A full-stack blogging platform built with React and Supabase that allows users to create, manage, and publish blog posts while enforcing secure, user-level data ownership and public read-only access.
The system supports:
- Google OAuth authentication
- Author-specific content management
- Public blog feed
- Full article view
- Search by title
- Secure backend access using PostgreSQL Row Level Security (RLS)
- User signs in using Google OAuth
- Supabase creates an authenticated session
- On first login, a profile is created in the
profilestable - The user is redirected to
/dashboard - All subsequent requests include the user’s identity
| Column | Purpose |
|---|---|
| id | Links to Supabase Auth user |
| full_name | User’s name from Google profile |
| created_at | Account creation time |
| Column | Purpose |
|---|---|
| id | Unique post ID |
| title | Post title |
| content | Full article text |
| author_id | Owner of the post |
| published | Public or private |
| created_at | Creation time |
| updated_at | Last modified |
The database enforces:
-
Public users
Can read only posts wherepublished = true -
Authenticated users
Can create, update, and delete only their own posts
This prevents:
- Editing someone else’s content
- Viewing private drafts
- Bypassing UI restrictions
| Route | Access | Purpose |
|---|---|---|
/ |
Public | Browse published blog posts |
/posts/:id |
Public | Read full article |
/login |
Public | Google OAuth login |
/dashboard |
Authenticated | Manage your posts |
The public feed supports search by title, implemented using database-level queries for performance and accuracy.
Public Feed — Before Login
Public Feed — After Login
Post Detail View
Dashboard
Login Page
