Chirpy API
Microblogging REST API with JWT authentication, refresh token rotation, and ownership-enforced authorization.
TypeScriptExpressPostgreSQLDrizzle ORMJWT
November 1, 2025 A RESTful HTTP server with full user authentication: JWT access tokens (1-hour expiry), 60-day refresh tokens stored in PostgreSQL, and token revocation endpoints. Implements Argon2id password hashing, ownership-enforced authorization (users can only delete their own content), and webhook security using API key authentication.
Type-safe, migration-driven schema management via Drizzle ORM with structured error handling using custom error classes and a centralized async wrapper middleware.