Skip to content

MajidJafari/mongo-graph-test-project

Repository files navigation

Nest Logo

A progressive Node.js framework for building efficient and scalable server-side applications.

NPM Version Package License NPM Downloads CircleCI Coverage Discord Backers on Open Collective Sponsors on Open Collective Support us

Description

Test project utilizing Mongo Graph.

Installation

$ npm i -g yarn @nest/cli
$ yarn

Notes before running the app

Set your constant config in the src/configs/constants.ts file. Please note the mongo URL string you enter here, should be the one you will enter must be the same as <YOUR_MONGODB_URL_STRING> in running the seeder.

Running the app

# development
$ yarn start

# watch mode
$ yarn start:dev

# production mode
$ yarn start:prod

# initialize the DB with necessary data
$ node dist/store-seeder-script.js <YOUR_MONGODB_URL_STRING>

Test

# unit tests
$ yarn test

# e2e tests
$ yarn test:e2e

License

MIT licensed.

Notice

  • I added status field to soft-delete entities, so I don't remove them from DB.

  • I aggregate user API with different type of MANAGER and EMPLOYEE in one API as I think it makes sense to do so because they are different in only type query filter.

  • I could reference the child stores in store model but I preferred to save parenetStore as the project could grow, and it is not efficient to save let’s say for example 50 entries as childStore for each store.

  • I used bcryptjs for hashing passwords for the sake of simplicity, but in production projects, we should use bcrypt as it uses C under the hood and is almost 100 times faster than bcryptjs which uses JavaScript for the same tasks.

  • I used the name as username and password of the users in the seeder script for the sake of brevity.

  • I used the DB properties as inputs and outputs for the sake of simplicity, but in the production project, I prefer snake_case_keys for request and response and camelCase for database schema.

  • Right now the refreshToken field of the user model is useless, I would add another API to get the same accessToken as its response with refreshToken as its request to provide a better DX for clients.

  • The Authorization mechanism which uses only one Interceptor is so fragile and is completely route-dependent and I could use CASL or casbin libraries in the production project, considering whether I had the time to implement it.

Future development

This project can be improved with the following developments:

  • Replacebcryptjs with bcrypt.
  • Refactor the project so inputs and outputs keys would not be the same as DB fields. For example, replace _id with id and remove __v field using toJSON mongoose built-in virtual.
  • Add an API that accepts refresh_token as its request body and returns the OAuth2 standard response.
  • Overhaul the Authorization with CASL or casbin libraries.

Thank You :)

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published