An open API service indexing awesome lists of open source software.

https://github.com/princepal-dev/ylca-blogger


https://github.com/princepal-dev/ylca-blogger

Last synced: about 10 hours ago
JSON representation

Awesome Lists containing this project

README

          

# Blogger API

A comprehensive REST API for a blogging platform built with Spring Boot, featuring user authentication, blog management, image uploads, and role-based access control.

**Created by Prince Pal**

## ๐Ÿš€ Features

### Core Functionality
- **User Authentication & Authorization**
- JWT-based authentication with HTTP-only cookies
- Role-based access control (Admin, Collaborator)
- Secure password hashing with BCrypt

- **User Management**
- Admin user registration with secret key
- Admin can create users with auto-generated credentials
- Profile management for all users
- User deletion (admin only)

- **Blog Management**
- Full CRUD operations for blog posts
- Rich text content support
- Author-based filtering
- Timestamp tracking (created/updated)

- **Image Support**
- Multiple images per blog post
- File upload with validation (JPEG, PNG, GIF, WebP)
- Image ordering and management
- Automatic cleanup on blog deletion
- Static file serving

### Security Features
- JWT token authentication
- Role-based permissions
- Input validation and sanitization
- Secure file upload handling
- CSRF protection disabled for API
- CORS configuration ready

## ๐Ÿ› ๏ธ Technology Stack

- **Backend Framework**: Spring Boot 4.0.1
- **Language**: Java 17
- **Database**: MySQL 8.0+
- **ORM**: Spring Data JPA with Hibernate
- **Security**: Spring Security with JWT
- **File Upload**: Spring Multipart
- **Build Tool**: Maven
- **Documentation**: Spring Boot Actuator (ready for Swagger)

## ๐Ÿ“‹ Prerequisites

- **Java**: JDK 17 or higher
- **MySQL**: 8.0 or higher
- **Maven**: 3.6+ (or use included Maven wrapper)
- **Git**: For version control

## ๐Ÿ”ง Installation & Setup

### 1. Clone the Repository
```bash
git clone
cd blogger
```

### 2. Database Setup
Create a MySQL database:
```sql
CREATE DATABASE blogger_db;
```

Update database credentials in `src/main/resources/application.properties`:
```properties
spring.datasource.username=your_mysql_username
spring.datasource.password=your_mysql_password
```

### 3. File System Setup
Create the image upload directory:
```bash
mkdir -p uploads/images
```

### 4. Build and Run
Using Maven wrapper (recommended):
```bash
./mvnw clean install
./mvnw spring-boot:run
```

Or using system Maven:
```bash
mvn clean install
mvn spring-boot:run
```

The application will start on `http://localhost:8080`

## โš™๏ธ Configuration

### Application Properties
Key configuration options in `application.properties`:

```properties
# Server
server.port=8080

# Database
spring.datasource.url=jdbc:mysql://localhost:3306/blogger_db?createDatabaseIfNotExist=true
spring.datasource.username=root
spring.datasource.password=password

# JWT
spring.app.jwtSecret=your-256-bit-secret
spring.app.jwtExpirationMs=30000000
spring.app.authKey=your-admin-secret-key

# File Upload
spring.servlet.multipart.max-file-size=10MB
spring.servlet.multipart.max-request-size=50MB
app.upload.dir=uploads/images/

# Frontend (for CORS)
frontend.url=http://localhost:5173
```

## ๐Ÿ“š API Documentation

### Authentication Endpoints (`/api/auth`)

#### Register Admin
```http
POST /api/auth/signup
Content-Type: application/json

{
"username": "admin",
"password": "securepassword",
"secretKey": "__SecretKey__"
}
```

#### Login
```http
POST /api/auth/signin
Content-Type: application/json

{
"username": "admin",
"password": "securepassword"
}
```
**Response**: Sets JWT cookie + user info

#### Create User (Admin Only)
```http
POST /api/auth/users
Authorization: Bearer {jwt-token}
Content-Type: application/json

{
"fullName": "John Doe",
"phoneNumber": "+1234567890"
}
```
**Response**: Generated credentials for the new user

#### Update User Profile (Admin)
```http
PUT /api/auth/users/{userId}
Authorization: Bearer {jwt-token}
Content-Type: application/json

{
"fullName": "Updated Name",
"phoneNumber": "+0987654321"
}
```

#### Update Own Profile
```http
PUT /api/auth/profile
Authorization: Bearer {jwt-token}
Content-Type: application/json

{
"fullName": "My Updated Name",
"phoneNumber": "+0987654321"
}
```

#### Delete User (Admin Only)
```http
DELETE /api/auth/users/{userId}
Authorization: Bearer {jwt-token}
```

#### Logout
```http
POST /api/auth/signout
```
**Response**: Clears JWT cookie

### Blog Endpoints (`/api/blogs`)

#### Create Blog
```http
POST /api/blogs
Authorization: Bearer {jwt-token}
Content-Type: application/json

{
"title": "My First Blog Post",
"description": "This is a comprehensive blog post content..."
}
```

#### Get All Blogs
```http
GET /api/blogs
```

#### Get Blog by ID
```http
GET /api/blogs/{id}
```

#### Get Blogs by Author
```http
GET /api/blogs/author/{authorId}
```

#### Get My Blogs
```http
GET /api/blogs/my
Authorization: Bearer {jwt-token}
```

#### Update Blog
```http
PUT /api/blogs/{id}
Authorization: Bearer {jwt-token}
Content-Type: application/json

{
"title": "Updated Blog Title",
"description": "Updated content..."
}
```

#### Delete Blog
```http
DELETE /api/blogs/{id}
Authorization: Bearer {jwt-token}
```

### Image Endpoints (`/api/blogs`)

#### Upload Single Image
```http
POST /api/blogs/{blogId}/images
Authorization: Bearer {jwt-token}
Content-Type: multipart/form-data

file: [image file]
displayOrder: 1
```

#### Upload Multiple Images
```http
POST /api/blogs/{blogId}/images/multiple
Authorization: Bearer {jwt-token}
Content-Type: multipart/form-data

files: [image1.jpg, image2.png]
displayOrders: [1, 2]
```

#### Get Blog Images
```http
GET /api/blogs/{blogId}/images
```

#### Get Image by ID
```http
GET /api/blogs/images/{imageId}
```

#### Update Image Order
```http
PUT /api/blogs/images/{imageId}/order?displayOrder=2
Authorization: Bearer {jwt-token}
```

#### Delete Image
```http
DELETE /api/blogs/images/{imageId}
Authorization: Bearer {jwt-token}
```

## ๐Ÿ—„๏ธ Database Schema

### Tables Created Automatically
- `users` - User accounts and profiles
- `blogs` - Blog posts with author relationships
- `images` - Image metadata with blog relationships

### Key Relationships
- User (1) โ†’ Blog (Many)
- Blog (1) โ†’ Image (Many)

## ๐Ÿ”’ Security & Permissions

### User Roles
- **ROLE_ADMIN**: Full access to all features
- **ROLE_COLLABORATOR**: Blog and image management

### Permission Matrix
| Feature | Admin | Collaborator |
|---------|-------|--------------|
| Create Users | โœ… | โŒ |
| Delete Users | โœ… | โŒ |
| Manage All Blogs | โœ… | โŒ |
| Manage Own Blogs | โœ… | โœ… |
| Upload Images | โœ… | โœ… |
| View All Content | โœ… | โœ… |

## ๐Ÿ“ Project Structure

```
blogger/
โ”œโ”€โ”€ src/main/java/com/princeworks/blogger/
โ”‚ โ”œโ”€โ”€ BloggerApplication.java # Main application class
โ”‚ โ”œโ”€โ”€ config/ # Configuration classes
โ”‚ โ”‚ โ”œโ”€โ”€ AppConfig.java # ModelMapper bean
โ”‚ โ”‚ โ””โ”€โ”€ WebMvcConfig.java # Static resource config
โ”‚ โ”œโ”€โ”€ controller/ # REST controllers
โ”‚ โ”‚ โ”œโ”€โ”€ AuthController.java # Authentication & user management
โ”‚ โ”‚ โ””โ”€โ”€ BlogController.java # Blog & image operations
โ”‚ โ”œโ”€โ”€ exceptions/ # Custom exceptions
โ”‚ โ”œโ”€โ”€ model/ # JPA entities
โ”‚ โ”‚ โ”œโ”€โ”€ User.java # User entity
โ”‚ โ”‚ โ”œโ”€โ”€ Blog.java # Blog entity
โ”‚ โ”‚ โ”œโ”€โ”€ Image.java # Image entity
โ”‚ โ”‚ โ””โ”€โ”€ AppRole.java # Role enum
โ”‚ โ”œโ”€โ”€ payload/ # DTOs
โ”‚ โ”œโ”€โ”€ repositories/ # Data access layer
โ”‚ โ”œโ”€โ”€ security/ # Security configuration
โ”‚ โ”‚ โ”œโ”€โ”€ jwt/ # JWT utilities
โ”‚ โ”‚ โ”œโ”€โ”€ request/ # Request DTOs
โ”‚ โ”‚ โ”œโ”€โ”€ response/ # Response DTOs
โ”‚ โ”‚ โ”œโ”€โ”€ services/ # User details services
โ”‚ โ”‚ โ””โ”€โ”€ WebSecurityConfig.java # Security config
โ”‚ โ”œโ”€โ”€ service/ # Business logic
โ”‚ โ””โ”€โ”€ util/ # Utility classes
โ”œโ”€โ”€ src/main/resources/
โ”‚ โ”œโ”€โ”€ application.properties # Configuration
โ”‚ โ””โ”€โ”€ static/ # Static resources
โ”œโ”€โ”€ src/test/ # Test classes
โ”œโ”€โ”€ uploads/images/ # Image storage (create manually)
โ”œโ”€โ”€ pom.xml # Maven configuration
โ””โ”€โ”€ README.md # This file
```

## ๐Ÿงช Testing

### Run Tests
```bash
./mvnw test
```

### API Testing
Use tools like Postman, Insomnia, or curl to test endpoints. Import the following collection structure:

1. **Authentication Flow**
- Register admin โ†’ Login โ†’ Get JWT token
- Create users โ†’ Test role-based access

2. **Blog Management**
- Create blog โ†’ Upload images โ†’ Update content โ†’ Delete

## ๐Ÿš€ Deployment

### Production Checklist
- [ ] Update database credentials
- [ ] Configure JWT secret key
- [ ] Set up file storage permissions
- [ ] Configure CORS for frontend domain
- [ ] Set up reverse proxy (nginx/apache)
- [ ] Configure SSL certificates
- [ ] Set up log rotation
- [ ] Configure backup strategy

### Docker Support (Future Enhancement)
```dockerfile
FROM openjdk:17-jdk-slim
COPY target/*.jar app.jar
EXPOSE 8080
ENTRYPOINT ["java","-jar","/app.jar"]
```

## ๐Ÿค Contributing

1. Fork the repository
2. Create a feature branch (`git checkout -b feature/amazing-feature`)
3. Commit changes (`git commit -m 'Add amazing feature'`)
4. Push to branch (`git push origin feature/amazing-feature`)
5. Open a Pull Request

### Development Guidelines
- Follow Java naming conventions
- Add unit tests for new features
- Update documentation
- Ensure all tests pass
- Use meaningful commit messages

## ๐Ÿ“„ License

This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.

## ๐Ÿ“ž Support

For support, contact Prince Pal or create an issue in the repository.

## ๐Ÿ‘จโ€๐Ÿ’ป Author

**Prince Pal** - Project Creator & Developer

## ๐Ÿ™ Acknowledgments

- Spring Boot team for the excellent framework
- JWT.io for JWT implementation guidance
- MySQL team for the database
- All contributors and the open-source community

---

**Happy Blogging! ๐ŸŽ‰**