Server
The server is built on fastify.
Node version 20.18.3 is the highest version on hosting.com.
When setting up the server, on hosting create the application using setup node.js in control panel, that create the virtual directories and links for node_modules. After that the depoy script can handle it.
The hosting service uses “main” from package.json for starting.
This server takes a request, authenticates it, uses zod to validate I/O, drizzle handles the database, with type safety from drizzle-zod.
package.json
Section titled “package.json”Properties
Section titled “Properties”- “name”: “server”,
- “version”: “1.0.0”,
- “main”: ”./dist/server.js”,
- “keywords”: [],
- “author”: "",
- “license”: “ISC”,
- “type”: “commonjs”,
- “description”: "",
dependencies
Section titled “dependencies”-
@fastify/compress:
-
A plugin for Fastify that adds support for reading and setting cookies.
@fastify/cors:
-
@fastify/helmet:
-
@fastify/jwt:
-
@fastify/multipart:
-
@fastify/rate-limit:
-
@fastify/static:
-
argon2:
-
dotenv:
-
dotenv-cli:
Gets the .env variables for running in scripts.
-
Database ORM
-
Fast JSON Web Token implementation.
-
Fast and low overhead web framework, for Node.js.
-
Utility for accessing and converting status codes.
-
Nodemailer is the most popular email sending library for Node.js. It makes sending emails straightforward and secure, with zero runtime dependencies to manage.
-
Helper for postgress error typing.
-
pino:
Very low overhead JavaScript logger.
-
xss:
-
zod;
TypeScript-first schema validation with static type inference.
devDependencies
Section titled “devDependencies”-
@types/jest:
-
@types/node:
-
@types/nodemailer:
-
@types/supertest:
-
concurrently:
-
copyfiles:
-
Handles scripts for multiple environments, e.g. Linux, Windows etc.
-
jest:
-
supertest:
-
ts-jest:
-
ts-node:
-
typescript:
-
typescript-json-schema:
In traffic.ts from boilerplate for testing ?
-
Promise based HTTP client for the browser and node.js
-
Generate massive amounts of fake (but realistic) data for testing and development.
scripts
Section titled “scripts”- build: “tsc —project ./tsconfig.build.json”,
- build:copy: “npm run prisma:copy && npm run copy:templates”,
- clean: “rm -rf dist/*”,
- copy:templates: “copyfiles -u 1 src/**/*.html dist”,
- dev: “cross-env NODE_ENV=development concurrently -k “tsc —project ./tsconfig.build.json —watch” “nodemon —watch ’./dist’ —exec ‘node’ ./dist/server.js"",
- prisma:copy: “copyfiles -u 1 src/generated/**/* dist”,
- prisma:dev:gen: “prisma:migrate:dev && prisma:generate:dev”,
- prisma:migrate:dev: “dotenv -e .env.development — npx prisma migrate dev”,
- prisma:migrate:prod: “dotenv -e .env.production — npx prisma migrate deploy”,
- prisma:generate:dev: “dotenv -e .env.development — npx prisma generate”,
- prisma:generate:prod: “dotenv -e .env.production — npx prisma generate”,
- “prisma:studio: “prisma studio”,
- test: “jest —watchAll”,
- start: “ts-node src/server.ts”
Environment Variables
Section titled “Environment Variables”Application Settings
Section titled “Application Settings”NODE_ENV
Section titled “NODE_ENV”Specifies the environment mode the application runs in (e.g., development, production, test).
DOMAIN
Section titled “DOMAIN”The domain and port where the application is hosted.
The port number the server listens on.
SERVER_URL
Section titled “SERVER_URL”The base server URL without protocol or port.
CORS_ORIGIN
Section titled “CORS_ORIGIN”The allowed origin for Cross-Origin Resource Sharing (CORS) requests.
Authentication & Tokens
Section titled “Authentication & Tokens”ACCESS_TOKEN_SECRET
Section titled “ACCESS_TOKEN_SECRET”Secret key used to sign and verify access tokens. Should be a cryptographically secure random string.
ACCESS_TOKEN_EXPIRE
Section titled “ACCESS_TOKEN_EXPIRE”Time duration before access tokens expire (e.g., 20m for 20 minutes).
REFRESH_TOKEN_SECRET
Section titled “REFRESH_TOKEN_SECRET”Secret key used to sign and verify refresh tokens. Should be a cryptographically secure random string.
REFRESH_TOKEN_EXPIRE
Section titled “REFRESH_TOKEN_EXPIRE”Time duration before refresh tokens expire (e.g., 90d for 90 days).
REFRESH_EXPIRATION_DAYS
Section titled “REFRESH_EXPIRATION_DAYS”Number of days until refresh tokens expire (alternative time format).
REFRESH_TOKEN_COOKIE_NAME
Section titled “REFRESH_TOKEN_COOKIE_NAME”The name of the HTTP cookie used to store the refresh token.
Database Configuration
Section titled “Database Configuration”DATABASE_HOST
Section titled “DATABASE_HOST”The hostname or IP address of the database server.
DATABASE_NAME
Section titled “DATABASE_NAME”The name of the database to connect to.
DATABASE_PASSWORD
Section titled “DATABASE_PASSWORD”The password for authenticating with the database.
DATABASE_PORT
Section titled “DATABASE_PORT”The port number the database server listens on.
DATABASE_PROTOCOL
Section titled “DATABASE_PROTOCOL”The database protocol/driver to use (e.g., postgres, mysql).
DATABASE_USERNAME
Section titled “DATABASE_USERNAME”The username for authenticating with the database.
Email Configuration
Section titled “Email Configuration”SMTP_HOST
Section titled “SMTP_HOST”The hostname of the SMTP server for sending emails.
SMTP_PORT
Section titled “SMTP_PORT”The port number of the SMTP server.
SMTP_USERNAME
Section titled “SMTP_USERNAME”The username for authenticating with the SMTP server.
SMTP_PASSWORD
Section titled “SMTP_PASSWORD”The password for authenticating with the SMTP server.
EMAIL_FROM
Section titled “EMAIL_FROM”The email address used as the sender for outgoing emails.
EMAIL_RECEIVER
Section titled “EMAIL_RECEIVER”The default recipient email address (typically used for testing or notifications).
EMAIL_TOKEN_EXPIRATION
Section titled “EMAIL_TOKEN_EXPIRATION”Time in milliseconds before email verification tokens expire.
Monitoring & Logging
Section titled “Monitoring & Logging”METRICS_PREFIX
Section titled “METRICS_PREFIX”Prefix used for application metrics collection and reporting.
LOG_LEVEL
Section titled “LOG_LEVEL”The minimum level of logs to output (e.g., info, debug, error, warn).