Fullstack system, from scratch, for the long haul.
Yesterday I took a break. Today Iโm back โ and permissions are under control, I hope.
Iโve implemented a structured permission model that allows for precise access control across the system.
Instead of hardcoding logic for each route, I rely on a table-driven model that supports dynamic evaluation at runtime.
After several days of shaping a growing service architecture, I've finally reached a point where 24 test suites and 153 individual tests are green. This isnโt just a number โ it's a signal that the foundations are holding as complexity grows.
TL;DR: I introduced a generic group model into the backend to handle dynamic user-to-organization assignments and relationships. Users can now belong to multiple groups with typed roles, and groups themselves can be structured hierarchically.
TL;DR: Continuing development on the backend platform โ this time focusing on securing routes with JWT, implementing @Roles decorators, handling role propagation from the database, and creating a custom @Public annotation for open endpoints.
After a week or so of bootstrapping a modular backend platform using NestJS, TypeORM, and Turborepo, I finally reached a point where I could tag and release the very first version of one of the internal APIs.
It wasn't just a matter of bumping a version and pushing a commit. I wanted this release to be documented, understandable, and reproducible โ for myself and for anyone who will interact with the codebase in the future.
Over the past few days, Iโve been developing a backend system from scratch thatโs designed to scale with a complex, multi-tenant structure. While the exact business context remains confidential, the technical journey offers plenty of insight.
This post summarizes key challenges I encountered and the approaches I used to solve them โ especially around structure, documentation, and authentication via JWT.
Building new software from scratch means making foundational decisions early โ decisions that shape how maintainable, scalable, and consistent the system will be.
In this post, Iโll walk through two technical areas that caused friction in my early backend work โ and how I resolved them.
The goal seemed trivial: create a global ExceptionFilter to unify error responses across the backend. A quick win. A small boost in DX. What followed instead was a full day of debugging TypeScript build issues, resolving unexpected behavior in ESM mode, and untangling the consequences of mixing modern monorepo tooling with legacy compiler features.
This post is a breakdown of what went wrong โ and how it was ultimately fixed.
Starting a new software project from the ground up is always an exercise in balancing ambition with reality. Over the past two days, Iโve been laying the foundations of a modular monorepo architecture using Next.js for the frontend and NestJS for the backend โ and, as always, theory quickly collided with the stubbornness of actual tooling.