A robust, enterprise-grade Node.js backend API for managing user authentication, announcements, and notifications. Built with Express.js and Prisma ORM, this system is engineered for high availability, security, and scalability. It is fully deployed and hosted on Microsoft Azure, leveraging cloud-native features for optimal performance.
-
Advanced Authentication & Security
- JWT Access and Refresh token lifecycle
- Role-Based Access Control (RBAC) separating Admin and User privileges
- Account security: Password hashing (bcryptjs), Email verification workflow, and Password recovery
-
Announcement Management System
- Admins can broadcast announcements with priorities, types, and due dates
- Rich media attachments using Supabase Storage
- Track user read/unread status and handle assignments/submissions
-
Enterprise-Ready Architecture
- Rate Limiting: Redis-backed distributed rate limiting to protect against DDoS and brute-force attacks
- Validation & Error Handling: Centralized async error handling and strict Zod schema validation
- Documentation: Auto-generated interactive Swagger OpenAPI documentation
NotifierAPI is designed for and actively deployed on Microsoft Azure. The deployment architecture takes advantage of Azure's robust ecosystem to ensure enterprise-grade reliability:
- Azure Virtual Machine: The backend Node.js API is containerized via Docker and orchestrated on Azure for seamless scaling and zero-downtime deployments.
- Neon Database for PostgreSQL: A fully managed, highly available PostgreSQL instance ensures secure and resilient data storage.
- Azure Cache for Redis: Provides a distributed, low-latency rate-limiting and caching layer, protecting the API from abuse while keeping response times minimal.
- CI/CD Integration: Automated deployment pipelines ensure seamless updates directly to the Azure environment.
NotifierAPI utilizes a modern, scalable Request Flow Architecture:
- Routing & Middlewares — Requests pass through security headers (Helmet), JWT validation, RBAC checks, and Zod schema validation.
- Rate Limiting (Redis) — Distributed counter store to throttle requests efficiently, preventing resource exhaustion.
- Controllers & Services — Core business logic handling announcements, users, and authentications.
- Data Access (Prisma ORM) — Type-safe queries to a PostgreSQL database.
- Storage (Supabase) — Secure cloud object storage for profile pictures and announcement attachments.
- User — Manages authentication, roles, profile pictures, and verification status.
- Announcement & Attachments — Handles global/targeted broadcasts and associated files.
- ReadStatus — Tracks real-time read receipts per user per announcement.
- Submission — Supports interactive announcements (assignments) tracking user submissions and grades.
NotifierAPI is fully containerized, making it trivial to deploy consistently across environments.
The included docker-compose.yml orchestrates two core services:
backend— The Node.js Express API.redis— In-memory store for rate limiting and fast caching.
Note: PostgreSQL should be provided externally or added to the compose stack.
- Node.js (v18+ recommended)
- PostgreSQL database
- Docker (optional, for Redis and containerized runs)
- SMTP credentials (e.g., Gmail)
- Supabase account (for storage)
1. Clone the repository and install dependencies:
cd NotifierAPI/backend
npm install2. Environment Configuration:
Copy the sample environment file and fill in your credentials:
cp .env.example .envEnsure you provide valid DATABASE_URL (PostgreSQL), REDIS_URL (or fallback to local), SMTP, and Supabase credentials in the .env file.
3. Start Redis infrastructure (via Docker):
docker-compose up -d redis4. Database Migration:
Apply migrations to your PostgreSQL database and generate the Prisma Client:
npx prisma migrate dev5. Start the Application:
Run the development server with live-reloading:
npm run devThe API will be available at http://localhost:5001.
6. Run via Docker Compose (Full Stack):
Alternatively, run the entire backend and Redis stack via Docker:
docker-compose up --buildInteractive API documentation is generated dynamically from Zod schemas. Once the application is running, visit:
👉 http://localhost:5001/api-docs
├── prisma/
│ ├── migrations/ # Database migration history
│ ├── seed/ # Database seed scripts
│ └── schema.prisma # Prisma database schema definition
├── src/
│ ├── config/ # DB, Redis, Env, and Swagger configs
│ ├── controllers/ # Route controllers (Auth, Users, Announcements)
│ ├── middlewares/ # Auth, Rate Limiter, Error Handler, Uploads, etc.
│ ├── routes/ # API routing definitions (Express routers)
│ ├── utils/ # Helper utilities (Emails, Tokens, AppError)
│ ├── validators/ # Zod validation schemas
│ └── server.js # Express app entry point
├── docker-compose.yml # Docker Compose configuration
├── Dockerfile # Container build instructions
└── package.json # Dependencies and scripts