Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/pvnm4/Social-Media-Backend/llms.txt

Use this file to discover all available pages before exploring further.

Social Media Backend is a RESTful API built with FastAPI and PostgreSQL that provides the core infrastructure for a social media platform. It exposes endpoints for user registration and authentication, full CRUD management of posts, and an up/down voting system for posts. All business logic is backed by a PostgreSQL database accessed through SQLAlchemy ORM, database migrations are handled by Alembic, configuration is managed via pydantic-settings, passwords are hashed with passlib/bcrypt, and stateless session management is implemented using PyJWT Bearer tokens.

What this API provides

Authentication

Issue JWT Bearer tokens via POST /login using form-encoded credentials. Tokens carry the authenticated user’s ID and expire after a configurable number of minutes.

Users

Register new accounts with POST /users/ and retrieve any user’s public profile by ID with GET /users/{id}. Passwords are always stored as bcrypt hashes — never in plain text.

Posts

Create, read, update, and delete posts. All list and single-post responses include an aggregated vote count. Posts support pagination via limit and skip, and keyword filtering via search.

Votes

Cast or retract a vote on any post with POST /vote. Set dir: 1 to add a vote and dir: 0 to remove it. Each user may hold at most one vote per post.

Project structure

All application code lives inside the app/ package. The entry point registered with Uvicorn is app.main:app. 
app/
├── __init__.py
├── main.py          # FastAPI app, CORS middleware, router registration
├── config.py        # pydantic-settings Settings class
├── database.py      # SQLAlchemy engine, session, Base
├── models.py        # ORM models: Post, User, Vote
├── schemas.py       # Pydantic schemas for request/response
├── oauth2.py        # JWT creation and verification
├── utils.py         # bcrypt hashing helpers
└── routers/
    ├── auth.py      # POST /login
    ├── post.py      # GET/POST/PUT/DELETE /posts
    ├── user.py      # POST/GET /users
    └── vote.py      # POST /vote
The main.py entry point configures CORS to accept requests from any origin and then mounts each router: 
from fastapi import FastAPI
from fastapi.middleware.cors import CORSMiddleware
from .routers import post, user, auth, vote

app = FastAPI()

origins = ["*"]

app.add_middleware(
    CORSMiddleware,
    allow_origins=origins,
    allow_credentials=True,
    allow_methods=["*"],
    allow_headers=["*"],
)

app.include_router(post.router)
app.include_router(user.router)
app.include_router(auth.router)
app.include_router(vote.router)

Key dependencies

PackageRole
FastAPIWeb framework — routing, dependency injection, automatic OpenAPI docs
SQLAlchemyORM and database query layer for PostgreSQL
AlembicDatabase migration tool for schema versioning
pydantic-settingsEnvironment variable loading and validation via Settings class
PyJWTJWT creation (oauth2.create_access_token) and verification (oauth2.get_current_user)
passlib[bcrypt]Password hashing (utils.hash) and verification (utils.verify)
psycopg2PostgreSQL driver used by SQLAlchemy
uvicornASGI server for running the FastAPI application
python-multipartEnables form-encoded request bodies required by OAuth2PasswordRequestForm

Authentication requirement

All endpoints except POST /login and POST /users/ require a valid JWT Bearer token in the Authorization header. Tokens are obtained by calling POST /login with your email and password. Requests with a missing or invalid token receive a 401 Unauthorized response.
Authorization: Bearer <your_access_token>

Build docs developers (and LLMs) love

Get started for freeTalk to us