Shipped Blog API Endpoints for EpsteinScan in One Session

Just wrapped up a focused coding session getting EpsteinScan's blog API up and running. Nothing fancy, but sometimes the simple stuff is exactly what you need.

What Got Built

Added two endpoints that'll let AdminStack talk to the blog programmatically:

• GET /api/blog/posts - dumps all blog posts as JSON
• POST /api/blog/publish - creates or updates a post by slug and marks it published

Both are protected with a simple x-api-key header check. I built a little _require_api_key() helper to keep things DRY since I hate repeating auth logic.

The Decisions That Mattered

Went with the laziest possible approach for the API key - just reused the existing COMMAND_CENTER_SECRET value as ADMINSTACK_API_KEY. Why generate another secret when you already have one that works?

The publish endpoint uses an upsert pattern, so calling it multiple times with the same slug won't break anything. That idempotent behavior will save me headaches later when AdminStack starts hammering it.

Also did some field mapping to make the JSON cleaner - database body becomes content, summary becomes excerpt. Small touches but they add up.

Production Reality Check

Deployed to the Hetzner box and actually tested it (shocking, I know). Returns proper 401s without the key, clean 200s with it. The endpoints are live and AdminStack can start using them immediately.

Committed everything as 6fe6e26 and pushed to master. Sometimes shipping is just about getting the basics right and moving on to the next thing.

Now AdminStack has what it needs to manage blog content programmatically. Simple, working, done.