🧠 Integrate Full-Text Search with Fuzzy Matching Using Fuse.js
Description:
Enhance the search experience by integrating Fuse.js for full-text fuzzy matching across blog titles, content, and tags. This will help users find posts even with typos or partial matches.
Expected Behavior:
- Real-time dynamic filtering of blog posts based on the search input.
- Should support fuzzy matching (e.g., “javscrpt” matches “JavaScript”).
- Should search across multiple fields:
title, tags, content.
- (Optional) Highlight matched text in results.
Possible Implementation Suggestions:
- Use Fuse.js on the frontend.
- Assign weights to fields (e.g., title: 0.5, content: 0.3, tags: 0.2).
- Debounce input to improve performance.
Labels: enhancement, advanced, search-enhancement, ux
📝 Add Markdown Editor with Live Preview for Blog Post Creation
Description:
Improve the blog post creation experience by replacing the plain textarea with a Markdown editor that supports real-time preview. This will allow authors to write cleanly formatted posts with headers, code blocks, and more.
Expected Behavior:
- Markdown input panel with syntax highlighting.
- Real-time rendered preview pane beside the editor.
- Support for basic formatting (headings, bold, italic), lists, and code blocks.
- Sanitize output to prevent XSS vulnerabilities.
Possible Implementation Suggestions:
- Use packages like
react-mde, simplemde, or react-markdown.
- Store Markdown in the database and render it dynamically.
- Ensure the preview renderer is safe and secure.
Labels: enhancement, markdown-support, editor-upgrade, advanced-feature
🔒 Implement Role-Based Access Control (RBAC) for Admin and User Routes
Description:
Introduce Role-Based Access Control (RBAC) to restrict access to sensitive routes and actions. Currently, there's no differentiation between normal users and admins, which is a critical security risk.
Expected Behavior:
- Admins can create, edit, and delete any post.
- Normal users can only view and possibly create/edit their own content.
- Protect routes both on the frontend and backend.
- Unauthorized access should result in a
403 Forbidden error.
Possible Implementation Suggestions:
- Add a
role field (user, admin) in the user model.
- Use JWT/session-based auth to store and verify roles.
- Create middleware on the backend to protect sensitive routes.
- Conditionally render frontend elements based on role.
Why It’s Critical:
Without RBAC, any authenticated user might exploit admin routes, leading to security breaches, content manipulation, or data loss.
Labels: critical, security, backend, access-control, urgent
🧠 Integrate Full-Text Search with Fuzzy Matching Using Fuse.js
Description:
Enhance the search experience by integrating Fuse.js for full-text fuzzy matching across blog titles, content, and tags. This will help users find posts even with typos or partial matches.
Expected Behavior:
title,tags,content.Possible Implementation Suggestions:
Labels:
enhancement,advanced,search-enhancement,ux📝 Add Markdown Editor with Live Preview for Blog Post Creation
Description:
Improve the blog post creation experience by replacing the plain textarea with a Markdown editor that supports real-time preview. This will allow authors to write cleanly formatted posts with headers, code blocks, and more.
Expected Behavior:
Possible Implementation Suggestions:
react-mde,simplemde, orreact-markdown.Labels:
enhancement,markdown-support,editor-upgrade,advanced-feature🔒 Implement Role-Based Access Control (RBAC) for Admin and User Routes
Description:
Introduce Role-Based Access Control (RBAC) to restrict access to sensitive routes and actions. Currently, there's no differentiation between normal users and admins, which is a critical security risk.
Expected Behavior:
403 Forbiddenerror.Possible Implementation Suggestions:
rolefield (user,admin) in the user model.Why It’s Critical:
Without RBAC, any authenticated user might exploit admin routes, leading to security breaches, content manipulation, or data loss.
Labels:
critical,security,backend,access-control,urgent