A production-grade, full-stack portfolio platform built with Next.js 14, TypeScript, and Supabase, featuring a comprehensive admin dashboard, blog system, and advanced SEO optimizations.
- Overview
- Features
- Tech Stack
- Architecture
- Getting Started
- Development
- Testing
- Deployment
- Performance
- Security
- Contributing
- License
This project is a professional Web3-focused portfolio platform designed to showcase projects, write technical blog posts, and manage content through a comprehensive admin dashboard. Built with modern web technologies and industry best practices, it delivers exceptional performance, security, and user experience.
Live Demo: matthewraphael.xyz
- π Performance: Optimized bundle splitting, lazy loading, and edge caching
- π Security: Production-grade CSP headers, authentication, and data protection
- π± Progressive Web App: Installable with offline capabilities
- π¨ Modern UI: Responsive design with dark mode support
- π Analytics: Integrated Vercel Analytics and Speed Insights
- π SEO: Comprehensive multi-market SEO targeting (US, UK, EU, Nigeria)
-
Portfolio Showcase
- Project gallery with detailed case studies
- Technology stack visualization
- Live demo and GitHub repository links
- Interactive project filters and categories
-
Technical Blog
- Markdown-based content with syntax highlighting
- Dune Analytics dashboard embeds
- YouTube video integration
- Google Drive document viewer
- Reading time estimation
- Social sharing integration
-
About & Contact
- Professional bio and experience timeline
- Skills visualization
- Direct contact form
- Social media integration
-
Progressive Web App
- Installable on mobile and desktop
- Offline support with service workers
- App-like experience
- Custom install prompts
-
Content Management
- Full CRUD operations for blog posts and projects
- Rich markdown editor with live preview
- Media library with cloud storage integration
- Bulk operations and batch processing
-
Media Management
- Upload and organize media files
- YouTube metadata fetching
- Thumbnail generation
- Storage analytics and usage tracking
-
Authentication & Authorization
- Supabase-powered authentication
- Secure session management
- Role-based access control
- Protected API routes
-
Analytics Dashboard
- Real-time content performance metrics
- User engagement tracking
- Traffic analytics
- Export capabilities
- Next.js 14 - React framework with App Router
- React 18 - UI library with Server Components
- TypeScript 5 - Type-safe development
- Supabase - PostgreSQL database, authentication, and storage
- Vercel Edge Functions - Serverless API routes
- Tailwind CSS 3.3 - Utility-first CSS framework
- Lucide React - Icon library
- next-themes - Dark mode support
- Vitest - Unit testing framework
- ESLint - Code linting with Next.js config
- Bundle Analyzer - Webpack bundle analysis
- Vercel Analytics - Real-time analytics
- Vercel Speed Insights - Performance monitoring
- Supabase Auth - Authentication provider
- Jose - JWT token handling
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Client Layer β
β (Next.js App Router + React Server Components) β
ββββββββββββββββββββ¬βββββββββββββββββββββββββββββββββββββββ
β
ββββββββββββββββββββ΄βββββββββββββββββββββββββββββββββββββββ
β API Layer (Edge) β
β β’ REST endpoints β’ Authentication middleware β
β β’ File uploads β’ Rate limiting β
ββββββββββββββββββββ¬βββββββββββββββββββββββββββββββββββββββ
β
ββββββββββββββββββββ΄βββββββββββββββββββββββββββββββββββββββ
β Data Layer (Supabase) β
β β’ PostgreSQL Database β’ Row Level Security β
β β’ Cloud Storage β’ Real-time subscriptions β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
- Server-Side Rendering (SSR): Dynamic content with optimal performance
- Static Site Generation (SSG): Pre-rendered pages for blog posts
- Incremental Static Regeneration (ISR): Automatic cache revalidation
- Service Layer Pattern: Abstracted database operations
- Component-Based Architecture: Modular, reusable UI components
- API Route Protection: Middleware-based authentication
Ensure you have the following installed:
- Node.js >= 18.0.0
- npm >= 9.0.0 or pnpm >= 8.0.0
- Git >= 2.40.0
- Supabase Account (free tier available)
- Clone the repository
git clone https://github.com/RaphDeAnalyst/web3-portfolio.git
cd web3-portfolio- Install dependencies
npm install
# or
pnpm install- Set up environment variables
cp .env.local.example .env.localEdit .env.local with your configuration (see Environment Configuration)
- Set up Supabase
- Create a new project at supabase.com
- Run the database migrations from
database/migrations/ - Configure authentication providers
- Set up storage buckets for media uploads
- Start the development server
npm run devVisit http://localhost:3000 to see your application.
Create a .env.local file in the root directory:
# Supabase Configuration
# Get these from: https://app.supabase.com/project/_/settings/api
NEXT_PUBLIC_SUPABASE_URL=your_supabase_project_url
NEXT_PUBLIC_SUPABASE_ANON_KEY=your_supabase_anon_key
# YouTube API (Optional - for video metadata)
# Get from: https://console.cloud.google.com/apis/credentials
YOUTUBE_API_KEY=your_youtube_api_key
# Deployment (Vercel)
# Automatically set by Vercel, no manual configuration needed
VERCEL_URL=auto
NEXT_PUBLIC_SITE_URL=https://yourdomain.com| Variable | Description | Required |
|---|---|---|
NEXT_PUBLIC_SUPABASE_URL |
Your Supabase project URL | β Yes |
NEXT_PUBLIC_SUPABASE_ANON_KEY |
Supabase anonymous key | β Yes |
YOUTUBE_API_KEY |
YouTube Data API v3 key | |
NEXT_PUBLIC_SITE_URL |
Production domain URL |
| Command | Description |
|---|---|
npm run dev |
Start development server on localhost:3000 |
npm run build |
Build production-optimized bundle |
npm run start |
Start production server (requires build first) |
npm run lint |
Run ESLint code quality checks |
npm run test |
Run unit tests with Vitest |
npm run test:ui |
Run tests with interactive UI |
npm run test:coverage |
Generate test coverage report |
npm run analyze |
Analyze webpack bundle size |
npm run keep-alive |
Ping Supabase to prevent database sleep |
web3-portfolio/
βββ src/
β βββ app/ # Next.js App Router pages
β β βββ (auth)/ # Authentication routes
β β βββ admin/ # Admin dashboard
β β βββ api/ # API endpoints
β β βββ blog/ # Blog pages
β β βββ portfolio/ # Portfolio showcase
β β βββ about/ # About page
β β βββ contact/ # Contact page
β β βββ layout.tsx # Root layout
β β
β βββ components/ # React components
β β βββ admin/ # Admin-specific components
β β βββ blog/ # Blog components
β β βββ layout/ # Layout components (Navbar, Footer)
β β βββ sections/ # Homepage sections
β β βββ ui/ # Reusable UI components
β β βββ pwa/ # PWA components
β β βββ seo/ # SEO components
β β βββ error/ # Error boundaries
β β
β βββ lib/ # Utility libraries
β β βββ supabase.ts # Supabase client
β β βββ auth.ts # Authentication utilities
β β βββ logger.ts # Logging utilities
β β βββ utils.ts # Helper functions
β β
β βββ types/ # TypeScript type definitions
β
βββ public/ # Static assets
β βββ icons/ # PWA icons
β βββ manifest.json # PWA manifest
β βββ sw.js # Service worker
β
βββ database/ # Database schema and migrations
β βββ migrations/ # SQL migration files
β
βββ .github/ # GitHub configuration
β βββ workflows/ # CI/CD workflows
β βββ supabase-keep-alive.yml
β
βββ next.config.js # Next.js configuration
βββ tailwind.config.ts # Tailwind CSS configuration
βββ tsconfig.json # TypeScript configuration
βββ package.json # Project dependencies
This project enforces code quality through:
- TypeScript strict mode - Type safety across the codebase
- ESLint - Linting with Next.js and accessibility rules
- Component testing - Vitest for unit and integration tests
- Git hooks - Pre-commit checks (optional)
# Run all tests
npm run test
# Run tests in watch mode
npm run test:watch
# Run tests with UI
npm run test:ui
# Generate coverage report
npm run test:coverageTests are colocated with components using the following naming convention:
component-name.tsx
component-name.test.tsx
- Unit tests: >= 80% coverage for utilities and services
- Integration tests: Critical user flows (auth, content management)
- E2E tests: Core user journeys (planned)
This project is optimized for Vercel deployment:
- Connect your repository to Vercel
- Configure environment variables in Vercel dashboard
- Deploy - Automatic deployments on every push to
main
- Supabase Keep-Alive: Daily cron job to prevent database sleep (free tier)
- Runs daily at 6:00 AM UTC
- Queries database to maintain active connection
- Located:
.github/workflows/supabase-keep-alive.yml
| Environment | Branch | Domain | Cache Strategy |
|---|---|---|---|
| Production | main |
matthewraphael.xyz | ISR + Edge Cache |
| Preview | Feature branches | *.vercel.app |
No cache |
| Development | Local | localhost:3000 | No cache |
This project implements industry-standard performance optimizations:
- Code splitting - Automatic route-based splitting
- Tree shaking - Eliminates unused code
- Dynamic imports - Lazy loading for non-critical components
- Vendor chunking - Separate chunks for node_modules
- Icon optimization - Selective imports from Lucide React
- Next.js Image component - Automatic optimization
- Modern formats - WebP and AVIF support
- Responsive images - Adaptive sizing
- Lazy loading - Below-the-fold images
- Static pages: ISR with 5-minute revalidation
- API routes: Aggressive edge caching
- Media assets: CDN caching with long TTL
- Admin pages: No caching for fresh content
Target metrics (Lighthouse scores):
- Performance: >= 95
- Accessibility: >= 95
- Best Practices: >= 95
- SEO: >= 95
Analyze bundle size with:
npm run analyzeThis generates a visual report of your webpack bundle composition.
- Content Security Policy (CSP) - Strict CSP headers
- HTTPS enforcement - HSTS with preload
- XSS protection - Input sanitization and validation
- CSRF protection - Token-based verification
- SQL injection prevention - Parameterized queries via Supabase
- Authentication - Secure session management with Supabase Auth
- Rate limiting - API route protection
- Environment variable security - No secrets in client-side code
Configured in next.config.js:
{
'X-Content-Type-Options': 'nosniff',
'X-Frame-Options': 'DENY',
'X-XSS-Protection': '1; mode=block',
'Referrer-Policy': 'strict-origin-when-cross-origin',
'Strict-Transport-Security': 'max-age=31536000; includeSubDomains; preload',
'Content-Security-Policy': '...'
}If you discover a security vulnerability, please email: matthewraphael@matthewraphael.xyz
Do not create a public GitHub issue for security vulnerabilities.
Contributions are welcome! Please follow these guidelines:
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Make your changes with clear, descriptive commits
- Write or update tests for your changes
- Ensure all tests pass (
npm run test) - Run linting (
npm run lint) - Submit a pull request
Follow Conventional Commits:
feat: add new feature
fix: resolve bug
docs: update documentation
style: format code
refactor: restructure code
test: add tests
chore: update dependencies
- TypeScript: Use strict mode, avoid
anytypes - Components: Functional components with TypeScript interfaces
- Naming: Descriptive, PascalCase for components, camelCase for functions
- Comments: JSDoc for public APIs, inline for complex logic
- Imports: Absolute imports using
@/alias
This project is private and proprietary. All rights reserved.
Β© 2024 Matthew Raphael. Unauthorized copying or distribution is prohibited.
Developer: Matthew Raphael (RaphDeAnalyst) Email: matthewraphael@matthewraphael.xyz GitHub: @RaphDeAnalyst Website: matthewraphael.xyz
- Built with Next.js by Vercel
- Database and auth powered by Supabase
- Styled with Tailwind CSS
- Icons from Lucide
Made with β€οΈ and β by RaphDeAnalyst