lekhanX
Verified Safeby PrithiviPM2580
Overview
Backend API for an AI-powered blogging platform with user authentication, role-based permissions, and content management.
Installation
pnpm install && pnpm build && pnpm startEnvironment Variables
- PORT
- NODE_ENV
- LOG_LEVEL
- DB_URL
- DB_NAME
- APP_NAME
- APP_VERSION
- ADMIN_EMAIL
- JWT_ACCESS_TOKEN_SECRET
- JWT_REFRESH_TOKEN_SECRET
- JWT_ACCESS_TOKEN_EXPIRATION
- JWT_REFRESH_TOKEN_EXPIRATION
Security Notes
The server demonstrates good security practices including password hashing with bcrypt, JWTs for authentication (secrets from environment variables), refresh token management (stored in DB with user agent and IP), HTTP-only and secure cookies, input validation with Zod, rate limiting, and a comprehensive global error handler that specifically catches and processes JWT-related errors. There are no obvious hardcoded secrets or dangerous patterns like 'eval'. The use of `req.ip` for rate limiting and token tracking relies on proper proxy configuration for accurate client IP in production environments.
Similar Servers
tiger-gh-mcp-server
Provides a set of focused tools to Large Language Models (LLMs) for interacting with the GitHub API, enabling capabilities like fetching issues, pull requests, commits, releases, and searching code within a specified organization.
deployhq-mcp-server
This is a backend server component, likely acting as a "Master Control Program" for deployment workflows or a core service, developed using Node.js and TypeScript.
mcp-server
A Model Context Protocol (MCP) server that provides real-time Indian options market data and volatility analytics from GetOutpost.in for integration with AI chat models like Claude.
dev-workflow-mcp-server
Enforce development workflow discipline by guiding developers through a sequence of best practices (testing, documentation, commit, release) using an MCP (Model Context Protocol) server.