A RESTful API backend built with TypeScript, Express, and Prisma, featuring JWT authentication and role-based access for user and blog management. Containerized with Docker for easy deployment.
- User registration & login with JWT (stored in HTTP-only cookies)
- Role-based access (
USERandADMIN) - Blog CRUD: users can manage their posts, admin can manage all posts
- Secure password hashing with bcrypt
- Docker-ready
- Node.js + TypeScript
- Express.js + Prisma (PostgreSQL)
- JWT + bcrypt
- Docker
Create a .env file:
DATABASE_URL="postgresql://username:password@host:port/database"
JWT_SECRET="your-secret-key"
PORT=4000git clone https://github.com/raone1422g/restapi.git
cd restapi
pnpm install
#make sure you have setup the env variable
npx prisma generate
npx prisma migrate dev --name init
pnpm run devAPI runs at: http://localhost:4000
docker pull raone1422g/restapi:v1.0docker run -d -p 3000:4000 \
-e DATABASE_URL="your_database_url" \
-e JWT_SECRET="your_jwt_secret" \
raone1422g/restapi:v1.0| Endpoint | Method | Description |
|---|---|---|
/api/auth/register |
POST | Register a user |
/api/auth/login |
POST | Login & receive JWT |
/api/auth/logout |
POST | Logout (clear cookie) |
/api/auth/me |
GET | Get logged-in user |
| Endpoint | Method | Description |
|---|---|---|
/api/blog/allBlogs |
GET | Get all posts |
/api/blog/getMyBlogs |
GET | Get logged-in user’s posts |
/api/blog/create |
POST | Create a post |
/api/blog/update/:id |
PUT | Update a post (author only) |
/api/blog/delete/:id |
DELETE | Delete a post (author only) |
| Endpoint | Method | Description |
|---|---|---|
/api/user/getAllUsers |
GET | Get all registered users |
- All authenticated routes require the JWT cookie.
- Admin-only routes are protected by role-based middleware.
- Passwords are hashed, never stored in plaintext.