Live Demo URL: blurt-api
Blurt API is a production-grade, scalable backend for a Twitter-like social media platform. It is built with Node.js, TypeScript, Express, Prisma, and PostgreSQL, following clean architecture and service-layer patterns.
The system focuses on correct resource modeling, secure authentication, and social graph features such as following users and building personalized timelines. It is fully containerized with Docker and designed for real-world backend interviews and production use.
A short walkthrough demonstrating authentication, user flows, tweet creation, editing, deletion, and the Dockerized production setup.
-
Authentication
- Secure user registration & login
- JWT-based authentication
- Password hashing with Argon2
-
User Management
- Follow / Unfollow users
- Fetch authenticated user (
/user/me) - Avatar upload with Multer
-
Tweet System
- Create tweets
- Edit tweets (author-only)
- Delete tweets (author-only)
- Fetch a single tweet
- Personalized timeline feed
-
Authorization
- Ownership checks for tweet updates & deletion
- Protected routes using middleware
-
Documentation
- Swagger / OpenAPI docs using JSDoc annotations
-
Infrastructure
- Docker & Docker Compose
- PostgreSQL with Prisma ORM
-
CI/CD (Planned)
- Jenkins-based pipeline (GitHub Actions blocked due to billing)
| Component | Technology | Role |
|---|---|---|
| Language | TypeScript | Type-safe backend logic |
| Runtime | Node.js 20 | Server runtime |
| Framework | Express | HTTP server |
| Database | PostgreSQL 15 | Relational database |
| ORM | Prisma | Type-safe DB access |
| Auth | JWT + Argon2 | Secure authentication |
| Uploads | Multer | Avatar uploads |
| Docs | Swagger (OpenAPI) | API documentation |
| Containers | Docker & Docker Compose | Deployment |
-
Fully Dockerized for local or cloud deployment
-
Designed to run on EC2 / VPS
-
Supports persistent volumes for:
- PostgreSQL data
- Uploaded avatars
- Docker & Docker Compose
- Git
git clone https://github.com/KingsCreatives/blurt.git
cd blurtCreate a .env file in the project root:
PORT=4000
DATABASE_URL=postgresql://postgres:postgres@postgres:5432/blurt_db?schema=public
JWT_SECRET=super-secret-key
NODE_ENV=developmentdocker compose up --buildThe API will be available at:
http://localhost:4000
Inside the API container:
docker compose exec api npx prisma migrate deploySwagger UI is available at:
http://localhost:4000/docs
Includes documentation for:
- Auth (register, login)
- Users (me, follow, unfollow, avatar)
- Tweets (create, edit, delete, fetch one, timeline)
-
Register
POST /user -
Login
POST /auth/login -
Get Current User
GET /user/me
| Action | Endpoint |
|---|---|
| Create tweet | POST /tweets |
| Edit tweet | PUT /tweets/:id |
| Delete tweet | DELETE /tweets/:id |
| Get one tweet | GET /tweets/:id |
| Timeline | GET /tweets |
src/
├── controllers/ # Request handlers
├── services/ # Business logic
├── routes/ # Express routes
├── middleware/ # Auth, validation
├── schemas/ # Zod schemas
├── lib/ # Prisma, Multer
├── utils/ # Helpers
├── app.ts # App bootstrap
└── server.ts # Server entry
-
Auth vs User separation
- Auth handles credentials & tokens
- User handles profile & social graph
-
Service Layer Pattern
- Controllers are thin
- Business rules live in services
-
Ownership Enforcement
- Tweets can only be edited/deleted by their author
-
Minimal API responses
- No sensitive data leaked
- IDs returned for client-side state
- GitHub Actions blocked due to billing restrictions
- Jenkins pipeline planned
- Docker-first workflow already validated
This project was built as a real-world backend system, not a tutorial app. It demonstrates:
- Clean architecture
- Correct REST resource modeling
- Secure authentication
- Production Docker workflows
- Clear API documentation
- Fork the repository
- Create a feature branch
- Commit with conventional commits
- Open a Pull Request