{"id":13555055,"url":"https://github.com/shadowhijackers/node-js-starter-kit","last_synced_at":"2025-07-01T09:07:53.992Z","repository":{"id":56650761,"uuid":"239981724","full_name":"shadowhijackers/node-js-starter-kit","owner":"shadowhijackers","description":"This is the starter kit project for node js REST API development with express js, mongodb, typescript, webpack specially designed for REST API projects.","archived":false,"fork":false,"pushed_at":"2023-01-11T04:00:55.000Z","size":1479,"stargazers_count":17,"open_issues_count":1,"forks_count":4,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-04-15T02:52:19.004Z","etag":null,"topics":["expressjs","jest","mongodb","nginx-configuration","nodejs","pm2","snyk","solid-principles","supertest","typescript","webpack4"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/shadowhijackers.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2020-02-12T10:10:29.000Z","updated_at":"2023-12-24T08:26:37.000Z","dependencies_parsed_at":"2023-02-09T01:17:22.734Z","dependency_job_id":null,"html_url":"https://github.com/shadowhijackers/node-js-starter-kit","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/shadowhijackers/node-js-starter-kit","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/shadowhijackers%2Fnode-js-starter-kit","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/shadowhijackers%2Fnode-js-starter-kit/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/shadowhijackers%2Fnode-js-starter-kit/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/shadowhijackers%2Fnode-js-starter-kit/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/shadowhijackers","download_url":"https://codeload.github.com/shadowhijackers/node-js-starter-kit/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/shadowhijackers%2Fnode-js-starter-kit/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":262933317,"owners_count":23386784,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["expressjs","jest","mongodb","nginx-configuration","nodejs","pm2","snyk","solid-principles","supertest","typescript","webpack4"],"created_at":"2024-08-01T12:03:00.666Z","updated_at":"2025-07-01T09:07:53.967Z","avatar_url":"https://github.com/shadowhijackers.png","language":"TypeScript","readme":"# Node JS Starter kit in SOLID Architecture.\n  \n# Introduction\n  \n   This is the starter kit project for node js  with `typescript` \n programming. This project is with `express js` and `mongoose` frameworks to \n build a  Rest APIs. This project structure also support with multiple API\n protocalls also we build the project with unit testing for end points and\n logic codes by `supertest` and `jest`.\n \n This project also example for best practice  node js application\n \n ## Project structure explanations:\n  \n      1. api - Write api codes like rest, graphql, socket\n      2. common - Write common functions to be usable for all the modules \n      3. config - Write App config code\n      4. code - Write Application core level code like engine of your \n                your project, service providers \n      5. models - Wirte database collection models\n      6. loaders - Write your application modueles and load dependcy of app\n      7. services - Write application logics\n      8. subscribers - Write Event subscriber code\n      9. types - Write application types like interfaces, absracts\n      10. __test__  - Write jest unit testing code. \n \n # Core Concepts of this application.\n    \n   Node Js is run time environment for javascript which built on\n   V8 Javascript engine. Its Single thread non blocking IO programming  \n   environment and its intepreted language. Which uses the javascript to \n   run a servers. javascript is dynamic programming language. There is no\n   type defention and less OOPS features for its programming. So Choosing\n   Typescript for developing node js application which will increase the \n   productivity and easy to write reusable code.\n   \n   This application is mainly design for develop a secured, low latency \n   swagger friendly (not yet implemented for swagger)  and strong implementation.\n   \n   We everyone know javascript is a single thread application. So Writing\n   perfomable app is very difficult compare than the other multi thread \n   programming. However its offer a non blocking IO So we can able to \n   delivering resources to endpoints is make fast as possible as per writing\n   javascript asynchronus coding styles and event emiters. So Here we are using\n   async and Event dispatchers. \n   \n    Case Study:\n         We are writing api for user registration. In this endpoint logic \n       we are writting the code for user registration if the user data \n       valid the we will send confimation email and return responses. \n       Here we can write send the email confirmation in event emmiter when \n       the user data valid then write the api to return response and emit the\n       user data to send the email confirmation in background.  \n       \n   \u003e We can write the async packages to handle the complex asynchronus calls parallely and series\n     \n   To reduce the latency of an endpoints response  we are not added the\n   common middleware like body parser. which added in particularly api calls\n   only. So other API calls can make faster.\n   \n   Write Test driven development Its an common approach from most of the\n   developers. Writing an unit testing for project it will make you more confident\n   to deployment and do not allow your code run in production if it not tested.   \n   Here we are using jest and supertest for endpoints. Use seperate db for unit \n   testing environment.\n  \n   We are added the pm2 server cofiguration here to run this application in \n   cluster mode to speed up the api calls. We are setting the environmetn varibales\n   for only in development and testing not added for production. Which added in pm2 server\n   So it give an extra layer security for an app. include the pm2-server\n   file in your cloud instance itself. here we added for example.    \n \n   Use HTTPS/SSL for security, We added helmet and cors setup for improving the \n   security purpose. Adding the secure level module in the middleware only never\n   going to be make your application more secure its about how you are writing also\n   to be consider. use csurf for prevent the CSRF attack. \n   \n       Case Study:\n          I have seen one web application there they written one api call for the \n        loginned User details by passing id in http query. Even that  id is in number format\n        as 1001 when we changed the 1001 to 1002 it gave the details of another uses\n        details. They can get the another user deta. Its became a CSRF loophole. They can get\n        the data by any otherways like JWT token or Auth token. So Writing the code is need\n        to be secured manner. Poor way of coding become a loophole.\n        \n   Don't make user ids in readable formats. its will helpful to enumrate  the other user. Study more\n   about security improvement in [OWSAP](https://www.owasp.org/index.php/Web_Application_Security_Testing_Cheat_Sheet.)   \n   \n   Use Rate Limitter for avoid DDoS , brute force attack and dictionary attack on form datas like signin, OTP cracking. \n   We are already using the Helmet it will prevent some browser level attack.\n    \n   To imporve the low latency of IO calls we are using the Event emitters, async calls for \n   parallel and series asynchronus process.  \n     \n     \n    \nThis project is refered from the following blog and some documents. \n[Reference](https://dev.to/santypk4/bulletproof-node-js-project-architecture-4epf) \n\n \u003e Note : This project still in construction mode\n\n\n","funding_links":[],"categories":["TypeScript"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fshadowhijackers%2Fnode-js-starter-kit","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fshadowhijackers%2Fnode-js-starter-kit","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fshadowhijackers%2Fnode-js-starter-kit/lists"}