LOADING
Code Blog - Full-Stack Blogging Platform
Demonstrates full-stack development, authentication, and security best practices with real-world users actively engaging with the platform.
AuthenticationAuthorizationFull-Stack DevelopmentSecurityJWTMongoDBAngularExpress
Angular
Node.js
MongoDB
TypeScript
Html
MaterialUI
CSS
The Core Vision
📝
⚡Deep Dive
Authentication & Security Architecture
The Challenge
Securing a single-page app (SPA) involves complex hurdles:
!
Persistence
Maintaining login state without insecure `localStorage`.
!
Protection
Guarding admin routes from unauthorized users.
!
DRY
Attaching tokens to requests without code duplication.
!
Renewal
Handling token expiration seamlessly.
Technical Architecture
The architecture followed MVC (Model-View-Controller) pattern:
🛠️
Backend
Node.js with Express for API, MongoDB with Mongoose for data
Frontend
Angular with modular component structure and service-based architecture
Authentication
JWT tokens with Angular guards and interceptors
State Management
RxJS for reactive data flow
Deployment
Vercel for frontend, Render for backend
Design decisions prioritized security, scalability, and user experience. Lazy loading was implemented for performance, and responsive design ensured mobile compatibility.
Critical Challenges
The Problem
Managing authentication state across multiple pages and preventing token expiration issues
The Fix
Implemented AuthService with refresh token logic and localStorage persistence with expiration checks
The Problem
Handling asynchronous API requests and managing loading/error states
The Fix
Used Angular interceptors to globally handle errors and attach JWT tokens, implemented proper loading state management
The Problem
Ensuring responsiveness across devices from mobile to desktop
The Fix
Applied Angular Flex Layout and custom CSS Grid for adaptive layouts with extensive device testing
The Problem
Deploying frontend and backend seamlessly with CORS and environment variables
The Fix
Configured CORS properly, used environment variables for API endpoints, set up CI/CD pipelines
API Documentation
RESTful Resources
| Method | Endpoint | Description | Auth |
|---|---|---|---|
| POST | /api/auth/register | Register a new user | Public |
| POST | /api/auth/login | Login user and return JWT | Public |
| GET | /api/users/profile | Get logged-in user's profile | Required |
| PUT | /api/users/profile | Update logged-in user's profile | Required |
| GET | /api/posts | Get all blog posts (paginated) | Public |
| GET | /api/posts/:id | Get a single blog post by ID | Public |
| POST | /api/posts | Create a new blog post | Required |
| PUT | /api/posts/:id | Edit a blog post | Required |
| DELETE | /api/posts/:id | Delete a blog post | Required |
| POST | /api/upload | Upload an image | Required |
Quick Start
terminal — node setup
$ cd backend && npm install && npm start; cd frontend && npm install && ng serveReflections & Impact
🎓
Technical Growth
- •Auth is Complex: Learned deep lessons in token storage, expiration, and revocation—knowledge transferable to any backend.
- •Reactive Programming: Mastered RxJS `BehaviorSubject` for state management, avoiding memory leaks with proper subscription handling.
- •Modular Architecture: Saw firsthand how Angular's component-based design simplifies testing and maintenance.
- •Database Modeling: Gained proficiency in Mongoose schemas, relationships, and indexing for query performance.
🧠
Soft Skills
- •Deployment Realities: Moving to production revealed hidden complexities in CORS, environment variables, and CI/CD pipelines.
- •User-Centricity: Small UI details like loading states and error messages define the perceived quality of the app.
- •Feedback is Gold: Real usage uncovered bugs and feature needs that hypothetical planning missed.
🚀
The Aftermath
Established a reusable authentication pattern used in all subsequent projects, drastically reducing setup time. The project proved the ability to ship a full-stack feature set from concept to deployed product.
Current StatusDeployed on Vercel (Front) and Render (Back). Actively used by a network of developer peers. Continuous updates focus on performance optimization and handling edge cases discovered through real-world usage.