This repository serves as a comprehensive authentication and authorization service boilerplate
ACK NestJs is a NestJs v11.x boilerplate designed for backend services.
You can request feature or report bug with following this link
- Stateful Authorization, using
redis-sessionandJWT. - Must run MongoDB as a
replication setfordatabase transactions. - If you change the environment value of
APP_ENVtoproduction, it will disable Documentation. - When using multiple protection decorators, they must be applied in the correct order:
@ExampleDoc() @PolicyAbilityProtected({...}) @RoleProtected(...) @TermPolicyAcceptanceProtected(...) @UserProtected() @ActivityLog(...) @AuthJwtAccessProtected() @FeatureFlagProtected(...) @ApiKeyProtected() @Get('/some-endpoint')
- Since version
8.0.0, the project uses theES256algorithm for Access Token, andES512for Refresh Token. - Since version
8.0.0, the project uses prisma for handle database. - Since version
8.0.0, the project uses pnpm for package manager.
- Activity Log support bidirectional logging
- Add import and export endpoint (includes: direct upload and presign upload)
- Make sure github action works
- 2FA with TOTP Authentication (eg: Google Authenticator)
- Recovery Codes Method
- Login with biometrics (fingerprint or face detection)
- Login with passkey
- Login with Github SSO
- Device awareness
- Verification Mobile Number
- Simple Notification System or Enchant Activity Log to be able act as notification
- Versioning System (Force frontend to update, especially mobile)
- Unit test
- Integration Test
- E2E Test
- Stress Test and Load Test For Benchmark
I assume that everyone who comes here is a programmer with intermediate knowledge. To get the most out of this project, here's what you should understand:
- NestJs Fundamentals - Main framework with decorators, modules, services, and dependency injection
- TypeScript - Strong typing, interfaces, generics, and advanced TypeScript features
- Prisma ORM - Modern database toolkit for schema design, migrations, and type-safe queries
- MongoDB - NoSQL database concepts, especially replication sets for transactions
- Redis - Caching strategies, session storage, and queue management
- Repository Design Pattern - Data access layer abstraction for maintainable code
- SOLID Principles - Clean code architecture and dependency management
- Queue Systems - Background job processing with BullMQ
- Optional. Docker - Containerization for running the project
- Optional. Microservice Architecture - Understanding distributed systems concepts
The project is built using the following technologies and versions. We always strive to use the latest stable versions to ensure security, performance, and access to modern features:
| Name | Version |
|---|---|
| NestJs | v11.x |
| NodeJs | v24.11.x |
| TypeScript | v5.9.x |
| Prisma | v6.19.x |
| MongoDB | v8.0.x |
| Redis | v8.0.x |
| Docker | v28.5.x |
| Docker Compose | v2.40.x |
For more information see package.json
- Easy to maintain
- NestJs Habit
- Component based / modular folder structure
- Stateful authentication and authorization
- Repository Design Pattern
- Follow Community Guidelines
- Follow The Twelve-Factor App
- NestJS 11.x - Latest framework version π₯³
- TypeScript - Full type safety π
- Production Ready - Enterprise-grade architecture π₯
- Stateful Authorization - Redis session with revokable tokens
- JWT Authentication - ES256 for Access Token, ES512 for Refresh Token
- Role-Based Access Control (RBAC) - Fine-grained permission system
- Policy Management - Flexible authorization rules and permissions
- API Key Protection - Secure API access control
- Social Authentication - Google Auth and Apple ID integration
- Prisma ORM - Modern type-safe database toolkit π
- MongoDB Integration - NoSQL with transaction support
- Redis Caching - High-performance cache layer
- Cache Manager - Multi-level caching strategies
- Background Jobs - BullMQ queue system for async processing
- Swagger/OpenAPI 3 - Interactive API documentation
- API Versioning - URL-based versioning (default v1)
- Request Validation - class-validator integration
- Server-side Pagination - Efficient data handling
- SWC Compiler - Lightning-fast compilation
- Response Compression - Optimized payload delivery
- Rate Limiting - Throttling and DDoS protection
- Sentry Integration - Error tracking and performance monitoring
- Health Checks - System monitoring endpoints
- Multi-language Support - i18n with header control (
x-custom-lang) π£ - CSV Processing - CSV import/export capabilities
- AWS Integration - S3 file storage and SES email services
- Database Seeding - Commander-based data population
- Repository Pattern - Clean data access layer
- Docker Support - Complete containerization
- Code Quality - ESLint, Prettier, Husky git hooks πΆ
- Testing Framework - Jest with comprehensive setup
- Dead Code Detection - Automated cleanup tools
For detailed installation instructions (both default and Docker-based), please refer to the Installation.
This project is licensed under the MIT License.
We welcome contributions to this project! To contribute, follow these steps:
- Fork the repository
- Create a feature branch:
git checkout -b feature/your-feature-name - Make your changes and ensure they follow our coding standards
- Run tests:
pnpm testandpnpm lintto verify your changes - Commit your changes:
git commit -m 'feat: add some feature' - Push to your branch:
git push origin feature/your-feature-name - Open a Pull Request with a clear description of your changes
- Follow the existing code style and conventions
- Write or update tests for any new functionality
- Ensure all tests pass before submitting
- Use conventional commit messages (feat, fix, docs, etc.)
- Keep PRs focused and atomic
If your branch is behind the origin/main branch, please rebase and resolve any conflicts before opening a pull request.
Andre Christi Kan
π§ andrechristikan@gmail.com
If you find this project helpful and would like to support its development, please consider giving it a β star on GitHub or buying me a β coffee!
Buy me a coffee β
Or support via PayPal π³
