A simple blog backend with user authentication and post management built with Node.js, Express, TypeScript, Prisma, and PostgreSQL.
- 🔐 User Authentication: JWT-based authentication with password hashing
- 📝 Blog Posts: Create, read, update, and delete blog posts
- 👤 User Management: User registration, login, and profile management
- 🛡️ Security: Input validation, password hashing, JWT tokens
- 📊 Pagination: Paginated post listings
- 🏷️ Draft System: Support for draft and published posts
- 🔒 Authorization: Users can only edit their own posts
- Runtime: Node.js with TypeScript
- Framework: Express.js
- Database: PostgreSQL with Prisma ORM
- Authentication: JWT tokens with bcryptjs
- Validation: Joi schema validation
- Security: Helmet, CORS, Morgan logging
npm install
Create a .env
file in the root directory:
# Database
DATABASE_URL="postgresql://username:password@localhost:5432/blog_db"
DIRECT_URL="postgresql://username:password@localhost:5432/blog_db"
# JWT Secret
JWT_SECRET="your-super-secret-jwt-key"
# Server
PORT=3000
NODE_ENV=development
# Generate Prisma client
npx prisma generate
# Run database migrations
npx prisma migrate dev
# (Optional) Open Prisma Studio to view/edit data
npx prisma studio
npm run dev
The API will be available at http://localhost:3000
# Run the test script (requires server to be running)
npm run test:api
POST /auth/signup
- Create new user accountPOST /auth/login
- User loginGET /auth/profile
- Get user profilePUT /auth/profile
- Update user profileDELETE /auth/profile
- Delete user account
GET /posts
- Get all published postsGET /posts/my-posts
- Get user's posts (including drafts)GET /posts/:id
- Get single postPOST /posts
- Create new postPUT /posts/:id
- Update postDELETE /posts/:id
- Delete post
src/
├── index.ts # Main application entry point
├── lib/
│ ├── prisma.ts # Prisma client configuration
│ ├── auth.ts # Authentication utilities
│ └── validation.ts # Joi validation schemas
└── routes/
├── auth.ts # Authentication routes
└── posts.ts # Post management routes
npm run dev
- Start development server with hot reloadnpm run build
- Build TypeScript to JavaScriptnpm run start
- Start production servernpm run test:api
- Run API testsnpm run db:generate
- Generate Prisma clientnpm run db:migrate
- Run database migrationsnpm run db:studio
- Open Prisma Studio
For detailed API documentation, see API_DOCUMENTATION.md
Variable | Description | Required |
---|---|---|
DATABASE_URL |
PostgreSQL connection string | Yes |
DIRECT_URL |
Direct PostgreSQL connection for migrations | Yes |
JWT_SECRET |
Secret key for JWT token signing | Yes |
PORT |
Server port (default: 3000) | No |
NODE_ENV |
Environment (development/production) | No |
- Password hashing with bcryptjs
- JWT token authentication
- Input validation with Joi
- CORS protection
- Helmet security headers
- Request logging with Morgan
- SQL injection protection via Prisma
- XSS protection via input sanitization
ISC