A RESTful API backend for the Notes application built with Node.js, Express 5, TypeScript, and Supabase. Provides authentication validation, note CRUD operations, and secure JWT-based access control.
- Runtime: Node.js
- Framework: Express 5
- Language: TypeScript
- Database/Auth: Supabase
- Validation: Type-safe schemas
- Env: dotenv
- Supabase JWT authentication middleware
- Secure REST API for notes
- Create, read, update, delete notes
- Favorite toggle support
- CORS-enabled for frontend
- Modular route/controller structure
- Type-safe request handling
src/
server.ts
app.ts
routes/
auth.route.ts
notes.route.ts
controllers/
auth.controller.ts
notes.controller.ts
middleware/
auth-middleware.ts
lib/
supabase.ts
Authentication is handled via Supabase JWT.
Flow:
- Client logs in via Supabase
- Client receives access token
- Token sent in API request header
- Middleware verifies token
- Request proceeds if valid
Header format:
Authorization: Bearer <supabase_access_token>http://localhost:8000/api/v1
POST /auth/signup
POST /auth/loginGET /notes
POST /notes
PUT /notes/:id
DELETE /notes/:idCreate .env:
PORT=8000
SUPABASE_URL=your_url
SUPABASE_SERVICE_ROLE_KEY=your_service_key
CORS_ORIGIN=http://localhost:3000- Extracts Bearer token
- Verifies with Supabase
- Attaches user to request
- Rejects unauthorized requests
Install dependencies:
npm installRun dev server:
npm run devServer starts:
http://localhost:8000
Build:
npm run buildStart:
npm startExpress CORS allows frontend origin:
app.use(
cors({
origin: process.env.CORS_ORIGIN,
credentials: true,
})
);Shared schemas define request/response shapes:
export interface Note {
id: string;
title: string;
content: string;
isFavorite: boolean;
userId: string;
}