A powerful, production-ready image processing API built with Node.js, Express, PostgreSQL, and Sharp. Features include user authentication, image transformations, caching, and quota management.
- Dual Authentication - JWT tokens and API keys
- User Management - Registration, login, profile management
- Rate Limiting - Protection against brute force attacks
- Password Hashing - bcrypt with salt rounds
- Quota System - Configurable upload limits per user
- Upload - Single and multiple image uploads
- Transformations - Resize, rotate, flip, blur, sharpen, color adjustments
- Format Conversion - JPEG, PNG, WebP, GIF
- Presets - Thumbnail, avatar, social media, and more
- Caching - Automatic caching of transformed images
- Batch Processing - Multiple transformations in one request
- PostgreSQL - Persistent storage for users and images
- Image Ownership - Track which user uploaded each image
- Usage Analytics - User statistics and quota tracking
- Transformation History - Cache hit tracking
- Node.js 18+
- PostgreSQL 14+ (or Docker)
- npm or yarn
git clone https://github.com/yourusername/PixelForge.git
cd PixelForgenpm installCreate a .env file in the root directory:
PORT=5000
NODE_ENV=development
# Database
DB_HOST=localhost
DB_PORT=5432
DB_NAME=pixelforge
DB_USER=postgres
DB_PASSWORD=your_password
# JWT
JWT_SECRET=your_super_secret_key_change_this_in_production
# Storage
UPLOAD_DIR=./uploads
MAX_FILE_SIZE=10485760Option A: Using Docker (Recommended)
docker run --name pixelforge-db \
-e POSTGRES_PASSWORD=your_password \
-e POSTGRES_DB=pixelforge \
-p 5432:5432 \
-d postgres:14Option B: Local PostgreSQL
createdb pixelforge# Development
npm run dev
# Production
npm startThe API will be available at http://localhost:5000
docker-compose up -dThis will start both the API and PostgreSQL database.
# Build the image
docker build -t pixelforge-api .
# Run the container
docker run -p 5000:5000 \
-e DB_HOST=your_db_host \
-e DB_PASSWORD=your_password \
-e JWT_SECRET=your_secret \
pixelforge-apiPOST /api/auth/register
Content-Type: application/json
{
"email": "user@example.com",
"password": "password123"
}POST /api/auth/login
Content-Type: application/json
{
"email": "user@example.com",
"password": "password123"
}Response includes token (JWT) and api_key.
POST /api/upload/single
Authorization: Bearer <jwt_token>
Content-Type: multipart/form-data
image: <file>Or with API key:
POST /api/upload/single
X-API-Key: <api_key>
Content-Type: multipart/form-data
image: <file>GET /api/transform/:filename?width=500&height=300&fit=coverGET /api/transform/:filename?format=webp&quality=80GET /api/transform/:filename?grayscale=true&blur=2GET /api/transform/:filename/preset/thumbnailAvailable presets: thumbnail, small, medium, large, avatar, social-media, profile-pic
GET /api/user/profile
Authorization: Bearer <jwt_token>GET /api/user/images?limit=20&offset=0
Authorization: Bearer <jwt_token>GET /api/user/stats
Authorization: Bearer <jwt_token>The API supports two authentication methods:
- JWT Token - Include in
Authorization: Bearer <token>header - API Key - Include in
X-API-Key: <key>header
Both methods provide the same level of access.
| Method | Endpoint | Auth | Description |
|---|---|---|---|
| Authentication | |||
| POST | /api/auth/register |
No | Register new user |
| POST | /api/auth/login |
No | Login user |
| POST | /api/auth/refresh |
No | Refresh JWT token |
| GET | /api/auth/me |
Yes | Get current user |
| POST | /api/auth/regenerate-key |
Yes | Generate new API key |
| User Management | |||
| GET | /api/user/profile |
Yes | Get user profile |
| GET | /api/user/images |
Yes | List user's images |
| GET | /api/user/stats |
Yes | Get usage statistics |
| Upload | |||
| POST | /api/upload/single |
Yes | Upload single image |
| POST | /api/upload/multiple |
Yes | Upload multiple images |
| Images | |||
| GET | /api/images/:filename |
No | Serve image file |
| DELETE | /api/images/:filename |
Yes | Delete image (owner only) |
| Transformations | |||
| GET | /api/transform/:filename |
No | Transform image |
| GET | /api/transform/:filename/preset/:preset |
No | Apply preset |
| GET | /api/transform/:filename/info |
No | Get image info |
| POST | /api/transform/:filename/batch |
No | Batch transformations |
Run the test suite:
npm testTest authentication manually:
node test-auth.js- Create new project on Railway
- Add PostgreSQL database
- Connect GitHub repository
- Set environment variables
- Deploy
- Create new Web Service
- Add PostgreSQL database
- Connect repository
- Set environment variables
- Deploy
fly launch
fly postgres create
fly secrets set JWT_SECRET=your_secret
fly deploySee DEPLOYMENT.md for detailed deployment guides.
| Variable | Description | Default |
|---|---|---|
PORT |
Server port | 5000 |
NODE_ENV |
Environment | development |
DB_HOST |
PostgreSQL host | localhost |
DB_PORT |
PostgreSQL port | 5432 |
DB_NAME |
Database name | pixelforge |
DB_USER |
Database user | postgres |
DB_PASSWORD |
Database password | - |
JWT_SECRET |
JWT signing secret | - |
UPLOAD_DIR |
Upload directory | ./uploads |
MAX_FILE_SIZE |
Max file size (bytes) | 10485760 |
PixelForge/
βββ src/
β βββ db/
β β βββ database.js # Database connection & schema
β βββ middleware/
β β βββ authMiddleware.js # JWT & API key auth
β β βββ upload.js # Multer configuration
β β βββ validate.js # Input validation
β βββ models/
β β βββ User.js # User model
β β βββ Image.js # Image model
β βββ routes/
β β βββ auth.js # Authentication routes
β β βββ user.js # User management routes
β β βββ upload.js # Upload routes
β β βββ images.js # Image serving routes
β β βββ transform.js # Transformation routes
β βββ services/
β β βββ imageProcessor.js # Image processing logic
β βββ server.js # Express app setup
βββ uploads/ # Uploaded images
βββ .env # Environment variables
βββ .gitignore
βββ package.json
βββ README.md
Contributions are welcome! Please feel free to submit a Pull Request.
ISC
Muyiwa Obaremi - GitHub
- Sharp - High-performance image processing
- Express - Web framework
- PostgreSQL - Database
- JWT - Authentication