Backend

For the backend, Nestjs was used along with TypeScript.

LogoDocumentation | NestJS - A progressive Node.js frameworkDocumentation | NestJS - A progressive Node.js framework

Validate and sanitize requests

class-validator: A popular validation tool that uses decorators to define validation rules directly in the entity or DTO (Data Transfer Object) classes. It allows for a declarative and concise way of defining rules.

Creating DTOs with Validation Decorators:

import { IsString, IsInt, MinLength } from 'class-validator';

export class CreateUserDto {
  @IsString()
  @MinLength(4)
  name: string;

  @IsInt()
  age: number;
}

Using DTOs in Controllers

  • Integrate DTOs into controller methods as parameters.

  • Apply the @Body(), @Query(), or @Param() decorators to these parameters, based on the type of data being validated.

Handling Validation Errors

  • NestJS automatically handles validation errors if ValidationPipe is globally enabled or used in specific routes.

  • Customize error responses by configuring the ValidationPipe options.

Password hashing

Password hashing in the database has been implemented, which improves security. This keeps your passwords safe in the event of a database leak. Hashing is done using the bcrypt library.

API Documentation

I use Swagger to document my endpoints. In nestjs we have automatic swagger out of the box.

LogoDocumentation | NestJS - A progressive Node.js frameworkDocumentation | NestJS - A progressive Node.js framework

For additional information, decorators are available for the controller as in ASP.NET Core.

@Controller('api/v1/tasks')
@ApiTags('tasks')
export class AssignedUsersController {

  @Post(':taskId/assign-user')
  @ApiOperation({ summary: 'Assign user to a task' })
  @ApiResponse({
    status: HttpStatus.CREATED,
    description: 'User assigned successfully',
    type: AssignedUser,
  })
  @ApiResponse({ status: HttpStatus.BAD_REQUEST, description: 'Bad request' })
  async assignUserToTask(
    @Param('taskId') taskId: number,
    @Body() assignUserDto: AssignUserDto,
  ) {}
}

Object Relational Mapping

Sequelize is a promise-based Node.js ORM (Object Relational Mapping) for working with SQL databases like PostgreSQL, MySQL, MariaDB, SQLite, and MSSQL.

Some key things to know about Sequelize:

  • It allows you to map JavaScript objects to database tables and perform CRUD operations without writing raw SQL.

  • It supports relations between models, eager and lazy loading, transactions, replication, etc.

  • You define models representing tables using sequelize.define(), with attributes representing columns.

  • It provides a powerful query interface using operators like find, findOne, create, etc.

  • It has a migration system to incrementally update schemas and sync models.

  • It prevents SQL injection by parameterizing queries.

  • It uses promises for async operations like queries and connections.

In summary, Sequelize is a feature-rich ORM that makes it easy to work with SQL databases in Node.js and JavaScript. It reduces boilerplate code and provides utilities for managing connections, defining models, syncing schemas, and performing queries and transactions.

Generate Slug

In our application we use two libraries to generate slugs. Slugify and nanoid are two NPM packages for generating slugs (URL-friendly strings) in JavaScript.

slugify takes an input string and converts it to a slug by:

  • Replacing separating punctuation like dashes, colons, etc with hyphens

  • Removing special characters

  • Converting to lowercase

  • Condensing repeated hyphens

It supports international text by transliterating accented characters to ASCII equivalents. Additional options allow customizing the separator character, preserving case, etc.

nanoid generates random unique IDs using a secure cryptographic random number generator. The IDs use a larger alphabet than UUIDs so they are shorter (21 chars vs 36).

PreviousFrontendNextDatabase

Last updated