Interlink is a modern, scalable backend API for social media applications, built on NestJS and Prisma. The project offers extensive features for managing users, posts, comments, likes, follows, and notifications.
-
User Authentication & Authorization
Secure registration, login with JWT access and refresh tokens, password reset via email, and multi-factor authentication (MFA) support. -
User Management
Role-based access control (RBAC), customizable user profiles, and user activity tracking with audit logs. -
Posts & Comments
Create, edit, delete posts and comments with rich-text support, media attachments, and content moderation tools including spam detection and profanity filtering. -
Likes & Follows
Like system with real-time updates and follower/following relationships supporting mutual follows and follow recommendations based on social graphs. -
Notifications
Real-time notifications via WebSockets, email alerts, and push notifications with customizable user preferences and notification grouping. -
Advanced Filtering & Pagination
Efficient data querying with cursor-based pagination, full-text search, and complex filtering on posts, comments, and users. -
Security Features
Password hashing with bcrypt, protection against common vulnerabilities (XSS, CSRF, SQL Injection), rate limiting, IP blacklisting, and audit trails. -
Robust Error Handling & Logging
Centralized error handling, structured logging, and integration with monitoring tools. -
API Versioning & Documentation
Versioned REST API endpoints with comprehensive Swagger/OpenAPI documentation. -
Comprehensive Testing
Unit, integration, and end-to-end tests written in Jest and Gherkin to ensure code quality and maintainability.
- NestJS – A progressive Node.js framework for building efficient and scalable server-side applications.
- Prisma – Modern ORM for TypeScript and Node.js to interact safely and efficiently with the database.
- PostgreSQL – Reliable and powerful relational database system (or any other supported relational DB).
- TypeScript – Strongly typed programming language that builds on JavaScript.
- JWT (JSON Web Tokens) – For stateless authentication and authorization with access and refresh tokens.
- bcrypt – Library for hashing passwords securely.
- Passport.js – Authentication middleware for NestJS supporting strategies like local, JWT, OAuth2.
- class-validator & class-transformer – For declarative validation and transformation of request data.
- Swagger / OpenAPI – Automatic API documentation generation and interactive testing.
- Jest – Testing framework for unit and integration tests.
- Cucumber/Gherkin – For behavior-driven development (BDD) and readable acceptance tests.
- Socket.IO or WebSockets – Real-time communication for notifications and live updates.
- dotenv – Loading environment variables from
.envfiles. - [ESLint & Prettier](https://eslint.org/, https://prettier.io/) – Code quality and formatting tools to maintain consistent style and catch errors early.
- Helmet – Security middleware to set HTTP headers and protect against common vulnerabilities.
- Rate-limiter-flexible – Rate limiting to protect API from abuse and DoS attacks.
- Winston or Pino – Logging libraries for structured and performant logs.
The project follows a modular architecture pattern powered by NestJS, promoting scalability, maintainability, and testability.
-
Modular Design
Each feature is encapsulated in its own module (e.g.,AuthModule,UserModule,PostModule,NotificationModule,CommonModule) to isolate responsibilities and enable independent development and testing. -
Layered Structure
Separation of concerns is maintained through layers such as Controllers (handling HTTP requests), Services (business logic), Repositories (database access via Prisma), and Guards/Interceptors (security, validation, and request transformations). -
API Versioning
The REST API is versioned (e.g.,/api/v1) to support backward compatibility and smooth evolution of the system. -
Security by Design
Authentication and authorization mechanisms are centralized in theAuthModule, implementing JWT-based stateless sessions with refresh token rotation and role-based access control (RBAC). -
Real-Time Communication
Notifications and live updates are powered by WebSockets (e.g., using Socket.IO), allowing event-driven client-server communication. -
Database Layer
Prisma ORM abstracts database operations, enabling type-safe queries and migrations on a relational database such as PostgreSQL. -
Configuration Management
Environment variables are managed via.envfiles and thedotenvpackage to separate configuration from code, supporting different environments (development, testing, production). -
Testing Strategy
Tests are organized by module and type (unit, integration, end-to-end), with behavior-driven development (BDD) style using Gherkin syntax for acceptance criteria. -
Logging and Monitoring
Centralized logging using Winston or Pino, with structured logs to facilitate debugging and performance monitoring.
This architecture ensures the system is modular, extensible, secure, and easy to maintain as the project grows.
Follow these steps to get the Interlink backend up and running on your local machine:
git clone https://github.com/ktcotz/interlink.git
cd interlinknpm install- Create a .env file in the root directory based on the .env.example template:
cp .env.example .env- Then update .env with your environment-specific values, e.g.:
PORT=3000
DATABASE_URL=POSTGRESQL_DATABASE_URL
JWT_ACCESS_TOKEN_SECRET=your_access_token_secret
JWT_REFRESH_TOKEN_SECRET=your_refresh_token_secret- Make sure you have PostgreSQL (or your preferred relational DB) installed and running.
- Create the database:
createdb interlink- Run prisma migrations to create the database schema:
npx prisma migrate deploy- For development with hot reload:
npm run start:dev- For production build and run:
npm run build
npm run start:prod- Unit tests
npm run test- Tests coverage
npm run test:cov- E2e tests
npm run test:e2eThe API is fully documented using Swagger (OpenAPI). After running the application, you can explore and test the API endpoints interactively: API Documentation
We welcome contributions from the community! To contribute:
- Fork the repository
- Create a feature branch (
git checkout -b feature/your-feature) - Commit your changes (
git commit -m 'feat: add some feature') - Push to the branch (
git push origin feature/your-feature) - Open a Pull Request
Please follow our Code of Conduct and Contributing Guidelines for best practices.
This project is licensed under the MIT License. See the LICENSE file for details.