Chirpy is a lightweight, scalable social media API server built with Go and PostgreSQL, inspired by Twitter. Developed as part of the Boot.dev server-building course, this project demonstrates robust, production-ready backend practices, including secure authentication, database migrations, JWT handling, and RESTful API design.
- User Authentication: Secure signup, login, and JWT token management.
- Secure Endpoints: Protect endpoints with JWT authentication and refresh tokens.
- Chirp Management: Post, retrieve, filter, sort, and delete chirps (tweets).
- Webhook Integration: Upgrade user statuses securely via webhook events from third-party services (e.g., Polka).
- Refresh Tokens: Issue and revoke refresh tokens securely stored in PostgreSQL.
- Advanced Queries: Sort and filter chirps by creation date and author ID.
- Admin Metrics: Monitor and reset application metrics (development only).
Chirpy serves as an excellent example for anyone looking to understand:
- How to build secure RESTful APIs using Go.
- JWT authentication and secure handling of user sessions.
- Managing database migrations using Goose.
- Clean, maintainable Go project structure.
- Integration and security best practices for webhooks and API keys.
Whether you're learning backend development or building your own Go APIs, Chirpy provides a solid foundation to learn from and extend.
- Go (1.24+)
- PostgreSQL
- JWT (golang-jwt)
- bcrypt for password hashing
- Goose for database migrations
- SQLC for type-safe queries
- dotenv for managing environment variables
git clone https://github.com/YOUR_USERNAME/chirpy.git
cd chirpyCreate a .env file in your project's root:
DB_URL=your_postgres_db_url
JWT_SECRET=your_jwt_secret
POLKA_KEY=your_polka_api_key
PLATFORM=devGenerate a strong secret for JWT and Polka:
openssl rand -base64 64Polka is used to demonstrate webhooks and isn't a real provider so use any generated API key in the env)
goose postgres "$DB_URL" upgo mod tidy
go build -o out && ./outServer runs on http://localhost:8080
POST /api/users- Create userPUT /api/users- Update user's email/passwordPOST /api/login- User login, returns JWT & refresh tokenPOST /api/refresh- Refresh JWT using refresh tokenPOST /api/revoke- Revoke refresh token
POST /api/chirps- Create chirpGET /api/chirps- Retrieve all chirps (supports filtering and sorting)GET /api/chirps/{chirpID}- Retrieve chirp by IDDELETE /api/chirps/{chirpID}- Delete chirp by ID (authenticated)
POST /api/polka/webhooks- Upgrade user to "Chirpy Red" status (requires API key)
GET /admin/metrics- Display metricsPOST /admin/reset- Reset metrics and delete all users (dev only)
Chirpy was created following the Boot.dev HTTP Server course, which provides comprehensive guidance on building production-ready web servers.
Happy chirping! 🐤