A comprehensive Node.js backend starter template with authentication, database management, and essential utilities. Built with TypeScript, Express.js, Prisma ORM, and JWT authentication.
- 🔐 JWT Authentication - Complete auth system with login, register, password reset
- 👥 User Management - Role-based access control with admin, user, manager, moderator roles
- 📧 Email Integration - Welcome emails and password reset functionality
- 🔔 Push Notifications - Firebase integration for device notifications
- 📊 Database Management - Prisma ORM with PostgreSQL support
- 📝 API Documentation - Swagger/OpenAPI integration
- 🛡️ Security - Password hashing, OTP verification, input validation
- 📱 Device Token Management - Support for web, Android, iOS notifications
- 🔍 Audit Logging - Track all user actions and changes
- 🚀 Production Ready - Error handling, logging, and deployment configurations
- Runtime: Node.js
- Framework: Express.js
- Language: TypeScript
- Database: PostgreSQL with Prisma ORM
- Authentication: JWT (JSON Web Tokens)
- Email: Nodemailer with EJS templates
- Notifications: Firebase Admin SDK
- Documentation: Swagger/OpenAPI
- File Upload: Multer
- Validation: Custom validation utilities
- Node.js (v18 or higher)
- PostgreSQL database
- npm or yarn
-
Clone the repository
git clone <repository-url> cd nodejs-backend-starter
-
Install dependencies
npm install
-
Environment Setup
cp .env.example .env
Update the
.envfile with your configuration:DATABASE_URL="postgresql://username:password@localhost:5432/database_name" JWT_SECRET="your-super-secret-jwt-key" EMAIL_HOST="smtp.gmail.com" EMAIL_PORT=587 EMAIL_USER="your-email@gmail.com" EMAIL_PASS="your-app-password" FIREBASE_PROJECT_ID="your-firebase-project-id" FIREBASE_PRIVATE_KEY="your-firebase-private-key" FIREBASE_CLIENT_EMAIL="your-firebase-client-email"
-
Database Setup
npm run db:migrate npm run db:generate
-
Start Development Server
npm run dev
The server will start on http://localhost:5000
Once the server is running, visit http://localhost:5000/api-docs to view the interactive API documentation.
src/
├── controllers/ # Request handlers
│ └── auth.controller.ts # Authentication logic
├── middlewares/ # Express middlewares
│ ├── auth.middleware.ts # JWT authentication
│ └── role.middleware.ts # Role-based access control
├── routes/ # API routes
│ ├── auth.ts # Authentication routes
│ └── index.ts # Main router
├── utils/ # Utility functions
│ ├── appError.ts # Custom error handling
│ ├── catchAsync.ts # Async error wrapper
│ ├── email.ts # Email service
│ ├── firebase.ts # Firebase configuration
│ ├── generateCode.ts # Code generation utilities
│ ├── globalErrorHandler.ts # Global error handler
│ ├── helpers.ts # Helper functions
│ ├── notification.ts # Push notification service
│ ├── otpUtils.ts # OTP generation and validation
│ ├── passwordUtils.ts # Password validation
│ └── prisma.ts # Database connection
├── templates/ # Email templates
├── constants/ # Application constants
└── index.ts # Application entry point
POST /api/auth/register- Register new userPOST /api/auth/login- User loginPOST /api/auth/change-password- Change passwordPOST /api/auth/request-password-reset- Request password resetPOST /api/auth/verify-otp- Verify OTP for password resetPOST /api/auth/reset-password/:token- Reset password with token
GET /api/auth/users- Get all users (with pagination)GET /api/auth/users/:id- Get user by IDPUT /api/auth/users/:id- Update userDELETE /api/auth/users/:id- Delete user (soft delete)PATCH /api/auth/users/:id/activate- Activate userPATCH /api/auth/users/:id/deactivate- Deactivate userPATCH /api/auth/users/:id/change-role- Change user role
POST /api/auth/device-token- Save device token for notificationsDELETE /api/auth/device-token- Remove device token
- ADMIN: Full access to all features
- MANAGER: Can manage users and view all data
- MODERATOR: Limited management capabilities
- USER: Basic user access
| Variable | Description | Required |
|---|---|---|
DATABASE_URL |
PostgreSQL connection string | Yes |
JWT_SECRET |
Secret key for JWT signing | Yes |
EMAIL_HOST |
SMTP server host | Yes |
EMAIL_PORT |
SMTP server port | Yes |
EMAIL_USER |
SMTP username | Yes |
EMAIL_PASS |
SMTP password/app password | Yes |
FIREBASE_PROJECT_ID |
Firebase project ID | Yes |
FIREBASE_PRIVATE_KEY |
Firebase private key | Yes |
FIREBASE_CLIENT_EMAIL |
Firebase client email | Yes |
PORT |
Server port (default: 5000) | No |
The starter template includes these core models:
- User: User accounts with roles and authentication
- OTP: One-time passwords for password reset
- DeviceToken: Device tokens for push notifications
- AuditLog: Audit trail for all user actions
- Update the
UserRoleenum inprisma/schema.prisma - Update role validation in
auth.controller.ts - Add role-specific middleware if needed
- Create new controllers in
src/controllers/ - Add routes in
src/routes/ - Update the main router in
src/routes/index.ts - Add database models in
prisma/schema.prisma
Email templates are located in src/templates/ using EJS format. You can customize:
welcome-email.ejs- Welcome email templatepassword-reset-otp.ejs- OTP email templatepassword-reset-success.ejs- Password reset success template
npm run dev- Start development servernpm run build- Build for productionnpm start- Start production servernpm run db:migrate- Run database migrationsnpm run db:generate- Generate Prisma clientnpm run db:studio- Open Prisma Studionpm run db:reset- Reset database
- Fork the repository
- Create a feature branch
- Make your changes
- Add tests if applicable
- Submit a pull request
ISC License - see LICENSE file for details
For questions and support, please open an issue in the repository.