme/ # Theme tokens/provider
β βββ package.json
β
βββ server/ # Express backend
β βββ app.js # Middleware + route mounting
β βββ index.js # Boot + graceful shutdown
β βββ prisma.config.ts # Prisma datasource config
β βββ prisma/
β β βββ schema.prisma # Full data model
β β βββ migrations/
β βββ src/
β β βββ controllers/ # auth, users, teams, projects, tasks, comments
β β βββ routes/ # API route definitions
β β βββ middlewares/ # auth middleware
β β βββ prisma/ # Prisma client singleton
β β βββ utils/ # email service
β βββ package.json
β
βββ docs/
βββ DATA_FETCHING_API.md
βββ project-build-flow/
Base URL: http://localhost:5000/api
| Domain | Method | Endpoint |
|---|---|---|
| Health | GET |
/health |
| Auth | POST |
/auth/register |
| Auth | POST |
/auth/login |
| Auth | POST |
/auth/logout |
| Auth | POST |
/auth/refresh |
| Auth | GET |
/auth/me |
| Auth | POST |
/auth/forgot-password |
| Auth | POST |
/auth/reset-password |
| Auth | POST |
/auth/change-password |
| Users | GET |
/users/me |
| Users | PATCH |
/users/me |
| Teams | GET |
/teams |
| Teams | GET |
/teams/:teamId |
| Teams | POST |
/teams |
| Teams | PATCH |
/teams/:teamId |
| Teams | POST |
/teams/join |
| Teams | POST |
/teams/:teamId/members |
| Teams | DELETE |
/teams/:teamId/members/:userId |
| Teams | DELETE |
/teams/:teamId |
| Projects | GET |
/projects |
| Projects | GET |
/projects/:projectId |
| Projects | POST |
/projects |
| Projects | PATCH |
/projects/:projectId |
| Projects | POST |
/projects/:projectId/members |
| Projects | DELETE |
/projects/:projectId/members/:userId |
| Projects | DELETE |
/projects/:projectId |
| Tasks | GET |
/tasks |
| Tasks | GET |
/tasks/:taskId |
| Tasks | GET |
/tasks/project/:projectId |
| Tasks | POST |
/tasks |
| Tasks | PUT |
/tasks/:taskId |
| Tasks | DELETE |
/tasks/:taskId |
| Comments | GET |
/tasks/:taskId/comments |
| Comments | POST |
/tasks/:taskId/comments |
| Comments | DELETE |
/tasks/comments/:commentId |
| Requirement | Version |
|---|---|
| Node.js | 18+ |
| npm | 9+ |
| PostgreSQL / Neon | Active connection |
git clone <your-repo-url>
cd Heedcd server
npm install
npx prisma generate
npm run devCreate server/.env with values similar to:
# Server
PORT=5000
HOST=localhost
NODE_ENV=development
CLIENT_ORIGIN=http://localhost:5173
# Database
DATABASE_URL=postgresql://...
DIRECT_URL=postgresql://...
# Auth
JWT_SECRET=change_me_session_secret
# Email (required for verification + reset flows)
BREVO_API_KEY=your_brevo_api_key
BREVO_SENDER_EMAIL=your-verified-sender@example.com
BREVO_SENDER_NAME=HeedProduction notes:
- Use a Brevo sender email/domain that is verified in your Brevo account.
- Keep
BREVO_API_KEYin secret manager / environment settings (never commit it). - On server boot, the backend logs whether Brevo config is complete.
cd client
npm install
npm run devCreate client/.env:
VITE_API_URL=http://localhost:5000/api
VITE_API_BASE_URL=http://localhost:5000/apiIf you need to apply migrations on a fresh database:
cd server
npx prisma migrate dev --name init
npx prisma generate- Protected and public route guards in
App.jsx. - Global app initialization hook for profile/team/project/task bootstrap.
- Redux store slices for users, teams, projects, tasks, settings, and theme.
- RTK Query API slice for normalized network access.
- Axios interceptor for auth expiry detection and session revalidation.
- ErrorBoundary wrapping app shell.
Primary relational entities in Prisma:
UserTeam,TeamMember,TeamInviteProject,ProjectMemberTask,TaskLabel,LabelComment(threaded via parent/replies)ActivityLog,Notification
npm run dev
npm run build
npm run preview
npm run lintnpm run dev
npm startMIT Β© 2026 Heed