- tsx
- pkgroll
- eslint
- prettier
- typescript
- vitest
- zod
- drizzle
- drizzle-zod
- drizzle-kit
- postgres
- supabase
- helmet
- cookie-parser
A simple node/express backend api template.
This project requires node.js to be installed. This project uses volta to manage node versions.
To install volta run the following command in the terminal.
curl https://get.volta.sh | bash
https://www.typescriptlang.org/docs/handbook/esm-node.html
This project has been setup to use ESM Node. This allows us to use ES6 imports in Node.
This uses tsx as a dev server and pkgroll to bundle and build the project.
Create a .env file in the root of the project and copy the contents of .env.example into it.
cp .env.example .env
see the section on Deployment with DigitalOcean for more information on how to configure the environment variables for deployment in different environments (eg. development and production).
# install dependencies
npm i
# start the dev server
npm run dev
# make sure to configure the env variables
cp .env.example .env
# view it running on localhost
curl localhost:3000
This project uses vitest for unit testing.
Run the unit tests with npm run test
It's also recommended to install the vitest extension for vscode.
You can view the database with npx drizzle-kit studio
or npm run studio
.
You can spin up a local copy of the database with docker-compose
but this is not required when using Supabase.
docker compose up -d
If you are using the local database and running the application within docker on the host machine you will need to replace the POSTGRES_HOST
from localhost
to host.docker.internal
in the .env file.
POSTGRES_HOST=host.docker.internal
# build the app
npm run build
# build with docker
docker build . --tag node-express-esm
# or to build with a specific platform
docker build . --tag node-express-esm --platform linux/amd64
# start the docker container
docker run -d -p 3000:3000 node-express-esm
# view it running on localhost
curl localhost:3000
When the schema/model is changed make sure to create a new migration and run it against the db.
- Create a new migration
npm run migrate:create
- Run the migrations
npm run migrate:up
You can run the seeds to populate the database with initial data.
Before seeding the db make sure to run the migrations. If you want to populate the seeds with specific user email, password or id's related to the users created in Supabase. You can update the seeds in ./src/seeds/
with the required data and make sure to pass the --supabase=true
flag to the seed command and it will create the users in Supabase and associate the id's with the db records.
Note: If you are creating users with Supabase you will need to confirm the email addresses.
npm run seed
Be sure to update the seeds as new migrations are added.
Aliases can be configured in the import map, defined in package.json#imports.
see: https://github.com/privatenumber/pkgroll#aliases
This project uses JWT bearer token for authentication. The claims, id and sub must be set on the token and the token can be verified and decoded using the configured auth provider.
How permissions work.
A resource will have a permission level. A user will have a role/claim.
Routes will have their permission level defined in ./src/helpers/permissions.ts
When a user makes a request to a route the route will check the user's role/claim against the permission level of the resource.
- Owner - Route can only be accessed by the owner of the resource. Defined by the id of the resource being accessed matching the id of the user making the request.
- User - Can access all resources with user permissions.
- Admin - Can access all resources.
A claim is defined when the user is created which defines the user's role and permissions level.
- User - default user permissions
- Admin - admin permissions
see the documentation for more information on how to use Supabase Auth with this project.
A docker image can be built and deployed to a container registry. We can configure DigitalOcean to deploy the image once the registry updates using their App Platform
The following secrets will need to be added to Github Actions for a successful deployment to DigitalOcean.
DIGITALOCEAN_ACCESS_TOKEN
https://docs.digitalocean.com/reference/api/create-personal-access-token/REGISTRY_NAME
eg registry.digitalocean.com/my-container-registryIMAGE_NAME
the name of the image we are pushing to the repository egexpress-api
it will be tagged with the latest version and a github sha.
For information on confguring the app level environment variables see How to use environment variables in DigitalOcean App Platform
NODE_ENV
:production
APP_URL
:https://api.example.com
POSTGRES_HOST
:<region>.pooler.supabase.com
POSTGRES_USER
:postgres.<supabase-id>
POSTGRES_PASSWORD
:example
POSTGRES_DB
:postgres
SUPABASE_URL
:https://<supabase-id>.supabase.co
SUPABASE_PK
:abcdefghijklm