Skip to content
/ PBsource Public

Barebone full-stack scaffold for internal use — Express + React (Vite), JWT auth, SQLite.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Samster101/PBsource

BranchesTags

Repository files navigation

PB Source

This is a barebone/scaffold made for internal use. It provides a minimal full-stack setup to extend with your own features—auth, protected routes, and a simple API are included so you can focus on product logic.

Overview

A full-stack application with a Node.js (Express) backend and a React (Vite) frontend. Includes cookie-based JWT authentication, CSRF protection, SQLite persistence, and role-based access (e.g. admin vs user).

Layer Stack
Backend Node.js, Express 5, SQLite3, JWT, cookie-parser, CORS
Frontend React 19, Vite 7, React Router 7
Auth httpOnly cookies, short-lived access tokens, optional CSRF

Repository structure

.
├── server.js           # Express API, auth, DB
├── create_admin.js     # Script to create an admin user
├── data.sqlite         # SQLite DB (created at first run)
├── auth.db             # (if used) alternate auth store
├── .env                # Backend env (see below)
├── package.json        # Backend dependencies & scripts
└── PBsite/             # React frontend
    ├── src/
    │   ├── main.jsx
    │   ├── App.jsx
    │   ├── api.js      # API client (CSRF, secure fetch)
    │   ├── AuthContext.jsx
    │   ├── ProtectedRoute.jsx
    │   ├── Layout.jsx, Navbar.jsx
    │   ├── Login.jsx, CreateLogin.jsx
    │   ├── AdminUsers.jsx, ContentEntry.jsx, HomePage.jsx
    │   └── css/
    ├── package.json
    └── vite.config.*

Prerequisites

  • Node.js 18+ (LTS recommended)
  • npm (or yarn/pnpm)

Quick start

1. Clone and install

git clone https://github.com/Samster101/PBsource.git
cd PBsource
npm install
cd PBsite && npm install && cd ..

2. Environment

Create a .env in the repo root (see variables below). In production, set a strong JWT_SECRET.

Variable Description Default (dev)
JWT_SECRET Secret for signing JWTs (set in .env)
PORT Backend port 3000
CLIENT_ORIGIN Allowed CORS origin (frontend) http://localhost:5173
NODE_ENV development / production development

3. Create an admin user (optional)

node create_admin.js
# Follow prompts for username/password.

4. Run backend and frontend

Terminal 1 – API:

npm run dev
# or: npm start

Terminal 2 – Frontend:

cd PBsite
npm run dev

Scripts

Where Command Description
Root npm run dev Backend with nodemon
Root npm start Backend (node)
PBsite npm run dev Vite dev server
PBsite npm run build Production build
PBsite npm run preview Preview production build

API overview

  • Auth: login (sets httpOnly cookie), logout, optional CSRF endpoint (/csrf).
  • Protected routes: frontend uses ProtectedRoute and api.js secureFetch() with credentials; backend validates JWT from cookie (and CSRF when enabled).
  • Data: SQLite in data.sqlite; users table with name, hash, role. Extend with more tables and routes in server.js as needed.

Security notes (for production)

  • Set a long, random JWT_SECRET and never commit it.
  • Use NODE_ENV=production and HTTPS; ensure CLIENT_ORIGIN matches your frontend URL.
  • Consider replacing the dev hash in makeHash() with bcrypt/scrypt (bcrypt is already in dependencies).
  • Keep dependencies updated (npm audit, upgrades).

License

Internal use only. All rights reserved.

About

Barebone full-stack scaffold for internal use — Express + React (Vite), JWT auth, SQLite.

Topics

javascript boilerplate jwt express reactjs sqlite scaffold fullstack cookie-based-auth

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages