πŸš€ Production-Ready Blog Backend with Auth, Image Uploads, Reactions & Nested Comments β€” Built with Node.js , MongoDB & Cloudinary

Ankit RajAnkit Raj
4 min read

Table of contents

A complete and scalable backend for a modern blog platform. Built with Node.js, Express.js, and MongoDB, this backend features secure authentication, image uploads, full blog CRUD, reactions (like Facebook), and a nested comment system β€” all API-ready for frontend integration.

πŸ’‘ Why Build a Blog Platform?

Blogging is timeless β€” and while Medium, Hashnode, and Dev.to dominate the space, building one from scratch gives you full control over architecture, security, and extensibility. I designed this backend to reflect real-world engineering standards, including:

  • Clean RESTful APIs

  • Scalable architecture

  • JWT-based secure auth

  • Cloud media handling

  • Role and ownership-based restrictions

  • Logging & error tracking

Whether you’re learning backend development or planning to launch a content-driven platform β€” this backend is ready to go live.

🧠 Key Features

βœ… Secure Authentication

  • Sign Up & Login with Email and Password

  • Passwords are hashed using Bcrypt

  • JWT token generation and verification

  • Profile image upload (stored via Cloudinary)

  • Token-protected routes for all sensitive APIs

πŸ› οΈ Tech Stack

Here’s what powers the platform:

  • Node.js with Express.js

  • MongoDB + Mongoose ODM

  • JWT for token-based authentication

  • Bcrypt for password encryption

  • Multer + Cloudinary for image upload & cloud storage

  • Winston + Morgan for logging

  • Helmet, Rate Limiter, and CORS for added security

πŸ” Authentication

βœ… User Registration

  • Users can register with:

    • Email

    • Password (hashed via bcrypt)

    • Profile Image (uploaded via Multer)

  • User data is stored securely in MongoDB

πŸ”‘ Login

  • Email & password-based login

  • On successful authentication:

    • A JWT token is generated

    • Token is returned in the response for secure frontend storage (e.g., localStorage)

πŸ”’ Protected Routes

  • JWT is validated using middleware

  • Access to blog management and user-specific data is restricted to authenticated users only

🧾 Blog Management (CRUD APIs)

πŸ“Œ Create Blog

  • Endpoint to create a new blog post

  • Accepts:

    • Blog Title

    • Description

    • Blog Image (uploaded using Multer)

  • Store’s blog along with the Author reference

πŸ“₯ Read Blogs

  • Supports:

    • Pagination

    • Search by title

  • Returns all blogs with metadata (image URL, author, created date)

✏️ Update Blog

  • Only the blog owner can update

  • Uses middleware to check blog ownership before proceeding

❌ Delete Blog

  • Deletion is also ownership-protected

  • Blogs are removed from the database after verification

πŸ’¬ Comments & Replies

  • Fully nested comment system

  • Supports:

    • Create, Read, Update, and Delete on both comments and replies

  • Each comment is associated with:

    • A blog

    • A user

    • An optional parent comment (for nesting)

🎭 Facebook-Style Reactions

  • Users can react to blogs with:

    • πŸ‘ Like

    • ❀️ Love

    • πŸ˜‚ Haha

    • 😒 Sad

    • 😑 Angry

  • One user can only have one reaction per blog

  • Reaction data is stored and counted per blog

☁️ Cloudinary Integration

  • Profile and blog images are uploaded via Multer

  • Automatically stored and optimized in Cloudinary

  • Cloud URLs are returned via API responses

  • Ready for production β€” no local file dependencies

πŸ“Š Centralized Logging with Winston & Morgan

  • Morgan logs all HTTP requests

  • Winston handles application-level and error logging

  • Separate logs for success, warning, and error levels

  • All exceptions are caught via a global error handler

Ownership Checks

  • Ownership checks ensure users can only update/delete their own blogs and comments

  • Middleware-driven access control

πŸ” Scalable Route Structure

  • All routes are namespaced under /api/v1/

  • Modular controller structure with separation of concerns

  • Easy to maintain and extend as your app grows

βš™οΈ Future Improvements

  • Add blog category/tags filtering

  • Enable Socket.io-based live commenting

  • Add admin dashboard for analytics

  • Integrate email notifications (for comment replies or reactions)

πŸ’¬ Let's Talk

I'm always up for feedback, improvements, and collaboration. If you're a:

  • πŸ‘¨β€πŸ’» Developer learning backend

  • πŸš€ Startup founder building a blog platform

  • 🎯 Recruiter looking for Node.js talent

Feel free to:

πŸ‘‰ Fork the repo
πŸ‘‰ Drop a ⭐ on GitHub
πŸ‘‰ Connect with me on LinkedIn
πŸ‘‰ Or drop a comment β€” I’d love to hear from you!

✨ Closing Thoughts

This blog backend wasn’t built as a demo β€” it was built to run in production. It reflects best practices, modern tooling, and a real-world approach to building scalable, secure systems.

If you’re building a full-stack blog platform or need a solid Node.js boilerplate, feel free to explore, clone, and build on top of it.

Thanks for reading! πŸ‘‹

πŸ“Ž GitHub Repo: github.com/AnkitRaj20/blog-backend
πŸ“§ Let’s Connect: LinkedIn – Ankit Raj

1
Subscribe to my newsletter

Read articles from Ankit Raj directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Node.jsMongoDBmongooseExpress.jscloudinary

Written by

Ankit Raj
Ankit Raj