Hi everyone,
I'm excited to share a project I've been working on: Core-X.
As Backend developers, we often spend the first few days of any project setting up the same repetitive structure: Security headers, Auth middleware, Logging, and Input validation. Core-X is designed to solve this pain point.
It is a production-ready Node.js + Express + Supabase boilerplate that comes pre-configured with industry-standard security practices, allowing you to focus immediately on building your APIs and Database schemas.
🔥 Key Features:
🛡️ Stateless CSRF Protection: Implements the "Double Submit Cookie" pattern (No legacy/deprecated libraries).
⚡ Supabase Integration: Optimized middleware for Auth & Token management.
🪤 Built-in WAF Lite: Auto-detects and blocks malicious payloads (SQLi, XSS) via a custom Security Validator.
📝 Advanced Logging: Centralized logging system using Winston (with daily rotation).
✅ Type-Safe Validation: Full Zod integration for request validation.
⚠️ Status: The project is currently under active development.
I would love to get your feedback on the architecture and security implementation. Contributions and Code Reviews are highly welcome!
🔗 Repository: https://github.com/Ymzerotwo/Core-X
If you find it useful, please consider giving it a Star ⭐️ on GitHub!
Top comments (0)