← All Projects

Chirpy API

Microblogging REST API with JWT authentication, refresh token rotation, and ownership-enforced authorization.

TypeScriptExpressPostgreSQLDrizzle ORMJWT
November 1, 2025

A RESTful HTTP server with full user authentication: JWT access tokens (1-hour expiry), 60-day refresh tokens stored in PostgreSQL, and token revocation endpoints. Implements Argon2id password hashing, ownership-enforced authorization (users can only delete their own content), and webhook security using API key authentication.

Type-safe, migration-driven schema management via Drizzle ORM with structured error handling using custom error classes and a centralized async wrapper middleware.