You need to install:
NVM
is perfect way to perform this)npm install --global yarn
)To start development you need to:
Docker
with docker-compose
(in project directory run docker compose up --detach
)yarn dev
There are two pages types public
and private
. private
pages are available only after login by /login
route.
Name | Route | Type | Sense |
---|---|---|---|
Error | Any | public | Any errored page |
Home | / | public | Home page |
Category | /category/[:slug] | public | All articles of category |
Tag | /tag/[:slug] | public | All articles of tag |
Article | /post/[:slug] | public | To display content of the article |
Project | /project | public | Some words about website structure |
About | /about | public | Some words about me |
Login | /login | public | Page to log in |
Manage Tags | /manage/tags | private | Page to manage tags |
Manage Categories | /manage/categories | private | Page to manage categories |
Unpublished Articles | /manage/unpublished | private | Page to manage unpublished articles |
New Article | /manage/new-article | private | Create an article and redirect to edit |
Edit Article | /edit/[:id] | private | Route with form for article |
Check and Publish | /preview/[:id] | private | Page to check article and publish it |
All public pages exist to display content to the user, and therefore do not contain any special actions other than navigation.
The page to manage tags. Here you can add, edit and delete any tag. The slug is part of the link, so editing it directly affects the site's SEO.
Important. It is more convenient to create tags from the new/manage article page. All tags added to the form will be automatically created in the system.
You can do add, edit and delete for categories as well.
If you delete a category with attached articles, then all articles will become out of categories.
You can create a new category on the article edit page.
Initially, an article is created by clicking the Add button. It is created empty and can be viewed in the unpublished section.
While editing an article, its auto-save is triggered. You can see it by notification.
Once you've finished editing, you go to the Preview Page. It allows you to evaluate what the new article will look like. In addition, on the same page, basic validation of all fields is carried out, and if you forgot something, it will be highlighted for you. However, validation does not block publication. You can even publish a completely blank article.
Once an article is published, it appears in the list of articles on the Home Page. Articles on the Home Page are sorted based on the date the article was created (you can also edit it).
Going to the article, of course, its content is visible. But, by clicking on the big pencil, the article will be removed from publication, and you will be moved to the editing page.
Authorization is based on four environment variables:
ADMIN_LOGIN
and ADMIN_PASSWORD
login and password for logging inADMIN_SECRET
- an alternative to the user IDCOOKIE_SECRET
- a secret with which cookies are encrypted
Basically, the administrator enters the login and password, and in response receives a cookie with an encrypted ADMIN_SECRET
. The cookie is valid for a week (this setting is set via constants).
All user encryption and decryption is located in server/utils/cookie.ts
Initially, when any user enter the site, a request is sent to the server for the route /auth/me
. If the user has a cookie set, the user data will return and be set in the store. Then the application can determine what information to display to the user.
route-access.global.ts
and if the user tries to open any admin page, but has not logged in to the site, he will be redirected to /login
protected-routes.ts
and if a user without rights tries to make any request, he will receive a 401
error in response. This error is processed by fetch-interceptor.ts
. It kicks the user off the page to /login
, while saving in the address bar where the user was kicked from. So that in the future, if the user logs in again, he will be redirected to the correct page.To eliminate the possibility of hacking, as well as to protect the application from other attacks, the nuxt-security
module is installed. Requests rate is configured in nuxt.config