A advance backend boilerplate with modern secure high demand features
Ready PostgreSQL Backend is a TypeScript-based Express.js application that provides a secure and scalable API. It uses Prisma as an ORM and implements various security features and optimizations.
- Runtime Environment: Node.js
- Framework: Express.js
- Language: TypeScript
- Database ORM: Prisma
- Authentication: JWT, Cookie-based
- Security:
- Rate Limiting
- CORS
- Compression
- Cookie Parser
- Development Tools:
- ESLint
- Prettier
- Husky (Git Hooks)
- ts-node-dev
-
Authentication & Authorization
- JWT-based authentication
- Secure cookie handling
- Role-based access control
-
API Security
- Rate limiting to prevent abuse
- CORS configuration
- Request compression
- Error handling middleware
-
Development Features
- Hot reloading
- TypeScript support
- Code formatting and linting
- Git hooks for code quality
- CI/CD with GitHub Actions
- Docker support
- AWS S3 for file storage
- Cloudinary for image processing
- Nodemailer for email sending
- Swagger for API documentation
- Sentry for error monitoring
- Docker Compose for easy local development
- Node.js (v14 or higher)
- npm or yarn or pnpm
- PostgreSQL database
Create a .env file in the root directory with the following variables:
#------Server
NODE_ENV=development
PORT=5000
SERVER_NAME="Ready Backend"
#------Database
DATABASE_URL="postgresql://postgres:pass_your@127.0.0.1:5432/ready-backend_db?schema=public"
SHADOW_DATABASE_URL='postgresql://postgres:pass_your@127.0.0.1:5432/ready-backend_db?schema=public'
#----------Security
BCRYPT_SALT_ROUNDS=12
JWT_SECRET=your-secret
JWT_EXPIRES_IN=1d
JWT_REFRESH_SECRET=very-refresh-secret
JWT_REFRESH_EXPIRES_IN=365d
SERVER_URL='http://localhost:5001'
#---------Cloudinary
CLOUDINARY_CLOUD_NAME="sadfasdfasd"
CLOUDINARY_API_KEY="234512342314"
CLOUDINARY_API_SECRET="1234342345"
#---------AWS S3
S3_BUCKET="ready-backend"
S3_REGION="ap-southeast-1"
S3_ACCESS_KEY_ID="EXAMPLEKEYID"
S3_SECRET_ACCESS_KEY="EXAMPLE_example"
#---------SMTP
FRONTEND_URL = ""
# SMTP_USER=your-email@gmail.com
# SMTP_PASS=your-app-password
SMTP_HOST='smtp.gmail.com'
SMTP_PORT=587
SMTP_SECURE=false
SMTP_USER='sarwarasik@gmail.com'
SMTP_PASS='example example example'
#---------Default Password
SUPER_ADMIN_EMAIL=admin@gmail.com
SUPER_ADMIN_PASSWORD=adminPass
- Clone the repository:
git clone [repository-url]
cd ready-backend- Install dependencies:
yarn install
# or
npm install- Run database migrations:
npx prisma migrate dev- Start the development server:
yarn dev
# or
npm run devyarn start: Start production serveryarn dev: Start development server with hot reloadingyarn build: Build the TypeScript projectyarn lint:check: Check for linting issuesyarn lint:fix: Fix linting issuesyarn prettier:check: Check code formattingyarn prettier:fix: Fix code formattingyarn lint-prettier: Run both lint and prettier checks
- Rate limiting configuration to prevent abuse
- CORS setup for development and production
- Request compression for better performance
- Secure cookie handling
- Global error handling middleware
This project uses GitHub Actions for continuous integration and deployment. Our workflow automatically:
- Builds the application
- Runs tests
- Checks code quality
- Deploys to production (when merging to main branch)
- Automatic builds on push and pull requests
- Node.js environment setup
- Dependency caching for faster builds
- Environment variable handling
- Deployment automation
To view detailed workflow configurations, check .github/workflows/build-deploy.yml.
The backend supports file uploads with the following features:
- Image upload support for user profiles
- Automatic directory creation for uploads
- File type validation
- Size limits and optimization
- Secure file storage
- Role-based access control (User, Admin, Super Admin)
- Super Admin seeding on first startup
- Profile management with image upload
- Secure password handling
- Email verification
- JWT-based authentication
- Refresh token support
- Password reset functionality
- Email verification
- Session management
- Rate limiting on auth endpoints
- Start all services:
docker-compose up -d- Stop all services:
docker-compose down- View logs:
docker-compose logs -f api- Build the Docker image:
docker build -t ready-backend .- Run the container:
docker run -p 5000:5000 --env-file .env ready-backendThe project includes:
- Multi-stage build optimization
- Production-ready Node.js configuration
- PostgreSQL database container
- Volume persistence for database
- Hot-reloading for development
- Automatic container restart
- Network isolation
Dockerfile: Multi-stage build configurationdocker-compose.yml: Service orchestration.dockerignore: Build optimization
- Fork the repository
- Create your feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add some amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
- Express.js community
- Prisma team
- TypeScript team
