home.social
Sign in Create account

Mariusz

@[email protected]
View on techhub.social
  1. Mariusz @bmariusz ·

    Day 15

    Today I implemented full user registration with email verification.
    Registration creates an inactive account and sends a verification link with a JWT token.
    Verification activates the account if the token is valid and not expired, and assigns the user to the default trial subscription plan.

    I also introduced a custom JSON-based translation system, with language selected via the `x-lang` HTTP header.

    Finally, I refactored subscription logic: a separate `plans` table was added.

    Everything works. All tests passed.

    write.tyolabs.com/2025/07/10/d

    #programming #jwt #subscription #json #monorepo #saas
  2. Mariusz @bmariusz ·

    Day 14

    Registration Form Implementation
    I've just finished implementing a registration form with validation and language switching using Next.js and React Hook Form. Now users can register with dynamic language support (English/Polish) and data validation (email, password, phone).

    Unfortunately, my account on Write.as has been temporarily blocked, so details about the implementation will be available once the account is unlocked. Stay tuned! 😊

    write.tyolabs.com/?p=1

    #programming #next_js #javascript #typescript #monorepo #saas
  3. Mariusz @bmariusz ·

    Day 13
    version 0.6.0 released
    Scoped access is now enforced across all core modules. Each repository operation is tenant-aware via a shared ScopedRepository base class.

    Key facts:
    12 modules refactored
    96 updated tests
    1 shared base class (ScopedRepository) used across the board

    subscriberId is automatically applied in all find, findOne, save, remove operations

    1 very long workday

    Commit, tag, release — done

    write.tyolabs.com/?p=42

    #programming #typescript #saas #scoped_access #microservices #monorepo
  4. Mariusz @bmariusz ·

    Day 12

    Implemented password reset functionality using JWT:
    /auth/remind-password generates a short-lived token and sends it via email
    /auth/reset-password verifies the token and updates the password using bcrypt

    Validation handled with class-validator.
    Endpoints documented with Swagger.
    Token secret and base URL configured via environment variables.

    write.tyolabs.com/?p=33

    #programming #typescript #saas #microservices #monorepo #codingdays
  5. Mariusz @bmariusz ·

    Day 8
    TL;DR: Yesterday I took a break. Today I’m back – and permissions are under control :)
    Spent the day designing a fine-grained permission model.
    I now support 96 distinct permissions across 8 modules, 4 CRUD operations, and 3 scopes: self, group, global.
    Three system roles bind these into meaningful sets:
    admin: full global access (32 permissions)
    supervisor: read self + full group scope (32)
    employee: read/update self only (16)

    That's 80 role-permission bindings total. Uff.

    write.tyolabs.com/?p=27

    #sql #microservices #monorepo #rbac #codingdays #programming
  6. Mariusz @bmariusz ·

    Day 7
    ✅ 24 test suites, 153 tests passing.

    Solid coverage across service and controller layers in my modular monorepo. Strict typing (TypeScript), full DTO validation, and realistic mocks across complex relations (TypeORM).

    Next: fine-tuning error handling & exploring e2e strategies.

    write.tyolabs.com/?p=25

    #typescript #nestjs #nextjs #insurancetech #microservices #monorepo
  7. Mariusz @bmariusz ·

    Day 6
    TL;DR: Groups, memberships, hierarchy — all dynamic now.

    Released backend v0.3.0 🎉

    ✅ Users can belong to multiple groups with typed roles
    ✅ Groups can form hierarchical or overlapping structures
    ✅ Roles are normalized via reference types

    Built with NestJS + TypeORM. Documented via Swagger.

    write.tyolabs.com/?p=23

    #typescript #nestjs #nextjs #insurancetech #microservices #monorepo
  8. Mariusz @bmariusz ·

    Day 5
    TL;DR: Continued work on backend security — role-based access is now fully wired up.

    ✅ Got fine-grained role-based access control fully working today.

    • Roles loaded from PostgreSQL
    • Injected into JWT during login
    • Validated via custom `@Roles()` + `RolesGuard`
    • Authenticated via `@UseGuards(JwtAuthGuard)` globally
    • Introduced `@Public()` decorator to bypass guards for public endpoints
    • Swagger supports Bearer token for testing

    Took a while to get the role propagation into the token right — the key was enriching the `validateUser()` result, not just fetching data from DB.

    Modular, clean, and no magic. Feels good. 👌

    more on: write.tyolabs.com/?p=21

    #cloudnative #typescript #nestjs #nextjs #insurancetech #microservices
  9. Mariusz @bmariusz ·

    Day 4

    TL;DR: Full Swagger docs + JWT auth with registration and login are live.

    Today’s work focused on two key improvements.

    1. Swagger documentation was extended across all API layers. DTOs, entities, and controllers were enriched with `@ApiTags`, `@ApiOperation`, `@ApiResponse`, and detailed `@ApiBody` annotations — including real-life examples for request bodies.

    2. JWT-based authentication was implemented. A secure registration flow was added, with password hashing via bcrypt. A login endpoint now issues access tokens containing user ID, email, and roles. All logic is encapsulated using Passport strategies (local and JWT). The next step will be protecting routes with guards and role-based access.

    write.tyolabs.com/?p=19


    #cloudnative #typescript #nestjs #nextjs #insurancetech #microservices
  10. Mariusz @bmariusz ·

    Day 3 2/2
    2. Enabling API documentation with Swagger.

    I integrated Swagger into the backend (NestJS v10, ESM, Turbo monorepo), using `@nestjs/swagger@7` to match our current framework version.
    The docs are now live at `/api/docs`, fully aligned with our global `ValidationPipe` and `AllExceptionsFilter` — ensuring consistent validation and error responses.

    Next: annotate DTOs, describe endpoints properly, and restrict access.

    write.tyolabs.com/?p=17


    #cloudnative #typescript #nestjs #nextjs #insurancetech #microservices
  11. Mariusz @bmariusz ·

    Day 3 1/2
    TL;DR:
    Added global `ValidationPipe` and unified `AllExceptionsFilter` in NestJS. API errors now follow a consistent format: `{ statusCode, error, message, code, details }`.

    Today’s work focused on:
    1. Standardizing input validation and error handling in the backend of the insurance sales network management system (NestJS, TypeScript, ESM, Turbo monorepo).

    - Enabled global `ValidationPipe` with: `whitelist`, `forbidNonWhitelisted`, `transform`, `enableImplicitConversion`.
    - Extended existing `AllExceptionsFilter` to produce structured error responses across `HttpException`, `QueryFailedError`, and other runtime errors.
    - Removed `http-exception.filter.ts` — now redundant.
    - Error response format is frontend/B2B-friendly and consistent across the API.

    Example error response:
    {
    "statusCode": 400,
    "error": "Bad Request",
    "message": "Field 'email' is required",
    "code": "VALIDATION_EMAIL_REQUIRED",
    "details": {
    "field": "email",
    "reason": "required"
    }
    }

    #codingdays #programming
  12. Mariusz @bmariusz ·

    Day 2:

    TL;DR:
    ❌ `composite: true`
    ❌ `tsconfig.build.json`
    ✅ `paths` in `tsconfig.base.json`
    ✅ `include` shared libs explicitly where needed
    ✅ `turbo run build` just works

    Wrestled for hours (~3) with TypeScript `project references` and `paths` in a Turbo monorepo (NestJS, ESM).
    Turns out: if you want global aliases like `@my-lib/foo` to *just work* across apps — skip `composite: true` and `tsc --build`.

    Project references and alias-based path mapping don't mix well when your intent is to keep things simple.

    write.tyolabs.com/?p=15


    #cloudnative #typescript #nestjs #nextjs #insurancetech #microservices
  13. Mariusz @bmariusz ·

    Day 1:
    tl;dr: ESM + TS + NestJS + TypeORM is possible, but not recommended for the impatient.

    Successfully bootstrapped NestJS + TypeORM + PostgreSQL stack using ESM.

    It only took:
    - 6 hours
    - 17 cryptic errors
    - 3 existential crises

    Turns out, using modern JS modules with legacy decorators is... bold. But hey — it runs now.

    write.tyolabs.com/?p=13


    #cloudnative #typescript #nestjs #nextjs #insurancetech #microservices
  14. Mariusz @bmariusz ·

    Day 0:

    TL;DR: Set up the basic foundations for a new system: database schema finalized, core backend modules scaffolded, and initial API contracts defined. The real work begins now.
    No hype. Just building.

    Today I worked on building the core backend infrastructure for a cloud-native insurance platform. Key points:
    Modular microservices architecture based on NestJS
    PostgreSQL schemas designed for flexibility — no hardcoded values, all dynamic
    Using TypeScript with ESM modules for better code organization
    Setting up communication patterns between backend and Next.js frontend
    Focus on scalability and simplicity in cloud deployment
    This lays a solid foundation for a system built from scratch to replace legacy solutions and support future growth.

    write.tyolabs.com/?p=10

    #cloudnative #typescript #nestjs #nextjs #insurancetech #microservices