SecureBlog is a role-based access control (RBAC) blogging application designed for secure user authentication, authorization, and role-specific access to resources. The app ensures that roles like Admin, Editor, and Viewer have precise permissions tailored to their responsibilities, providing a streamlined and secure blogging platform.
Framework: Django Rest Framework
Database: SQLite
Tools: Postman for API testing, Swagger for API documentation
Authentication: JWT (JSON Web Token)
Role-Based Access Control (RBAC):
Admin: Permissions: Full control over the application. Admin can create, view, update, and delete any blog post. Can perform CRUD operations on all users’ blog posts.
Editor: Permissions: Can create, view, update, and delete only their own posts. Can view all posts but can only interact with their personal blog posts.
Viewer: Permissions: Only authorized to view posts and cannot modify them.
- Clone the repository:
git clone https://github.com/aditya-Kumar421/secureBlog.gitTo run the server, you need to have Python installed on your machine. If you don't have it installed, you can follow the instructions here to install it.
- Install and Create a virtual environment:
python -m venv env- Activate the virtual environment
For Windows: env\Scripts\activate
For iOS:source env/bin/activate
cd blogapp- Install the dependencies:
pip install -r requirements.txt- Set Up Database:
python manage.py migrate
- Run the Development Server:
python manage.py runserver
- Access the Endpoints:
http://127.0.0.1:8000/swagger/
http://127.0.0.1:8000/redoc/
The API endpoints for SecureBlog are fully documented and can be accessed through Swagger UI.
You can view the interactive API documentation and try out the endpoints by visiting the Swagger URL:
http://127.0.0.1:8000/swagger/