This application is the backend of a forum-like platform that allows users to share knowledge and ideas seamlessly.
It results from an in-depth study and implementation of SOLID principles, Clean Architecture, Domain-Driven Design (DDD), and Test-Driven Development (TDD).
- π» Language and Framework
- TypeScript
- NestJS
- π Authentication
- JSON Web Token (RS256 Algorithm)
- βοΈ Storage
- Cloudflare R2 (AWS S3 API)
- πΎ Databases
- Postgres
- Redis (Cache)
- π³ Containerization
- Docker
- β
Testing
- Vitest
- SuperTest (E2E Tests)
- Faker.js
- π§Ή Linting
- ESLint
- Prettier
Node.js (v20.10.0) is required to install dependencies and run the project.
git clone git@github.com:bonizario/elysian.git && cd elysian
Install the pnpm
package manager.
npm install -g pnpm
Install the project dependencies.
pnpm install
You can generate a private and public key pair using the openssl
command in Linux/macOS:
- Generate the private key:
openssl genpkey -algorithm RSA -out private_key.pem -pkeyopt rsa_keygen_bits:2048
- Generate the public key from the private key:
openssl rsa -pubout -in private_key.pem -out public_key.pem
This will create a 2048-bit RSA private key (private_key.pem
) and a corresponding public key (public_key.pem
). Make sure to keep your private key secure.
- Convert the private key to base64:
base64 -w 0 private_key.pem > private_key_base64.pem
- Convert the public key to base64:
base64 public_key.pem > public_key_base64.pem
- Copy the
.env.example
content into a new.env
file:
cp .env.example .env
- Paste both base64 encoded keys into the
.env
file and delete the generated files afterward:
JWT_PRIVATE_KEY=
JWT_PUBLIC_KEY=
JSON Web Token (JWT) is a compact and self-contained method for securely transmitting information between parties as a JSON object.
This information can be verified and trusted because it is digitally signed (via one of the many cryptography algorithms available). The main difference between these algorithms is the type of key they use:
-
Symmetric algorithms (HMAC) use a secret key for signing and verifying tokens. The key must be kept secure and shared between parties that need to verify the token.
-
Asymmetric algorithms (RSA, ECDSA, EdDSA) use a private key for signing tokens and a corresponding public key for verifying them. The private key must be kept secure within the main service, while the public key can be freely distributed to any other party that needs to verify tokens but should not be able to generate them.
tree -d -I 'node_modules|dist|build' --sort name -A -C
βββ prisma
β βββ migrations
βββ src
β βββ core
β β βββ entities
β β βββ errors
β β βββ events
β β βββ repositories
β β βββ types
β βββ domain
β β βββ forum
β β β βββ application
β β β β βββ cryptography
β β β β βββ repositories
β β β β βββ storage
β β β β βββ use-cases
β β β β βββ errors
β β β βββ enterprise
β β β βββ entities
β β β β βββ value-objects
β β β βββ events
β β βββ notification
β β βββ application
β β β βββ repositories
β β β βββ subscribers
β β β βββ use-cases
β β βββ enterprise
β β βββ entities
β βββ infra
β βββ auth
β βββ cache
β β βββ redis
β βββ cryptography
β βββ database
β β βββ prisma
β β βββ mappers
β β βββ repositories
β βββ env
β βββ events
β βββ http
β β βββ controllers
β β βββ pipes
β β βββ presenters
β βββ storage
βββ test
βββ cryptography
βββ e2e
βββ factories
βββ repositories
βββ storage
βββ utils