AllBengal
By Sahidur Pub Feb 20

Building AllBengal: How I Created a Modern Blog from Scratch

A beginner-friendly story about how I built a complete blog platform with a simple tech stack. Learn the big ideas behind the architecture without getting lost in the code.

Dev Diaries
Building AllBengal: How I Created a Modern Blog from Scratch

The Dream: A Blog Platform That Actually Works

Imagine you want to start a blog. Not just a simple blog, but a real platform where:

  • You can write rich, beautiful blog posts with images and formatting
  • You can log in securely (maybe even with Google)
  • Your readers can't hack your site or see private data
  • The site runs fast and stays up even if thousands of people visit
  • The whole thing is free to host

That's what I set out to build with AllBengal.

The Big Picture

Think of a website like a restaurant:

  • The backend is the kitchen — it stores recipes (data), checks if you're allowed to eat there (authentication), and prepares your order (processes requests)
  • The frontend is the dining room — it's what you see, where you place your order, and it looks nice
  • The database is the pantry — where all the ingredients (data) are stored

My Setup

  • Kitchen (Backend): FastAPI — a modern, fast Python framework
  • Dining Room (Frontend): SvelteKit — a beautiful, interactive JavaScript framework
  • Pantry (Database): PostgreSQL — a reliable database, hosted free on Supabase
  • Waiter between Kitchen and Dining Room: APIs (simple messages sent back and forth)

The Five Pillars of the Project

1. Writing & Storing Posts

When you write a blog post, the frontend shows you a beautiful editor (powered by TinyMCE). You type, add images, format text. When you click "Publish", it sends your post to the backend, which stores it in the database.

2. Logging In Securely

Before you can write anything, you need to prove who you are. I use two methods:

  • Traditional login: Email + password (hashed with bcrypt so I can't even see your password)
  • Google login: Just click "Sign in with Google" — no password to remember

Once you're logged in, I give you a special token (JWT) that says "this person is allowed to write posts." This token expires after 24 hours for safety.

3. Images & Media

When you add an image to your blog post, the system uploads it to ImgBB (a free image hosting service). This keeps your server lightweight because big image files don't live on your server — they live on specialized image servers.

4. Protecting Everyone

Your blog posts contain HTML (the code that makes things pretty on the web). But HTML can be dangerous if someone inserts malicious code. I clean everything that comes in, removing dangerous stuff while keeping the beautiful formatting.

5. Handling Traffic Safely

If someone tries to log in 100 times per second (to guess passwords), the system blocks them temporarily. This is called rate limiting — think of it like a bouncer at a club saying "Hey, you're doing that too much, wait a minute."

How Everything Connects

Writer opens blog editor
    ↓
Frontend (SvelteKit) shows the editor and upload buttons
    ↓
Writer types, adds images, clicks publish
    ↓
Frontend sends the post to Backend API
    ↓
Backend checks: "Are you logged in? Are you allowed to write?"
    ↓
Backend cleans the HTML (removes dangerous code)
    ↓
Backend stores the post in PostgreSQL database
    ↓
Database confirms: "Your post is saved"
    ↓
Frontend tells the writer: "Your post is published!"
    ↓
Readers visit the site and see the beautiful post

The Tech Stack (Without Overwhelming You)

I chose these tools because they're:

  • Free or very cheap: The entire project can run on free hosting
  • Modern: Built with technologies people use in 2026
  • Scalable: Works for 10 readers or 10,000 readers
  • Safe: Has built-in security features
Component Technology Why? Cost
Backend FastAPI (Python) It's fast, modern, and easy to understand Free
Frontend SvelteKit (JavaScript) Simpler than React but more powerful than plain JavaScript Free
Database PostgreSQL on Supabase PostgreSQL is the gold standard; Supabase gives it free Free
Editor TinyMCE Industry standard for beautiful rich text editing Free

The Secret: API Communication

All these pieces talk to each other using something called an API (Application Programming Interface). Think of it like this:

When you click "Publish Post", here's the actual conversation:

Frontend says to Backend: "Hey, here's a new post. The title is X, the content is Y, and the thumbnail is Z. My user token says I'm John, and I'm allowed to write."

Backend says back: "Got it! I cleaned up your HTML, checked that John is who you say you are, and I saved it to the database. Here's the new post ID: 42."

Frontend says: "Great! I'll show the user their post is live."

This conversation happens in less than a second, invisible to the user.

What Makes This "Production Ready"

I didn't just build something that works — I built something that:

  • Logs everything: When something goes wrong, I can trace what happened
  • Prevents attacks: SQL injection, XSS attacks, brute forcing — all handled
  • Handles errors gracefully: If something breaks, it tells you what went wrong instead of crashing silently
  • Scales with you: Can start small and grow to thousands of users without major rewrites

The Free Hosting Recipe

Here's the magic part: It's all free.

  • Frontend: Hosted on Vercel (free) — they handle serving the website worldwide
  • Backend: Hosted on Render.com (free tier) — they run your server
  • Database: Hosted on Supabase (free tier) — they run PostgreSQL
  • Images: Hosted on ImgBB (free) — they store your pictures

Total cost: $0. Even the domain name is optional.

Next Steps: What Comes Next in This Series

This was the big picture. In the next posts, I'll go deeper:

  1. How the login actually works — JWT tokens, refresh tokens, and why that's clever
  2. Writing safely — How I protect against hackers trying to sneak bad code into blog posts
  3. Storing data efficiently — How to handle thousands of blog posts without the database exploding
  4. Knowing what's happening — How to log events so you can debug problems
  5. Stopping bad guys — Rate limiting, security headers, and protection
  6. Pictures and files — The smart way to handle uploads
  7. Who can do what — How I built a system where some people are admins, others just readers
  8. Making it easier to code — Tools and tricks for developers
  9. Shipping to production — Getting it live and keeping it running
  10. For free, forever — The complete recipe for zero-cost hosting

The Bottom Line

I built AllBengal to show that you don't need a huge budget or years of experience to launch a real, production-quality web platform. You just need:

  • Modern tools (FastAPI, SvelteKit, PostgreSQL)
  • Good design patterns (APIs, authentication, logging)
  • Free hosting services (Vercel, Render, Supabase)
  • A clear understanding of how it all fits together

The rest of this series is the detailed story of how each piece works.

What would you like to build next? Drop a comment below!

Tags

#architecture#building#blog#how-it-works#beginners

Analytics

Unique visitors

0

Visits

0

Reactions

0

💬 Comments (0)

No comments yet.

💌 Share Your Opinion With Us

Email Facebook Telegram

📖 Read More Articles

Explore more articles and discover interesting stories from our blog.

View All Articles →