A modern REST API for real-time order management built with NestJS, TypeScript, and PostgreSQL.
Live Order Trucker is a backend application that enables order management between clients and delivery drivers, featuring JWT authentication, data validation, and role-based access control.
- JWT Authentication with bcrypt password encryption
- Role-based access control (client/delivery) with specific permissions
- Order management with trackable status updates
- Robust validation with DTOs and Joi for environment variables
- Complete Type Safety with TypeScript
- Unit testing with Jest
- Centralized configuration with environment variables
- Framework: NestJS
- Language: TypeScript
- Database: PostgreSQL
- ORM: TypeORM
- Authentication: JWT + Passport
- Validation: class-validator + Joi
- Testing: Jest
- Encryption: bcrypt
src/
βββ auth/ # Authentication module
β βββ dto/ # DTOs for login/register
β βββ guards/ # JWT and Local guards
β βββ strategies/ # Passport strategies
βββ config/ # Centralized configuration
βββ orders/ # Orders module
β βββ dto/ # Validation DTOs
β βββ entities/ # TypeORM entities
βββ users/ # Users module
βββ types.ts # Shared types
Create a .env file based on .env.example:
cp .env.example .env# Database
DATABASE_HOST=localhost
DATABASE_PORT=5432
DATABASE_USERNAME=your_username
DATABASE_PASSWORD=your_password
DATABASE_NAME=live_order_trucker_db
# JWT
JWT_SECRET=your-super-secret-jwt-key
# Application
PORT=3000npm installMake sure PostgreSQL is running and create the database:
CREATE DATABASE live_order_trucker_db;# Development
npm run start:dev
# Production
npm run start:prod
# Testing
npm test
# Testing in watch mode
npm run test:watchRegister a new user and automatically return JWT token.
{
"email": "user@example.com",
"password": "password123",
"role": "client" // or "delivery"
}Response:
{
"access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"user": {
"id": 1,
"email": "user@example.com",
"role": "client"
}
}Login with existing credentials.
{
"email": "user@example.com",
"password": "password123"
}Get an order by ID (public endpoint).
Get orders for a specific user.
- Access: Only the owner user or delivery users
- Requires: JWT token
Update order status.
- Access: Only delivery users
- Requires: JWT token
{
"status": "pending" // "pending" | "in_progress" | "delivered"
}Include the JWT token in the Authorization header:
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...-
Client:
- Can only view their own orders
- Cannot update order status
-
Delivery:
- Can view orders from any user
- Can update order status
The project includes unit tests for main services:
# Run all tests
npm test
# Specific tests
npm test -- orders.service.spec.ts
npm test -- users.service.spec.tsTest Coverage:
- OrdersService: 7 tests
- UsersService: 5 tests
- Complete repository mocking
- Edge case validation
- LoginDto: Email and password validation
- RegisterDto: Registration validation with roles
- UpdateOrderStatusDto: Order status validation
Automatic validation of all required variables on application startup.
- Separation of Concerns: Each module has specific responsibility
- Type Safety: Complete TypeScript usage with custom types
- Dependency Injection: NestJS pattern
- Configuration Management: Centralized configuration
- Repository Pattern: With TypeORM
- Strategy Pattern: With Passport for authentication
- Guard Pattern: For endpoint protection
- DTO Pattern: For data validation and transformation
type OrderStatus = 'pending' | 'in_progress' | 'delivered'- pending: Order created, awaiting confirmation
- in_progress: Order being delivered
- delivered: Order successfully delivered
- Passwords are encrypted with bcrypt (salt rounds: 10)
- JWT tokens expire in 24 hours
- TypeORM auto-synchronization enabled (development only)
- Global pipe validation enabled
- Centralized error handling with specific exceptions