SelamY Blog API is the robust server-side application powering the Selamy Blog platform. Built with Node.js and Express, it provides a secure RESTful API for content management, user authentication, and media handling.
- Secure Authentication: JWT-based authentication with secure password hashing (Bcrypt).
- Advanced Security:
- Rate Limiting: Protection against brute-force attacks.
- Helmet: Secure HTTP headers to protect against well-known vulnerabilities.
- Input Validation: Strict data validation using
express-validator. - NoSQL Injection Protection: Sanitized queries against injection attacks.
- CORS Configuration: Configured for secure cross-origin requests.
- Media Management: Integrated Cloudinary & Multer for optimized image uploads and storage.
- Content Management: Full CRUD operations for posts and comments.
- Advanced Search: Regex-based search functionality for titles, content, tags and users.
- User Profiles: Profile management, bio updates, and avatar uploads.
- Runtime: Node.js
- Framework: Express.js
- Database: MongoDB (Mongoose ODM)
- Authentication: JSON Web Token (JWT)
- File Upload: Multer & Cloudinary
- Security Tools: Helmet, Express-Rate-Limit, Express-Validator
Follow these steps to set up the project locally:
- Node.js
- MongoDB Atlas Account
- Cloudinary Account
- Redis
- Clone the repository
git clone https://github.com/Salih041/selamy-api cd selamy-api - Install dependencies
npm install
- Environment Variables Create a .env file in the root directory and add the following configuration:
MONGO_URL=your_db_url JWT_SECRET=your_secure_secret_key CLOUDINARY_CLOUD_NAME=your_cloudinary_cloud_name CLOUDINARY_API_KEY=your_cloudinary_api_key CLOUDINARY_API_SECRET=your_api_secret SWAGGER_PASSWORD= your_swagger_pass SWAGGER_USERNAME= your_swagger_id RESEND_KEY= your_resend_api_key REDIS_URL= your_redis
- Run the server
npm run dev
The server will start running on http://localhost:3000
Distributed under the MIT License. See LICENSE for more information.
Developed by Salih Özbek