A comprehensive REST API for managing employee payroll, attendance tracking, and salary calculations with role-based access control.
- Authentication & Authorization: Role-based access (Admin, HR, Employee)
- Employee Management: Create, read, and manage employee profiles
- Attendance Tracking: Mark daily attendance with automatic half-day detection
- Salary Calculation: Automated salary computation with tax and PF deductions
- Payroll Distribution: Monthly payroll processing and history tracking
- Node.js (v14 or higher)
- Database (PostgreSQL/MySQL)
- Clone the repository
git clone <repository-url>
cd employee-payroll-api- Install dependencies
npm install- Set up environment variables
cp .env.example .env
# Update database credentials and other configurations- Run database migrations
npm run migrate- Start the server
npm startThe API will be available at http://localhost:3000
All endpoints (except login) require authentication using HTTP-only cookies. The API uses session-based authentication with role-based access control.
- ADMIN: Full access to all endpoints
- HR: Employee management and payroll operations
- EMPLOYEE: Limited access to personal data only
POST /auth/login
Content-Type: application/json
{
"email": "admin@company.com",
"password": "admin123"
}Response (200)
{
"message": "Login successful",
"user": {
"id": 1,
"email": "admin@company.com",
"role": "ADMIN"
}
}POST /auth/logout
Content-Type: application/jsonResponse (200)
{
"message": "Logout successful"
}Role: HR/Admin only
POST /employees
Content-Type: application/json
{
"email": "john.doe@company.com",
"password": "password123",
"employee_code": "EMP002",
"first_name": "John",
"last_name": "Doe",
"department": "Engineering",
"designation": "Software Engineer",
"basic_salary": 50000,
"hra": 15000,
"allowances": 8000,
"other_deductions": 2000,
"join_date": "2024-01-15"
}Response (201)
{
"message": "Employee created successfully",
"employee_id": 2
}Role: HR/Admin (any employee), Employee (own data only)
GET /employees/:idResponse (200)
{
"id": 2,
"user_id": 3,
"employee_code": "EMP002",
"first_name": "John",
"last_name": "Doe",
"department": "Engineering",
"designation": "Software Engineer",
"basic_salary": 50000.00,
"hra": 15000.00,
"allowances": 8000.00,
"other_deductions": 2000.00,
"join_date": "2024-01-15",
"status": "ACTIVE",
"email": "john.doe@company.com",
"role": "EMPLOYEE",
"created_at": "2024-01-15T10:30:00.000Z",
"updated_at": "2024-01-15T10:30:00.000Z"
}Role: Employee only
POST /attendance/mark
Content-Type: application/json
{
"check_in": "09:00",
"check_out": "18:30"
}Response (200) - Full Day
{
"message": "Attendance marked successfully",
"working_hours": 9.5,
"is_half_day": false,
"status": "PRESENT"
}Response (200) - Half Day
{
"message": "Attendance marked successfully",
"working_hours": 4,
"is_half_day": true,
"status": "HALF_DAY"
}Role: HR/Admin only
POST /salary/calculate
Content-Type: application/json
{
"employee_id": 2,
"month": "2024-01"
}Response (200)
{
"message": "Salary calculated successfully",
"employee": {
"id": 2,
"name": "John Doe",
"employee_code": "EMP002"
},
"month": "2024-01",
"salary": {
"basic_salary": 50000,
"hra": 15000,
"allowances": 8000,
"gross_salary": 73000,
"tax_deduction": 18250,
"pf_deduction": 6000,
"other_deductions": 2000,
"total_deductions": 26250,
"net_salary": 46750,
"working_days": 31,
"present_days": 22,
"half_days": 3
}
}Role: HR/Admin (any employee), Employee (own data only)
GET /salary/:employeeId?month=YYYY-MMResponse (200)
{
"id": 1,
"employee_id": 2,
"month": "2024-01",
"working_days": 31,
"present_days": 22,
"half_days": 3,
"basic_salary": 50000.00,
"hra": 15000.00,
"allowances": 8000.00,
"gross_salary": 73000.00,
"tax_deduction": 18250.00,
"pf_deduction": 6000.00,
"other_deductions": 2000.00,
"total_deductions": 26250.00,
"net_salary": 46750.00,
"calculated_at": "2024-01-31T15:30:00.000Z",
"first_name": "John",
"last_name": "Doe",
"employee_code": "EMP002"
}Role: HR/Admin only
POST /payroll/distribute
Content-Type: application/json
{
"month": "2024-01"
}Response (200)
{
"message": "Payroll distributed successfully",
"month": "2024-01",
"summary": {
"total_employees": 5,
"total_gross_amount": 365000.00,
"total_deductions": 131250.00,
"total_net_amount": 233750.00
}
}Role: HR/Admin only
GET /payroll/history?month=YYYY-MMResponse (200)
[
{
"id": 1,
"month": "2024-01",
"total_employees": 5,
"total_gross_amount": 365000.00,
"total_deductions": 131250.00,
"total_net_amount": 233750.00,
"distributed_by": 1,
"distributed_at": "2024-01-31T16:00:00.000Z",
"distributed_by_email": "admin@company.com"
}
]The API uses the following calculation methodology:
- Gross Salary = Basic Salary + HRA + Allowances
- Tax Calculation based on annual income slabs:
- βΉ0 - βΉ2.5L: 0%
- βΉ2.5L - βΉ5L: 5%
- βΉ5L - βΉ10L: 20%
- βΉ10L+: 30%
- PF Deduction = 12% of Basic Salary
- Daily Wage = Gross Salary Γ· Working Days in Month
- Half Day Calculation = Daily Wage Γ· 2 (for working hours < 8)
- Net Salary = Total Earned Salary - Tax - PF - Other Deductions
curl -X POST http://localhost:3000/auth/login \
-H "Content-Type: application/json" \
-d '{"email":"admin@company.com","password":"admin123"}' \
-c cookies.txtcurl -X POST http://localhost:3000/employees \
-H "Content-Type: application/json" \
-b cookies.txt \
-d '{
"email": "john.doe@company.com",
"password": "password123",
"employee_code": "EMP002",
"first_name": "John",
"last_name": "Doe",
"department": "Engineering",
"designation": "Software Engineer",
"basic_salary": 50000,
"hra": 15000,
"allowances": 8000,
"other_deductions": 2000,
"join_date": "2024-01-15"
}'# Login as Employee
curl -X POST http://localhost:3000/auth/login \
-H "Content-Type: application/json" \
-d '{"email":"john.doe@company.com","password":"password123"}' \
-c employee_cookies.txt
# Mark Attendance
curl -X POST http://localhost:3000/attendance/mark \
-H "Content-Type: application/json" \
-b employee_cookies.txt \
-d '{"check_in": "09:00", "check_out": "18:30"}'# Calculate Salary
curl -X POST http://localhost:3000/salary/calculate \
-H "Content-Type: application/json" \
-b cookies.txt \
-d '{"employee_id": 2, "month": "2024-01"}'
# Distribute Payroll
curl -X POST http://localhost:3000/payroll/distribute \
-H "Content-Type: application/json" \
-b cookies.txt \
-d '{"month": "2024-01"}'- Import the API collection
- Set environment variable:
baseUrl = http://localhost:3000 - Run "Login as Admin" request first
- Postman will automatically handle cookies for subsequent requests
- Test all endpoints in the provided sequence
The system comes with pre-configured users for testing:
| Password | Role | |
|---|---|---|
| admin@company.com | admin123 | ADMIN |
| hr@company.com | admin123 | HR |
All error responses follow a consistent format:
{
"error": "Error message description"
}Common HTTP status codes:
400: Bad Request (validation errors, missing data)401: Unauthorized (invalid credentials, not logged in)403: Forbidden (insufficient permissions)404: Not Found (resource doesn't exist)500: Internal Server Error
- HTTP-only cookies for session management
- Role-based access control (RBAC)
- Password hashing
- SQL injection protection
- Input validation and sanitization
The API uses the following main entities:
- Users: Authentication and role management
- Employees: Employee profile and salary information
- Attendance: Daily attendance records
- Salaries: Monthly salary calculations
- Payroll: Payroll distribution history
- Fork the repository
- Create your feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add some amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
This project is licensed under the MIT License - see the LICENSE file for details.