HylibCMS - ReactJS

[Laxus]

CMS developed using ReactJS and NodeJS as back end server and authentication with JWT (JSON Web Token). You will need to create a reverse proxy to use the backend as node js runs on port other than 80 and 443. (on localhost you don't need to, just edit the apiUrl to localhost:3333).


It is easily edited, in the configuration.json file it has practically all styles of colors and images. Find for "cmsStyles".

- CMS has multi languages, including: BR, EN-US, ES


Is it compatible with Comet Emulator.


If you liked the content, favorite it on github.

Previews:
GIF: https://gyazo.com/ee6886408f685b4996e8febf037f88b3
Demo Online: https://lella.com.br

Join the discord community to ask questions and see all new updates:
https://discord.gg/QKQqH4bKpJ

Download:
https://github.com/TheLaxus/Hylib
https://github.com/TheLaxus/HylibServer

Use branch dev

I am open for suggestions and improvements. It's just the first version.

 

[LeChris]

Very nice codebase :thumbup:

 

[Diddy]

I quite like the design also.
If I had to do one thing to it I'd lazy load the relevant parts to make them appear on the page as you click it and not have to wait for it to load.
Quality release though!

 

[oddzag]

Cool project bro, keep up the good work

 

[James]

The CMS looks cool! Why JWT though? Wouldn’t oAuth or session authentication be better for security? Just curious, I know JWT is very popular.

 

[Jmandupree]

Looking around to see what has changed the last few years.. this look fun!

 

[Bergthor]

The CMS looks cool! Why JWT though? Wouldn’t oAuth or session authentication be better for security? Just curious, I know JWT is very popular.

There is little advantage to either these days. JWT is a more modern approach. The real benefit lies in storage where JWT is a form of stateless authentication, you do not need to store the session data you just send a token with the request header. Since the client can access the token it's possible to implement systems to warn the user of login expiry etc.. it's also easier to implement mobile related login such as fingerprint login (not that this is relevant to this project)

Quickly looked at the demo site, when changing language to English the login error message remains in ?portuguese

There seems to be some good security measures in the source code

//add user ip in token for future security check
                                const token = generateToken({ id: player.id, ip: requestIp.getClientIp(req) })
                                return res.status(200).json({ status_code: 200, token: token, user: userArray[0] });

 

[James]

There is little advantage to either these days. JWT is a more modern approach. The real benefit lies in storage where JWT is a form of stateless authentication, you do not need to store the session data you just send a token with the request header. Since the client can access the token it's possible to implement systems to warn the user of login expiry etc.. it's also easier to implement mobile related login such as fingerprint login (not that this is relevant to this project)

Quickly looked at the demo site, when changing language to English the login error message remains in ?portuguese

There seems to be some good security measures in the source code

//add user ip in token for future security check
                                const token = generateToken({ id: player.id, ip: requestIp.getClientIp(req) })
                                return res.status(200).json({ status_code: 200, token: token, user: userArray[0] });

I only asked because I was always under the impression JWT was more for secure/quick access to REST apis whereas in something like a cms with long term security it would make more sense to use session management but honestly I don’t know too much about it, I’ve only ever implemented JWT briefly in one of my projects, thanks for your points!

 

[MrSpooks]

Really sleek looking CMS, I'll take her for a ride and see what's what, I've not been around for a while so its nice to see people still developing!