A modern, secure URL management application built with Astro, TypeScript, and PostgreSQL. Create, manage, and share collections of URLs with built-in authentication and security features.
-
Authentication
- Email/Password authentication with email verification
- GitHub OAuth integration
- Secure password reset functionality
- JWT-based session management
-
URL Management
- Create and organize URL collections
- Share lists with others
- Track URL metadata
- Custom list organization
-
Security
- HTTP-only cookies
- Automatic JWT rotation
- Input sanitization
- SQL injection prevention
- XSS protection
- Frontend: Astro, TailwindCSS
- Backend: Node.js, PostgreSQL
- Authentication: JWT, bcrypt, GitHub OAuth
- Email: Nodemailer
- Type Safety: TypeScript, Zod
- ORM: Prisma
- Node.js 18.x or later
- PostgreSQL 14.x or later
- npm or yarn
- SMTP server access (for email functionality)
-
Clone the Repository
git clone [repository-url] cd beneficial-binary -
Install Dependencies
npm install
-
Environment Setup Create a
.envfile with the following variables:# Database DATABASE_URL="postgresql://user:password@localhost:5432/dbname" # SMTP Configuration SMTP_HOST="smtp.example.com" SMTP_PORT="587" SMTP_SECURE="false" SMTP_USER="your-email@example.com" SMTP_PASS="your-smtp-password" SMTP_FROM="Your App <noreply@example.com>" # Application PUBLIC_URL="http://localhost:3000" JWT_SECRET="your-secure-jwt-secret" # GitHub OAuth (Optional) GITHUB_CLIENT_ID="your-github-client-id" GITHUB_CLIENT_SECRET="your-github-client-secret" # Notifications (Optional) SLACK_WEBHOOK_URL="" DISCORD_WEBHOOK_URL=""
-
Database Setup
npx prisma migrate deploy
-
Start the Application
npm run dev
The application will be available at http://localhost:4321
| Command | Action |
|---|---|
npm install |
Install dependencies |
npm run dev |
Start development server at localhost:4321 |
npm run build |
Build production application |
npm run preview |
Preview production build locally |
npm run rotate-jwt |
Rotate JWT secret key |
npx prisma studio |
Open Prisma database management UI |
npx prisma migrate dev |
Run database migrations |
-
Email/Password
- Strong password requirements
- Secure password hashing using bcrypt
- Email verification required
-
GitHub OAuth
- Secure OAuth flow
- Email verification through GitHub
- Automatic account linking
-
Password Reset
- Secure token-based reset process
- Time-limited reset tokens
- Email verification required
-
JWT Authentication
- HTTP-only cookies
- 7-day token expiration
- Automatic secret rotation
-
Data Protection
- Input sanitization
- SQL injection prevention via Prisma
- XSS protection with Astro's built-in safety
- CSRF protection
- Secure headers
To rotate the JWT secret:
npm run rotate-jwtThis will:
- Generate a new secret
- Backup the old secret
- Update the environment configuration
- Log the rotation
Regularly backup your PostgreSQL database:
pg_dump -U your-user -d your-database > backup.sqlbeneficial-binary/
├── src/
│ ├── components/ # Reusable UI components
│ ├── layouts/ # Page layouts
│ ├── lib/ # Core functionality
│ ├── pages/ # Route definitions
│ ├── styles/ # Global styles
│ └── utils/ # Helper functions
├── prisma/
│ └── schema.prisma # Database schema
├── scripts/ # Utility scripts
├── public/ # Static assets
└── tests/ # Test suites
- Create new components in
src/components - Add routes in
src/pages - Update database schema in
prisma/schema.prisma - Run migrations with
npx prisma migrate dev
MIT License
- Fork the repository
- Create your feature branch
- Commit your changes
- Push to the branch
- Create a Pull Request
Report bugs through the issue tracker with:
- Expected behavior
- Actual behavior
- Steps to reproduce
- Screenshots (if applicable)
For questions and support, please create an issue in the repository or contact the maintainers.
Email: test@example.com Password: testpass123