feat: replace tRPC/Prisma/BetterAuth with custom Node.js + Express backend#30
Open
Cedric-Kasera wants to merge 2 commits intocode-with-antonio:mainfrom
Open
feat: replace tRPC/Prisma/BetterAuth with custom Node.js + Express backend#30Cedric-Kasera wants to merge 2 commits intocode-with-antonio:mainfrom
Cedric-Kasera wants to merge 2 commits intocode-with-antonio:mainfrom
Conversation
…ckend
Migrate the entire Nodebase application from a Next.js fullstack architecture
(tRPC, Prisma, BetterAuth, Sentry, Polar) to a decoupled frontend/backend
architecture with a custom Node.js + Express API server and direct PostgreSQL
access via pg.
────────────────────────────────────────────────────────────────────────────────
BACKEND (nodebase_backend/) — NEW FROM SCRATCH
────────────────────────────────────────────────────────────────────────────────
Architecture:
- Node.js + Express 5 (ESM, "type": "module")
- PostgreSQL via pg Pool (NeonDB, SSL always on)
- JWT httpOnly cookie authentication (bcryptjs)
- AES-256-GCM credential encryption (node:crypto)
- Inngest (durable workflow engine, isDev mode for local dev)
- Vercel AI SDK (@ai-sdk/openai, @ai-sdk/google, @ai-sdk/anthropic)
- Zod v4 request validation
- Helmet, CORS, express-rate-limit security middleware
- Structured JSON logger, centralized error handling
Modules (7):
- auth: register, login, logout, me (JWT cookies)
- users: user profile management
- workflows: CRUD + save (PUT) + execute + workflow-level SSE stream
- nodes: CRUD per workflow
- connections: CRUD per workflow
- credentials: CRUD with AES-256-GCM encryption at rest
- executions: list, detail, per-node details, SSE stream endpoint
- webhooks: POST endpoints for Google Form + Stripe triggers (no auth)
SQL Migrations (12):
- 000: pgcrypto + uuid-ossp extensions
- 001: node_type + execution_status enums
- 002-005: users, sessions, accounts, verifications
- 006: credentials (encrypted)
- 007-009: workflows, nodes, connections
- 010: executions
- 011: node_executions (per-node execution tracking)
- All use TEXT primary keys, RLS policies with ::text casts
Engine:
- toposort.js: DAG ordering via topological sort
- template.js: Handlebars expression resolution with custom helpers
(json, encodeURI, eq) for node data templating
- runner.js: orchestrator — resolves templates, executes nodes in order,
passes triggerPayload, emits onNodeStart/Complete/Error callbacks
Executors (9):
- manual-trigger: pass-through
- google-form-trigger: receives triggerPayload.formData
- stripe-trigger: receives triggerPayload.event
- http-request: configurable method/endpoint/body
- openai: gpt-4o-mini via Vercel AI SDK (messages API)
- anthropic: claude-sonnet-4 via Vercel AI SDK (messages API)
- gemini: gemini-2.5-flash via Vercel AI SDK (messages API)
- discord: webhook message posting
- slack: webhook message posting
SSE (Server-Sent Events):
- SSEManager class with execution-level + workflow-level connections
- Execution-level: node:start, node:complete, node:error, execution:complete
- Workflow-level: execution:started (notifies editors of webhook-triggered runs)
Backend Dependencies Added:
@ai-sdk/anthropic, @ai-sdk/google, @ai-sdk/openai, ai, bcryptjs,
cookie-parser, cors, dotenv, express, express-rate-limit, handlebars, helmet,
html-entities, inngest, jsonwebtoken, pg, toposort, uuid, zod, nodemon (dev)
────────────────────────────────────────────────────────────────────────────────
FRONTEND CHANGES
────────────────────────────────────────────────────────────────────────────────
Removed:
- tRPC (client, server, routers, query-client)
- Prisma (schema, 12 migration files, db.ts)
- BetterAuth (auth.ts, auth-client.ts, API route)
- Sentry (instrumentation, config, example page, API route)
- Polar (subscriptions client)
- Inngest (client-side channels, functions, utils, API route)
- All server/ prefetch/params-loader files (workflows, credentials, executions)
- mprocs config files
New API Layer (src/api/):
- client.ts: ky HTTP client configured with NEXT_PUBLIC_API_URL,
credentials: "include" for cookie auth
- auth.ts: login, register, logout, getMe API functions
- workflows.ts: CRUD + execute + save workflow API functions
- credentials.ts: CRUD + getByType API functions
New State Management (Jotai):
- auth-atoms.ts: currentUserAtom, isAuthenticatedAtom
- workflow-atoms.ts: workflowsAtom, currentWorkflowAtom, pagination
- credential-atoms.ts: credentialsAtom, currentCredentialAtom, pagination
- execution-atoms.ts: nodeStatusMapAtom, activeExecutionIdAtom
New Components:
- AuthProvider: wraps app, hydrates user on mount
- use-execution-stream.ts: SSE hook with connect(executionId) +
subscribeToWorkflow(workflowId) for webhook-triggered auto-subscribe
- use-node-status.ts: per-node status reader from execution atoms
Modified Hooks (now call real API):
- use-workflows.ts: useWorkflows, useWorkflow, useSuspenseWorkflow,
useCreateWorkflow, useUpdateWorkflow (maps React Flow → backend),
useRemoveWorkflow, useExecuteWorkflow (returns execution.id)
- use-credentials.ts: useCredentials, useCredential, useCredentialsByType,
useCreateCredential, useUpdateCredential, useRemoveCredential
- use-executions.ts: useExecutions, useExecution, useNodeExecutions
- use-subscription.ts: stubbed (Polar removed)
Node Components (all 9):
- Import useNodeExecutionStatus hook
- Pass live status to BaseTriggerNode / BaseExecutionNode
- Nodes show: blue spinner (loading), green border+checkmark (success),
red border+X (error) in real-time during execution
Editor:
- editor.tsx: subscribes to workflow-level SSE on mount for webhook triggers
- execute-workflow-button.tsx: calls connect(executionId) after execute
- useEffect syncs fetched workflow data into local nodes/edges state
Auth Forms:
- login-form.tsx + register-form.tsx: password visibility toggle (Eye icons)
Credential Forms:
- credential.tsx: password visibility toggle for secret fields
UI Fixes:
- dialog.tsx: max-h-[80vh] overflow-y-auto with thin scrollbar
- constants.ts: NodeType + ExecutionStatus enums moved here (circular dep fix)
- node-components.ts: re-exports enums from constants.ts
- upgrade-modal.tsx: updated for removed Polar dependency
Frontend Env Vars:
- NEXT_PUBLIC_API_URL: backend URL (default http://localhost:4000)
- NEXT_PUBLIC_WEBHOOK_URL: ngrok tunnel URL for webhook trigger dialogs
────────────────────────────────────────────────────────────────────────────────
BACKEND ENV VARS REQUIRED
────────────────────────────────────────────────────────────────────────────────
PORT=4000
NODE_ENV=development
DATABASE_URL=postgresql://... (NeonDB connection string)
JWT_SECRET=<random-secret>
JWT_EXPIRES_IN=7d
ENCRYPTION_KEY=<32-byte-hex-string>
CLIENT_URL=http://localhost:3000
INNGEST_EVENT_KEY=<key> (production only)
────────────────────────────────────────────────────────────────────────────────
SETUP
────────────────────────────────────────────────────────────────────────────────
# Frontend
cd nodebase && npm install && npm run dev
# Backend
cd nodebase_backend && npm install
cp .env.example .env # fill in values
npm run db:migrate # run all 12 SQL migrations
npm run dev # starts on port 4000
# Inngest Dev Server
npm run inngest:dev # or: npx inngest-cli@latest dev -u http://localhost:4000/api/inngest
# Webhooks (local dev)
ngrok http 4000 # then set NEXT_PUBLIC_WEBHOOK_URL in frontend .env
|
Important Review skippedToo many files! This PR contains 215 files, which is 65 over the limit of 150. ⛔ Files ignored due to path filters (3)
📒 Files selected for processing (215)
You can disable this status message by setting the Use the checkbox below for a quick retry:
✨ Finishing Touches🧪 Generate unit tests (beta)
Tip Try Coding Plans. Let us write the prompt for your AI agent so you can ship faster (with fewer bugs). Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Migrate the entire Nodebase application from a Next.js fullstack architecture (tRPC, Prisma, BetterAuth, Sentry, Polar) to a decoupled frontend/backend architecture with a custom Node.js + Express API server and direct PostgreSQL access via pg.
──────────────────────────────────────────────────────────────────────────────── BACKEND (nodebase_backend/) — NEW FROM SCRATCH ────────────────────────────────────────────────────────────────────────────────
Architecture:
Modules (7):
SQL Migrations (12):
Engine:
(json, encodeURI, eq) for node data templating
Executors (9):
SSE (Server-Sent Events):
Backend Dependencies Added: @ai-sdk/anthropic, @ai-sdk/google, @ai-sdk/openai, ai, bcryptjs, cookie-parser, cors, dotenv, express, express-rate-limit, handlebars, helmet, html-entities, inngest, jsonwebtoken, pg, toposort, uuid, zod, nodemon (dev)
──────────────────────────────────────────────────────────────────────────────── FRONTEND CHANGES ────────────────────────────────────────────────────────────────────────────────
Removed:
New API Layer (src/api/):
credentials: "include" for cookie auth
New State Management (Jotai):
New Components:
subscribeToWorkflow(workflowId) for webhook-triggered auto-subscribe
Modified Hooks (now call real API):
useRemoveWorkflow, useExecuteWorkflow (returns execution.id)
useCreateCredential, useUpdateCredential, useRemoveCredential
Node Components (all 9):
Editor:
Auth Forms:
Credential Forms:
UI Fixes:
Frontend Env Vars:
──────────────────────────────────────────────────────────────────────────────── BACKEND ENV VARS REQUIRED ────────────────────────────────────────────────────────────────────────────────
PORT=4000 NODE_ENV=development DATABASE_URL=postgresql://... (NeonDB connection string) JWT_SECRET= JWT_EXPIRES_IN=7d ENCRYPTION_KEY=<32-byte-hex-string> CLIENT_URL=http://localhost:3000 INNGEST_EVENT_KEY= (production only)
──────────────────────────────────────────────────────────────────────────────── SETUP ────────────────────────────────────────────────────────────────────────────────
Frontend cd nodebase && npm install && npm run dev
Backend cd nodebase_backend && npm install cp .env.example .env # fill in values npm run db:migrate # run all 12 SQL migrations npm run dev # starts on port 4000
Inngest Dev Server npm run inngest:dev # or: npx inngest-cli@latest dev -u http://localhost:4000/api/inngest
Webhooks (local dev) ngrok http 4000 # then set NEXT_PUBLIC_WEBHOOK_URL in frontend .env