/nodite-light

A web framework with Vuetify & Express, use Typescript for everything.

Primary LanguageTypeScriptApache License 2.0Apache-2.0

Nodite Logo


README: English | 简体中文

🚀 Introduction

Nodite-Light is admin management software. It is based on vue3 and uses the UI Toolkit vuetify, using Typescript everything, no pressure for code language.

Nodite-Light has great standard features, like easy user management, locale/translation management, reliable performance, and excellent security. Some highlights include:

  • [F] Customizable: Extensive customization options with SASS/SCSS and Default configuration and Blueprints.
  • [F] Responsive Layout: The default configuration of Vuetify components is responsive, allowing your application to adapt to different screen sizes.
  • [F] Vite Support: Smaller bundle sizes with automatic tree-shaking.
  • [F] Internationalization: 42+ supported languages.
  • [B] TSOA Support: Tsoa is a TypeScript library that generates OpenAPI documentation (Swagger) based on your TypeScript code.
  • [B] Express Support: ExpressJS framework with TypeScript on the board.
  • 🏇 minified and optimized code for production build.
  • ♻️ Live reload
  • 🏄 And many more...

Browser Support

Nodite-Light supports all modern browsers, including Safari 13+ (using polyfills). Components are designed for a minimum width of 320px.

Security best practices

  1. Embracing linter security rules The project eslint-plugin-security helps to identify potential security hotspots.

  2. Disable the header X-Powered-By Your application won't show that was developed using Express.js, preventing to send this info to attackers.

  3. Use environment variables to store SECRETS Very popular and good practice. We should use the package dotenv in order to use .env files in our application

  4. Limit concurrent requests using a middleware: express-rate-limit From the NGINX blog: Rate limiting can be used for security purposes, for example to slow down brute‑force password‑guessing attacks. It can help protect against DDoS attacks by limiting the incoming request rate to a value typical for real users, and (with logging) identify the targeted URLs. More generally, it is used to protect upstream application servers from being overwhelmed by too many user requests at the same time.

  5. Adjust the HTTP response headers for enhanced security Your application should be using secure headers to prevent attackers from using common attacks like cross-site scripting (XSS), clickjacking and other malicious attacks. These can be configured easily using modules like helmet.

  6. Avoid using the Node.js crypto library for handling passwords, use Bcrypt We're using bcrypt.js for users passwords. This package offer an optimized implementation of Bcrypt for JavaScript and is widely trusted and used over the Internet.

🖥️ Documentation (coming soon...)

To check out the docs, visit https://docs.nodite.com/nodite-light

🌍 Example (coming soon...)

📝 Changelog (coming soon...)

Detailed changes for each release are documented in the release notes.

💖 Supporting Nodite-Light

The Nodite-Light is open source software that is developed and maintained part-time by Oscaner.

Anyone can download, use, work on, and share it with others. It's built on principles like collaboration, globalism, and innovation. It's distributed under the terms of the Apache-2.0. There are no licensing fees, ever. Nodite-Light will always be free.

If you find this project useful, please buy me a coffee. Really thanks!!!

This project exists thanks to all the people who contribute 😍!