Hi everyone,
I'm excited to share a project I've been working on: Core-X.
As Backend developers, we often spend the first few days of any project setting up the same repetitive structure: Security headers, Auth middleware, Logging, and Input validation. Core-X is designed to solve this pain point.
It is a production-ready Node.js + Express + Supabase boilerplate that comes pre-configured with industry-standard security practices, allowing you to focus immediately on building your APIs and Database schemas.
ðĨ Key Features:
ðĄïļ Stateless CSRF Protection: Implements the "Double Submit Cookie" pattern (No legacy/deprecated libraries).
⥠Supabase Integration: Optimized middleware for Auth & Token management.
ðŠĪ Built-in WAF Lite: Auto-detects and blocks malicious payloads (SQLi, XSS) via a custom Security Validator.
ð Advanced Logging: Centralized logging system using Winston (with daily rotation).
â
Type-Safe Validation: Full Zod integration for request validation.
â ïļ Status: The project is currently under active development.
I would love to get your feedback on the architecture and security implementation. Contributions and Code Reviews are highly welcome!
ð Repository: https://github.com/Ymzerotwo/Core-X
If you find it useful, please consider giving it a Star âïļ on GitHub!
Top comments (0)