← Back to projects
Full Stack Laravel Queue-Based

Pellizzer Tech Blog

A production-ready blogging platform with secure user authentication, an admin control panel, and an asynchronous email notification system — built with Laravel 8 and a fully containerised development stack.

PHP 7.3+ / 8.0 Laravel 8 MySQL 8.0 Redis Docker / Sail Laravel Mix PHPUnit

Overview

What is PellizzerTechBlog?

PellizzerTechBlog is a full-featured publishing platform focused on IT security and software development. It supports a complete content lifecycle — from writing and publishing posts to notifying subscribers — all managed through a dedicated admin control panel.

The platform features a robust authentication system with email verification, login-attempt rate limiting with progressive lockouts, and role-based access control that separates public readers from authenticated subscribers and administrators.

The repository is public on GitHub — this showcase highlights the architecture decisions, key features, and engineering challenges solved during development.

6
Controllers
34
Routes
7
DB migrations
15+
Blade templates
3
Mail classes
4
Login lockout (min)

Architecture

MVC with Async Jobs

A clean Laravel MVC structure backed by a Redis-powered job queue for non-blocking email delivery.

┌────────────────────────────────────────────────────────────┐ │ Browser │ └────────────────────────────┬───────────────────────────────┘ │ HTTP ┌─────────▼──────────┐ │ Laravel Router │ │ (web.php – 34) │ └──┬───────────┬─────┘ │ │ ┌───────────▼──┐ ┌─────▼──────────────┐ │ Middleware │ │ Controllers │ │ · Auth │ │ · UserController │ │ · isAdmin │ │ · PostController │ └───────────┬──┘ │ · ControlPanel │ │ │ · CategoryController│ │ │ · ContactController │ └─────▼──────────────────────┘ │ ┌────────────────┼─────────────────┐ │ │ │ ┌────────▼────┐ ┌────────▼─────┐ ┌────────▼──────┐ │ Models │ │ Mail Classes │ │ Job Queue │ │ User / Post │ │ Registration │ │ (Redis) │ │ / Categorie │ │ Contact │ │ SendEmail │ └────────┬────┘ │ Notification │ │ (async) │ │ └──────────────┘ └───────────────┘ ┌────────▼────────┐ │ MySQL 8.0 │ │ users / posts │ │ categories │ │ jobs / sessions│ └─────────────────┘
🔐
Auth & Middleware Layer
Laravel's built-in authentication is extended with a custom isAdmin middleware for role-based route protection. Login attempts are tracked per user and trigger a 5-minute lockout after 4 failed tries. Email verification is required before account activation.
📋
Content & Admin Panel
Administrators manage posts (create, edit, publish/unpublish), users (activate/deactivate), and categories through a dedicated control panel. Posts are only surfaced to readers once explicitly published.
📬
Queue-Based Email System
New-post notifications, registration emails, and contact messages are dispatched as Laravel Jobs processed by a Redis-backed queue worker — keeping HTTP responses fast and delivery scalable regardless of subscriber count.

Key features

What it can do

👤
Secure User Registration
Registration enforces strong passwords (min 8 chars, uppercase, special character), checks for duplicate usernames/emails, and sends an email verification link before the account can be used.
🛡️
Login Rate Limiting
Failed login attempts are counted per account. After 4 failures the account is locked for 5 minutes and the counter resets automatically on a successful login, protecting against brute-force attacks.
✍️
Blog Post Management
Full CRUD for posts with title, subtitle, body, category, and author metadata. Posts can be drafted and published independently. Readers can filter the blog by title, subtitle, or category.
🗂️
Admin Control Panel
A protected admin dashboard provides management of all posts and registered users. Admins can activate or deactivate user accounts and create new post categories from the same interface.
📧
Subscriber Notifications
When a new post is published, all active subscribers receive an email notification dispatched asynchronously via the job queue — ensuring HTTP response times are not affected by bulk email delivery.
🐳
Full Docker Dev Stack
Laravel Sail provides a one-command dev environment: PHP 8.0, MySQL 8.0, Redis, Meilisearch, MailHog for email testing, and Selenium for browser tests — all orchestrated with Docker Compose.

Technology

Stack breakdown

Layer Technology Purpose
Framework Laravel 8.12+ MVC structure, routing, ORM, auth scaffolding
Language PHP 7.3+ / 8.0 Server-side logic across all layers
Frontend Blade, Laravel Mix 6, SCSS, Axios Templating, asset bundling, HTTP client
Database MySQL 8.0 Users, posts, categories, sessions, job tables
Cache / Queue Redis Async email job queue processing
Authentication Laravel Auth + custom middleware Session auth, email verification, role-based access
Testing PHPUnit 9.3+, Selenium Unit tests, browser tests
DevOps Docker Compose, Laravel Sail Containerised dev stack (PHP, MySQL, Redis, MailHog)

Engineering

Challenges solved

Key technical decisions made during development.

Non-Blocking Email Dispatch
Sending notifications to all subscribers synchronously would stall the HTTP response. Instead, a Laravel Job is pushed to the Redis queue and processed by a background worker — keeping page responses instant regardless of subscriber count.
🔑
Progressive Login Lockout
Rather than a simple boolean lock, the system stores a per-user attempt counter and a block timestamp in the database. Each request compares the current time against the block expiry, enabling automatic unlock without any scheduled job or cron dependency.
🧩
Clean Role Separation via Middleware
Admin-only routes are protected by a dedicated isAdmin middleware that checks the user's flag and immediately logs them out if they attempt to access a protected route — keeping the role check in one place and out of every controller.
Multi-Layer Input Validation
User input is trimmed and validated at the controller layer (length, format, complexity), then checked against the database for uniqueness, before any write occurs. Password strength rules are enforced server-side to ensure constraints hold regardless of client behaviour.