{
"$type": "site.standard.document",
"bskyPostRef": {
"cid": "bafyreige5evyhxktimry5nir2txqplkbo6i2weih3z5od3zdkgy5k3it5u",
"uri": "at://did:plc:25rdn5elo5izoxrmtis34zuk/app.bsky.feed.post/3mp73o7i5hhm2"
},
"coverImage": {
"$type": "blob",
"ref": {
"$link": "bafkreigkrjg4yzhcgdfzqbbv3leymiggfz4o4hzt2pt2hwygpkm7fauj6m"
},
"mimeType": "image/webp",
"size": 297908
},
"path": "/setahirbaloch/build-your-api-not-your-boilerplate-15j4",
"publishedAt": "2026-06-26T13:36:51.000Z",
"site": "https://dev.to",
"tags": [
"node",
"backend",
"api",
"https://github.com/setahirbaloch/backend-starter",
"https://linkedin.com/in/setahirbaloch"
],
"textContent": "🚀 After building backend projects repeatedly, I realized I was solving the same infrastructure problems every time.\n\nBefore writing a single business feature, I had to configure:\n\n• TypeScript\n• Express\n• Prisma\n• PostgreSQL\n• JWT Authentication\n• Email verification\n• Password reset\n• Two-Factor Authentication (2FA)\n• CSRF Protection\n• Role-based Authorization\n• Rate Limiting\n• Security Headers\n• Input Validation\n• Project Structure\n\nIt quickly became repetitive.\n\nSo I started building **Backend Starter**.\n\nA production-ready Express.js starter that lets you focus on building products instead of setting up infrastructure.\n\n### What's included?\n\n🔐 **Authentication**\n• JWT Access & Refresh Tokens\n• HTTP-only Cookies\n• Email Verification\n• Password Reset\n• Change Email\n• Change Password\n• Two-Factor Authentication (2FA)\n\n🛡️ **Security**\n• CSRF Protection\n• Helmet\n• Express Rate Limit\n• Zod Validation\n• bcrypt Password Hashing\n• Refresh Token Rotation\n\n👥 **User Management**\n• Registration\n• Profile Management\n• Device Sessions\n• Login History\n• Account Deletion\n\n👨💼 **Admin Features**\n• User Management\n• Role Management\n• Account Status Management\n• Login History\n\n⚡ **Developer Experience**\n• TypeScript\n• Prisma ORM\n• PostgreSQL\n• Biome\n• Husky Git Hooks\n• Environment Example Generator\n• Postman Collection\n• Clean Project Structure\n\nThis is only the beginning.\n\n### Next on the roadmap\n\n• OAuth (Google & GitHub)\n• Redis\n• Docker Compose\n• Swagger / OpenAPI\n• Background Jobs\n• File Upload Module\n\nThe project is completely open source, and I'd genuinely appreciate feedback from the community.\n\n⭐ If you find it useful, consider giving it a star or contributing.\n\nGitHub:\nhttps://github.com/setahirbaloch/backend-starter\n\nLinkedin:\nhttps://linkedin.com/in/setahirbaloch\n\nWhat feature do you think every production-ready backend starter should include?",
"title": "Build your API, not your boilerplate."
}