README: English | 简体中文
Nodite-Light 是一款 Admin 管理软件。基于 vue3 和 vuetify UI 框架。前后端均采用 Typescript,减少编程语言带来的负担。
Nodite-Light 具有完善的基础功能,如用户管理、区域设置/翻译管理、可靠的性能和出色的安全性。一些亮点包括:
- [F] Customizable: Extensive customization options with SASS/SCSS and Default configuration and Blueprints.
- [F] Responsive Layout: The default configuration of Vuetify components is responsive, allowing your application to adapt to different screen sizes.
- [F] Vite Support: Smaller bundle sizes with automatic tree-shaking.
- [F] Internationalization: 42+ supported languages.
- [B] TSOA Support: Tsoa is a TypeScript library that generates OpenAPI documentation (Swagger) based on your TypeScript code.
- [B] Express Support: ExpressJS framework with TypeScript on the board.
- 🏇 minified and optimized code for production build.
- ♻️ Live reload
- 🏄 And many more...
Nodite-Light 支持所有现代浏览器,包括 Safari 13+ (使用polyfills)。组件的最小宽度为 320 像素。
-
Embracing linter security rules The project eslint-plugin-security helps to identify potential security hotspots.
-
Disable the header X-Powered-By Your application won't show that was developed using Express.js, preventing to send this info to attackers.
-
Use environment variables to store SECRETS Very popular and good practice. We should use the package dotenv in order to use .env files in our application
-
Limit concurrent requests using a middleware: express-rate-limit From the NGINX blog: Rate limiting can be used for security purposes, for example to slow down brute‑force password‑guessing attacks. It can help protect against DDoS attacks by limiting the incoming request rate to a value typical for real users, and (with logging) identify the targeted URLs. More generally, it is used to protect upstream application servers from being overwhelmed by too many user requests at the same time.
-
Adjust the HTTP response headers for enhanced security Your application should be using secure headers to prevent attackers from using common attacks like cross-site scripting (XSS), clickjacking and other malicious attacks. These can be configured easily using modules like helmet.
-
Avoid using the Node.js crypto library for handling passwords, use Bcrypt We're using bcrypt.js for users passwords. This package offer an optimized implementation of Bcrypt for JavaScript and is widely trusted and used over the Internet.
查看文档,请访问https://docs.nodite.com/nodite-light
每个版本的详细更改记录在 release notes。
Nosite Light 是由 Oscaner 兼职开发和维护的开源软件。
任何人都可以下载、使用、处理并与他人共享。它建立在合作、全球主义和创新等原则之上。它是根据 Apache-2.0 的条款分发的. 从来没有许可费。Nodite-Light 永远是免费的。
如果你觉得这个项目有用,请给我买杯咖啡。非常感谢!!!
-
WeChat
-
Alipay
这个项目的存在要感谢所有做出贡献的人😍!