https://github.com/saif-gitreps/url-shortener-backend

A Node.js application where users can create ShortIds for long URLs without authentication. Authenticated users can keep track of their URLs, create custom ShortIds, delete them, and monitor URL analytics.
https://github.com/saif-gitreps/url-shortener-backend

bcryptjs csrf-protection express-js helmet jwt-authentication middelware mongodb nodejs postman redis

Last synced: 6 months ago
JSON representation

A Node.js application where users can create ShortIds for long URLs without authentication. Authenticated users can keep track of their URLs, create custom ShortIds, delete them, and monitor URL analytics.

• Host: GitHub
• URL: https://github.com/saif-gitreps/url-shortener-backend
• Owner: saif-gitreps
• Created: 2024-03-12T12:25:52.000Z (over 1 year ago)
• Default Branch: main
• Last Pushed: 2025-01-03T15:27:44.000Z (9 months ago)
• Last Synced: 2025-02-14T15:49:29.671Z (8 months ago)
• Topics: bcryptjs, csrf-protection, express-js, helmet, jwt-authentication, middelware, mongodb, nodejs, postman, redis
• Language: JavaScript
• Homepage:
• Size: 3.52 MB
• Stars: 1
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# API Server for a URL Shortener Application

A Node.js application where users can create ShortIds for long URLs without authentication. Authenticated users can keep track of their URLs, create custom ShortIds, delete them, and monitor URL analytics.

## Features

**API Endpoints**

-  **URL:**

   -  Create (Custom and Random), delete, and get analytics.

-  **Auth:**

   -  Sign up, log in, refresh access token, get CSRF token, get current user, log out, and update user details.

🔐 **Authentication and Security**

-  Stateless JWT authentication with refresh and access tokens using secure HTTP-only cookies.

-  CSRF protection with the **Double-submit cookie** pattern.

-  Role-based authorization.

💻 **Tech Stack and Features**

-  Password **encryption** before storing in the database, with **decryption** for verification.

-  Using the **MVC pattern** and separating authentication for microservice-like separation of concerns.

-  **Rate limiters** for authentication routes based on different roles.

-  Route protection from unauthenticated requests.

-  **CSRF protection** for all POST requests.

-  User input, URL, and ShortId validation using **express-validator** and custom sanitization.

-  Custom logger for monitoring requests in the development terminal.

-  **Caching** of actively used ShortIds using **Redis** to reduce database load.

-  Schema built with **Mongoose**, along with **aggregation pipeline** queries.

-  **Scheduled cron job** to clean up visit details data for an expired URL.

-  Users can monitor analytics for each click in detail for every ShortId.

🎁 **Additional Features**

-  🔄 Highly customizable and extendable, with more features planned for future updates.