This repo contains the backend for the EasyGenerator interview assignment.
NOTE: Attempt made not to use any third party auth provider / passport js by default since this is the crux of the assignment.
- View User Info
- View All Users
- Simple query builder with query by roles
- Update User
- Delete User
- Sign Up User
- Sign In User
- Forgot /Reset Password of User
- Verify Email
- Refresh token
- Get Health
- Get Memory
- Get Disk
- Authentication
- JWT integration
- Email verification with OTP
- 5 minute OTP expiry
- 1 hour access token expiry
- 10 day refresh token expiry
- Rate limit OTP reissue
- Refresh token revocation
- Email sending
- Route Guards
- Hashing of passwords and OTP tokens
- Database
- ORM (See below for technologies)
- CASL Integration
- Authorization Guards with role (CUSTOMER, ADMIN)
- Authorization by role, subject, conditions
- Filters
- Exception Filters
- Validation Pipes
- Swagger Documentation
- Middlewares
- Interceptors
- Transformers
- Decorators
- Security
- Throttling of requests
- Allow CORS for now
- Helmet
- API versioning
- Env variables
- Logging
- Integration of pino with JSON logging.
- Log request body
- Redact sensitive data
- Correlation Id for each request for debugging
- Error constants mapping and response
- CI/CD
- Docker Compose for local mongo setup
- Deploy to Railway
- DockerFile for build
- Status indicator
- Husky pre commit and linting checks
- MongoDB Replica Set
- Serializers
- Health Check
Default environment variables passed during the Docker build process:
DATABASE_URL: DB Url.APP_PORT: Api server port to serve requests.SWAGGER_PASSWORD: Swagger password for opening the api docsRESEND_EMAIL_API_KEY: Resend Api key for sending emails.OTP_LENGTH: Number of OTP digitsAPP_NAME: Name of the applicationDEFAULT_EMAIL: Email registered with Resend. Make sure it is from the same domain registered and verifiedDEFAULT_NAME: Name of the email senderAPP_LOGGER_LEVEL: Logging level
- Prisma
- Nest.js 10
- Docker
- Docker Compose
- MongoDB
- Node.js
- npm
- Prisma ORM
- Typescript
- Create volume for each MongoDB node
docker volume create --name mongodb_repl_data1 -d local
docker volume create --name mongodb_repl_data2 -d local
docker volume create --name mongodb_repl_data3 -d local- Start the Docker containers on the host machine using docker-compose
docker-compose -f docker-compose-db.yml up -d- Start an interactive MongoDb shell session on the primary node in the cluster
docker exec -it mongo0 mongosh --port 30000
# in the shell
config={"_id":"rs0","members":[{"_id":0,"host":"mongo0:30000"},{"_id":1,"host":"mongo1:30001"},{"_id":2,"host":"mongo2:30002"}]}
rs.initiate(config);4 Update hosts file on hosts machine
sudo nano /etc/hosts
# write in the file
127.0.0.1 mongo0 mongo1 mongo2- Connect to MongoDB on host machine and check the status of the replica set
mongosh "mongodb://localhost:30000,localhost:30001,localhost:30002/?replicaSet=rs0"npm install- Generate Prisma Types
npm run db:generate- Run migrations
npm run db:push- Run application in below ways
# development
$ npm run start
# watch mode
$ npm run start:dev
# production mode
$ npm run start:prod# unit tests
$ npm run test
# e2e tests
$ npm run test:e2e
# test coverage
$ npm run test:cov- Use a mongo cluster via Atlas
- For the Api either self host it via
docker-compose -f docker-compose-api.yml up -dOR
Deploy via Railway Template
Swagger documentation is available at {{DOMAIN_NAME}}/docs.
- Username:
admin - Password: Per the environment variable
AuthGuard will look for a JWT in the Authorization header with the scheme Bearer.
All routes that are protected by the AuthGuard decorator will require a valid JWT token in the Authorization header of the incoming request.
providers: [
{
provide: APP_GUARD,
useClass: AuthGuard,
},
];You can skip authentication for a route by using the SkipAuth decorator.
@SkipAuth()Define roles for app:
// app.roles.ts
export enum Roles {
ADMIN = 'ADMIN',
CUSTOMER = 'CUSTOMER',
}