Live on AWS · eu-north-1

Portfolio API by Andrei Pahome.

A production-grade REST API serving my developer portfolio — built with TypeScript, Express, Prisma, and deployed on AWS with full JWT auth, Swagger docs, and CI/CD.

→ Explore API Docs ◊ View Source ⬡ Terraform
skybytes.live — Portfolio API
$ curl https://skybytes.live/api/about
{ "success": true, "data": {
  "fullName": "Pahome Andrei-Cristian",
  "title": "Software Engineer",
  "location": "Bucharest, Romania" }}
$ curl https://skybytes.live/api/skills
{ "success": true, "data": {
  "Backend": [{ "name": "Node.js", "proficiency": 90 }, ...],
  "Frontend": [{ "name": "Angular", "proficiency": 90 }, ...] }}
$ curl -X POST /api/contact/message \
  -d '{"name":"Recruiter","email":"hr@co.com","message":"..."}'
{ "success": true, "message": "Message sent successfully" }
$
// api endpoints

What you can query.

GET /api/about
Bio, education, contact info, and social links.
GET /api/projects
Portfolio projects with tech stacks, descriptions, and links.
GET /api/experience
Work history, roles, timelines, and highlights.
GET /api/skills
Technical skills grouped by category with proficiency scores.
GET /api/contact
Public contact info and social links.
POST /api/contact/message
Send a message directly. Rate limited to 5 per 15 min.
POST /api/auth/login
JWT authentication with access + refresh token rotation.
POST /api/auth/register
Create an account. Passwords hashed with bcrypt (12 rounds).
PUT /api/projects/:id
Full CRUD on all portfolio resources behind JWT auth.
🔒 Bearer token required
→ Full API Documentation
// tech stack

Built with the right tools.

TypeScript + Express
Strict TypeScript, Express 4, path aliases, ESLint with zero-warning tolerance. Matches production conventions.
🗄
Prisma + MySQL
Type-safe ORM with migrations, seeding, and generated client. MySQL on AWS RDS in production.
🔐
JWT Authentication
Passport.js with access + refresh token rotation, bcrypt hashing, rate-limited auth endpoints.
☁️
AWS Infrastructure
VPC, EC2, RDS MySQL, IAM Roles, Secrets Manager, CloudWatch. Zero plaintext secrets.
Terraform IaC
Full infrastructure as code — VPC, subnets, security groups, EC2, and EIP managed declaratively.
🐳
Docker + CI/CD
Multi-stage Docker build, docker-compose orchestration, GitHub Actions auto-deploy on push.
// architecture

How it all connects.

CLIENT  →  https://skybytes.live  # domain via Namecheap DNS
                
NGINX    →  port 80/443  # reverse proxy + SSL termination
                
DOCKER    →  Express :3000  # TypeScript API + Prisma ORM
                
AWS RDS    →  MySQL 8.4  # managed database, SSL required

# Credentials flow
EC2        →  IAM Role    Secrets Manager  # no .env secrets

# Deploy flow
git push    →  GitHub Actions    SSH → docker-compose up
// source code

Open source.

PahomeAndrei / aws-api-project
Portfolio REST API with TypeScript, Express, Prisma, JWT auth, Swagger docs, Docker, and GitHub Actions CI/CD.
TypeScript Express · Prisma · Docker
PahomeAndrei / terraform-skybytes
Infrastructure as Code — full AWS setup with VPC, EC2, Security Groups, and Elastic IP managed by Terraform.
HCL Terraform · AWS · IaC