ACK NestJs Boilerplate 🔥 🚀

ACK NestJs is a NestJs v11.x boilerplate designed for backend services. Production-ready NestJS boilerplate with authentication, authorization, and enterprise features

You can request feature or report bug with following this link

Ideal For

This boilerplate is perfect for:

• 🏢 Enterprise Applications - Full-featured auth system with RBAC and audit logging
• 🔐 Authentication Services - Ready-to-use JWT, OAuth, and 2FA implementation
• 📱 Mobile App Backends - RESTful API with social login support
• 🌐 Multi-tenant SaaS - Role-based access control and policy management
• 🚀 Microservices - Stateful sessions with Redis and async job processing
• 💼 Startup MVPs - Production-ready foundation to ship faster

Table of Contents

• Important
• TODO
• Prerequisites
• Build with
• Objective
• Features
  • 🎯 Architecture Highlights
  • 🔐 Authentication & Security
  • 📊 Database & Storage
  • ⚡ Performance & Optimization
  • 🛠 Development Experience
  • 📡 Integrations & Monitoring
  • 📝 Testing & Documentation
• Quick Start
• Change DB with Minimal Effort
• Installation
• License
• Contribute
• Contact

Important

• Stateful Authorization, using redis-session and JWT.
• Must run MongoDB as a replication set for database transactions.
• If you change the environment value of APP_ENV to production, it will disable Documentation.
• When using multiple protection decorators, they must be applied in the correct order:

  @ExampleDoc()
  @ActivityLog(...)
  @PolicyAbilityProtected({...})
  @RoleProtected(...)
  @TermPolicyAcceptanceProtected(...)
  @UserProtected()
  @AuthJwtAccessProtected()
  @FeatureFlagProtected(...)
  @ApiKeyProtected()
  @HttpCode(HttpStatus.OK)
  @Get('/some-endpoint')

• Since version 8.0.0, the project uses the ES256 algorithm for Access Token, and ES512 for Refresh Token.
• Since version 8.0.0, the project uses prisma 6.19 for handle database.
• Since version 8.0.0, the project uses pnpm for package manager.

TODO

• Change enum name to use PascalCase
• 2FA with TOTP Authentication (eg: Google Authenticator)
• Recovery Codes Method
• Add TOTP Authentication Protected to reset password, change password, and regenerate backup codes endpoints
• Add import and export endpoint with presign upload
• Add migration script to migrate AWS S3 Policy for public and private, include config for presign expiration

Next Features

• Activity Log support bidirectional logging
• Login with biometrics (fingerprint or face detection)
• Login with passkey
• Login with Github SSO
• Device awareness, Geo Location
• Sliding session (Example: 7d expires for a refresh token, can be extends until x day. if not action in 7d then need to re-login)
• Anomaly detection when refresh token
• Verification Mobile Number, whatsapp or/and sms
• Simple Notification System or Enchant Activity Log to be able act as notification
• Versioning System (Force frontend to update, especially mobile)

Test

• Unit test
• Integration Test
• E2E Test
• Stress Test For Benchmark/Performance
• Load Test For Benchmark/Performance

Prerequisites

I assume that everyone who comes here is a programmer with intermediate knowledge. To get the most out of this project, here's what you should understand:

1. NestJs Fundamentals - Main framework with decorators, modules, services, and dependency injection
2. TypeScript - Strong typing, interfaces, generics, and advanced TypeScript features
3. Prisma ORM - Modern database toolkit for schema design, migrations, and type-safe queries
4. MongoDB - NoSQL database concepts, especially replication sets for transactions
5. Redis - Caching strategies, session storage, and queue management
6. Repository Design Pattern - Data access layer abstraction for maintainable code
7. SOLID Principles - Clean code architecture and dependency management
8. Queue Systems - Background job processing with BullMQ
9. Optional. Docker - Containerization for running the project
10. Optional. Microservice Architecture - Understanding distributed systems concepts

Build with

The project is built using the following technologies and versions. We always strive to use the latest stable versions to ensure security, performance, and access to modern features:

Name	Version
NestJs	v11.x
NodeJs	v24.11.x
TypeScript	v5.9.x
Prisma	v6.19.x
MongoDB	v8.0.x
Redis	v8.0.x
Docker	v28.5.x
Docker Compose	v2.40.x

For more information see package.json

Objective

• Easy to maintain
• NestJs Habit
• Component based / modular folder structure
• Stateful authentication and authorization
• Repository Design Pattern
• Follow Community Guidelines
• Follow The Twelve-Factor App

Features

🎯 Architecture Highlights

• Repository Pattern - Clean data access abstraction
• SOLID Principles - Maintainable and testable codebase
• Modular Structure - Component-based folder organization
• 12-Factor App - Cloud-native best practices
• Production Ready - Enterprise-grade security and scalability

🔐 Authentication & Security

Production-ready authentication system with multiple strategies and security layers.

• JWT Authentication - ES256 for Access Token, ES512 for Refresh Token with automatic rotation
• Stateful Sessions - Redis-backed sessions with token revocation support
• Social Login - Google OAuth and Apple Sign In integration (docs)
• Two-Factor Authentication - TOTP-based 2FA with backup recovery codes (docs)
• RBAC & Policies - Fine-grained role and permission system (docs)
• API Key Protection - Secure external API access control
• Rate Limiting - DDoS protection with configurable throttling
• Security Headers - Helmet integration for HTTP security

📊 Database & Storage

Modern ORM with NoSQL database and file storage capabilities.

• Prisma ORM - Type-safe database toolkit with migrations (docs)
• MongoDB - NoSQL database with transaction support (replica set required)
• Redis Caching - Multi-level caching strategies for performance (docs)
• AWS S3 Integration - File storage with presigned URLs (docs)
• Repository Pattern - Clean separation of data access layer

⚡ Performance & Optimization

Built for speed and scalability from day one.

• Background Jobs - BullMQ queue system for async processing (docs)
• Response Compression - Automatic gzip/deflate compression
• SWC Compiler - 20x faster than TypeScript compiler
• Pagination - Server-side pagination with cursor support (docs)
• Feature Flags - Dynamic feature rollout with A/B testing (docs)

🛠 Development Experience

Developer-friendly tooling and best practices.

• NestJS 11.x - Latest framework version with full TypeScript support
• Swagger/OpenAPI 3 - Interactive API documentation (docs)
• API Versioning - URL-based versioning (default v1)
• Request Validation - Automatic validation with class-validator (docs)
• Error Handling - Standardized error responses with i18n (docs)
• Hot Reload - Fast development with SWC
• Code Quality - ESLint, Prettier, Husky pre-commit hooks
• Database Seeding - Commander-based data population

📡 Integrations & Monitoring

Enterprise-grade integrations for production readiness.

• Sentry - Error tracking and performance monitoring (docs)
• AWS SES - Transactional email delivery
• Activity Logging - Comprehensive audit trail (docs)
• Health Checks - System monitoring endpoints
• Multi-language Support - i18n with x-custom-lang header (docs)

📝 Testing & Documentation

Comprehensive testing framework and documentation.

• Jest Testing - Unit, integration, and e2e test setup
• Swagger UI - Auto-generated API documentation
• Detailed Docs - 20+ documentation files covering all features
• Docker Support - Complete containerization with docker-compose

Quick Start

# Clone repository
git clone https://github.com/andrechristikan/ack-nestjs-boilerplate

# Install dependencies
pnpm install

# Setup environment
cp .env.example .env

# Run with Docker
docker-compose up -d

# Access API
open http://localhost:3000/docs

Change DB with Minimal Effort

Thanks to Repository Pattern and Prisma ORM, switching databases requires minimal code changes. The abstraction layer isolates database logic from business logic.

Supported Databases

Database	Best For	Transaction Support
MongoDB	Document-based, flexible schema	✅ Yes (replica set)
PostgreSQL	Production apps, complex queries	✅ Yes

Other supported databases: MySQL, SQLite, SQL Server, CockroachDB

Migration typically requires:

• Updating prisma/schema.prisma provider
• Adjusting ID strategy (ObjectId → UUID). Update DatabaseService Code.
• Running npx prisma migrate dev
• Running pnpm migration:seed

Business logic stays unchanged - services, controllers, and authentication work as-is.

For detailed migration guides, see Database Documentation.

Installation

For detailed installation instructions (both default and Docker-based), please refer to the Installation.

License

This project is licensed under the MIT License.

Contribute

We welcome contributions to this project! To contribute, follow these steps:

1. Fork the repository
2. Create a feature branch: git checkout -b feature/your-feature-name
3. Make your changes and ensure they follow our coding standards
4. Run tests: pnpm test and pnpm lint to verify your changes
5. Commit your changes: git commit -m 'feat: add some feature'
6. Push to your branch: git push origin feature/your-feature-name
7. Open a Pull Request with a clear description of your changes

Contribution Guidelines

• Follow the existing code style and conventions
• Write or update tests for any new functionality
• Ensure all tests pass before submitting
• Use conventional commit messages (feat, fix, docs, etc.)
• Keep PRs focused and atomic

If your branch is behind the origin/main branch, please rebase and resolve any conflicts before opening a pull request.

Contact

Andre Christi Kan
📧 andrechristikan@gmail.com

Support This Project

If you find this project helpful and would like to support its development, please consider giving it a ⭐ star on GitHub or buying me a ☕ coffee!

Buy me a coffee ☕

Or support via PayPal 💳