Skip to content
/ instagram-backend-api Public

A backend API for an Instagram clone built with Express.js and TypeScript, supporting user authentication, posts, likes, comments, and follows.

2 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

pxycknomdictator/instagram-backend-api

BranchesTags

Repository files navigation

Express.js API Documentation πŸš€

Express.js Logo
NPM Version GitHub Stars License
Fast, unopinionated, minimalist web framework for Node.js ⚑️

Overview πŸ“–

This document outlines the API routes for an Express.js-based web application, using the base path http://localhost:<port>/api/v1. The API supports core social media features, including user authentication, posts, comments, likes, stories, user profiles, and real-time private messaging and notifications.

API Routes

All routes require the base path http://localhost:<port>/api/v1. Endpoints marked with πŸ”’ require a valid JWT token in the Authorization header (e.g., Bearer <token>).

Authentication Routes πŸ”

Method Endpoint Description Authentication
POST /login Authenticate user with credentials πŸ§‘β€πŸ’» None
POST /signup Register a new user account πŸ“ None
POST /renew-tokens Refresh user authentication tokens πŸ”„ None
GET /logout Log out user πŸšͺ πŸ”’ Required
POST /account/forgot-password Request a password reset link πŸ”‘ None
POST /account/reset-password Reset user password πŸ”’ None
GET /account/reset-password-form Display password reset form πŸ“„ None
GET /account/verify-email Verify email address via link πŸ“§ None
POST /account/verify-email Send verification email πŸ“§ πŸ”’ Required
POST /account/verify-by-code Verify email using a code πŸ“¨ None
DELETE /account/delete Delete user account πŸ—‘οΈ πŸ”’ Required

Posts Routes πŸ“Έ

Method Endpoint Description Authentication
GET /posts Retrieve all posts πŸ“œ None
POST /posts Create post (single file: post) πŸ–ΌοΈ πŸ”’ Required
GET /posts/:postId Retrieve specific post πŸ” None
DELETE /posts/:postId Delete post πŸ—‘οΈ πŸ”’ Required

Comments Routes πŸ’¬

Method Endpoint Description Authentication
GET /comments Retrieve all comments πŸ—£οΈ None
POST /comments Create comment ✍️ πŸ”’ Required
PATCH /comments/:commentId Update comment πŸ“ πŸ”’ Required
DELETE /comments/:commentId Delete comment πŸ—‘οΈ πŸ”’ Required

Likes Routes ❀️

Method Endpoint Description Authentication
POST /likes Add like πŸ‘ πŸ”’ Required
DELETE /likes/:postId Remove like πŸ‘Ž πŸ”’ Required

Stories Routes πŸ“Ή

Method Endpoint Description Authentication
POST /stories Upload story (single file: story) πŸŽ₯ πŸ”’ Required
GET /stories/:storyId Retrieve specific story πŸ“Ί None
PATCH /stories/:storyId/view Increment story views πŸ‘€ None
DELETE /stories/:storyId Delete specific story πŸ—‘οΈ πŸ”’ Required
DELETE /stories Delete all user stories πŸ—‘οΈ πŸ”’ Required

User Profile Routes πŸ§‘

Method Endpoint Description Authentication
GET /profile/:username Retrieve user profile by username πŸ‘€ None
GET /profile/current-user Retrieve current user profile πŸͺž πŸ”’ Required
PATCH /account/edit Update user settings βš™οΈ πŸ”’ Required
PATCH /profile/avatar Update avatar (single file: avatar) πŸ–ΌοΈ πŸ”’ Required
DELETE /profile/avatar Remove avatar πŸ—‘οΈ πŸ”’ Required
PUT /profile/change-password Change password πŸ”’ πŸ”’ Required
POST /profile/:userId/follow Follow user βž• πŸ”’ Required
DELETE /profile/:userId/unfollow Unfollow user βž– πŸ”’ Required
GET /profile/:username/followers Retrieve user's followers πŸ‘₯ None
GET /profile/:username/following Retrieve user's following list πŸ‘₯ None

Messages Route πŸ“©

Method Endpoint Description Authentication
GET /messages/:username Retrieve conversations for a user πŸ“¬ πŸ”’ Required
DELETE /messages/:messageId remove message from database πŸ—‘οΈ πŸ”’ Required

Health Check Route 🩺

Method Endpoint Description Authentication
GET /health Check API health βœ… None

Route Details

  • Authentication Routes:
    • Handle user login, signup, token refresh, logout, and account management (password reset, email verification, account deletion).
    • Example: POST /login expects { email, password } and returns JWT tokens.
  • Posts Routes:
    • Manage social media posts, including creation (with file upload), retrieval, and deletion.
    • Example: POST /posts requires a multipart form with a post file.
  • Comments Routes:
    • Allow users to view, create, update, or delete comments on posts.
    • Example: POST /comments expects { text: string }.
  • Likes Routes:
    • Enable liking and unliking posts.
    • Example: POST /likes expects { postId: string }.
  • Stories Routes:
    • Support story uploads, views, and deletions.
    • Example: POST /stories requires a multipart form with a story file.
  • User Profile Routes:
    • Manage user profiles, avatars, passwords, and follow/unfollow actions.
    • Example: PATCH /profile/avatar requires a multipart form with an avatar file.
  • Messages Route:
    • Retrieve private conversations between the authenticated user and a specified user.
    • Middleware: validateAuth ensures JWT authentication.
    • Example: GET /messages/johndoe returns [{ id: 1, recipient: "johndoe", message: "Hello!", timestamp: "2025-05-16T12:13:00Z" }, ...].
  • Health Check Route:
    • Verify API availability.
    • Example: GET /health returns { status: "OK" }.

Error Handling

  • 400 Bad Request: Invalid request body or parameters.
  • 401 Unauthorized: Missing or invalid JWT token.
  • 404 Not Found: Resource (e.g., post, user) not found.
  • 500 Internal Server Error: Unexpected server issues.

Real-Time Private Messaging and Notifications πŸ“‘

The API supports real-time private messaging and notifications to enable instant communication between users. Private messaging allows users to send and receive messages in real time, with messages stored in MongoDB for persistence. Notifications are triggered for events like new messages, likes, follows, or other interactions.

Features

  • Private Messaging: Users can join private conversation rooms and exchange messages instantly. Messages are saved in MongoDB for chat history retrieval.
  • Notifications: Real-time alerts for new messages, likes, follows, or other interactions, with RESTful routes for managing notification state.
  • Security: All real-time interactions require JWT authentication to ensure only authorized users can send or receive messages and notifications.

Setup with Docker Compose 🐳

Prerequisites πŸ“‹

Configuration βš™οΈ

The compose.yml defines the service configuration for the API and MongoDB.

Environment Setup 🌐

  1. Create a .env file in the project root to configure environment variables. Example: 
    NODE_ENV=development
PORT=3000
DATABASE_URL=mongodb://mongodb:27017/instagram
ARGON2_ROUND=10
JWT_ACCESS_TOKEN_SECRET_KEY=your_access_secret
JWT_REFRESH_TOKEN_SECRET_KEY=your_refresh_secret
JWT_ACCESS_TOKEN_EXPIRY_TIME=1d
JWT_REFRESH_TOKEN_EXPIRY_TIME=7d
CLOUDINARY_CLOUD_NAME=your_cloud_name
CLOUDINARY_API_KEY=your_api_key
CLOUDINARY_API_SECRET=your_api_secret
RESEND_API_KEY=your_resend_api_key
CLIENT_ORIGIN=http://localhost:3000
    Ensure sensitive information like RESEND, CLOUDINARY, and JWT secrets is securely generated and stored. πŸ”

Getting Started πŸš€

  1. Clone repository: 
    git clone https://github.com/pxycknomdictator/instagram-backend-api.git
cd instagram-backend-api
  2. Install dependencies: 
    npm install
  3. Create and configure the .env file as described above. πŸ“
  4. Start services: 
    docker-compose up

License πŸ“œ

This project is licensed under the MIT License. See the LICENSE file for details.

About

A backend API for an Instagram clone built with Express.js and TypeScript, supporting user authentication, posts, likes, comments, and follows.

Topics

nodejs docker typescript mongodb docker-compose cloudinary resend

Resources

Readme
Activity

Stars

2 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages