A robust and secure API built with Express.js, TypeScript and PostgreSQL, following best architectural practices.
- Modular Architecture: Layered structure with separation of concerns
- TypeScript: Secure typed development on the server side
- Express.js: Fast and flexible web framework
- PostgreSQL: Powerful relational database
- JWT Authentication: Complete authentication management with access and refresh tokens
- Swagger Documentation: Interactive API documentation
- Data Validation: Request validation with Zod
- Database Migrations: Schema change management with db-migrate
- Docker Support: Ready configuration for development and production
- Testing: Unit and integration testing with Jest
- Linting & Formatting: ESLint and Prettier integration
- Rate Limiting: API request limitation for security
- Logging: Advanced logging with Winston
- Error Handling: Centralized error management and logging system
- Transactional Management: SQL transaction support
- Environment Variables: Complete configuration management with validation
- Security: CORS protection, Helmet security headers, and SQL injection prevention
- API Versioning: Support for multiple API versions
- Performance Monitoring: Basic metrics and monitoring setup
- CI/CD Ready: GitHub Actions workflow templates included
- Node.js (v20+)
- PostgreSQL (v15+)
- Docker (optional)
- Clone the repository:
git clone <repository-url>
cd express-ts-postgres-api- Install dependencies:
npm install-
Create a
.envfile based on.env.example -
Run database migrations:
npm run migrate:up- Start the development server:
npm run dev- Clone the repository:
git clone <repository-url>
cd express-ts-postgres-api- Start Docker containers:
docker-compose up- All passwords are hashed using bcrypt
- JWT tokens with short expiration time
- Rate limiting to prevent brute force attacks
- CORS configuration for allowed origins
- Helmet security headers enabled
- SQL injection prevention with parameterized queries
- Input validation with Zod
- Security headers configuration
.
├── migrations/ # Database migrations
├── src/
│ ├── api/ # API Layer
│ │ └── v1/ # API Version 1
│ │ ├── controllers/ # Request handlers
│ │ ├── routes/ # API endpoint definitions
│ │ └── services/ # Business logic for API v1
│ ├── config/ # Application configuration
│ ├── core/ # Core Layer
│ │ ├── database/ # Database management
│ │ ├── middleware/ # Fundamental middleware
│ │ ├── models/ # Data models
│ │ └── types/ # Common types
│ ├── utils/ # Utilities and helpers
│ └── index.ts # Application entry point
├── __tests__/ # Test files
├── .env.example # Environment variables example
├── .env.test # Test environment variables
├── .eslintrc.json # ESLint configuration
├── .prettierrc # Prettier configuration
├── docker-compose.yml # Docker Compose configuration
├── Dockerfile # Docker configuration
├── jest.config.js # Jest configuration
├── migrate-config.js # Database migration configuration
├── nodemon.json # Nodemon configuration
├── package.json # Project dependencies
└── tsconfig.json # TypeScript configuration
- API Layer (
src/api/): Contains versioned API endpoints, controllers, and services - Core Layer (
src/core/): Houses fundamental functionality like database access, middleware, and models - Config (
src/config/): Application-wide configuration management - Utils (
src/utils/): Shared utilities and helper functions - Tests (
__tests__/): Test suites and test utilities - Migrations (
migrations/): Database schema version control
- TypeScript configuration via
tsconfig.json - ESLint and Prettier for code quality
- Jest for testing
- Nodemon for development server
- Docker support for containerization
- Database migrations with
node-pg-migrate
This layered architecture promotes:
- Clear separation of concerns
- Version control of API endpoints
- Centralized configuration management
- Modular and maintainable codebase
- Easy testing and deployment
Once the server is started, you can access the Swagger documentation at:
http://localhost:3000/api-docs
npm start: Run the production servernpm run dev: Run the development server with hot reloadingnpm run build: Build the TypeScript projectnpm run lint: Run ESLintnpm run format: Format code with Prettiernpm test: Run testsnpm run migrate:create <name>: Create a new migrationnpm run migrate:up: Run migrationsnpm run migrate:down: Revert migrations
The project is organized in distinct layers:
- API Layer (
api/): Handles HTTP exposure with routes and controllers. - Service Layer (
services/): Contains business logic and coordinates data access. - Data Access Layer (
core/database/): Manages database interaction. - Core Layer (
core/): Provides fundamental functionality used throughout the application.
This layered architecture allows better separation of concerns and easier maintenance.
- Fork the repository
- Create your feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add some amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
For support, please open an issue in the GitHub repository.
This project is licensed under the MIT License - see the LICENSE file for details.
This project uses node-pg-migrate to manage database migrations in TypeScript.
# Create a new migration
npm run migrate:create migration_name
# Run all pending migrations
npm run migrate:up
# Revert one migration
npm run migrate:downimport { MigrationBuilder } from 'node-pg-migrate';
export const up = (pgm: MigrationBuilder): void => {
// Create a table
pgm.createTable('example', {
id: {
type: 'serial',
primaryKey: true
},
name: {
type: 'varchar(100)',
notNull: true
},
active: {
type: 'boolean',
default: true
},
created_at: {
type: 'timestamp',
notNull: true,
default: pgm.func('now()')
}
});
// Add an index
pgm.createIndex('example', 'name');
};
export const down = (pgm: MigrationBuilder): void => {
pgm.dropTable('example');
};