This document outlines the comprehensive technology stack used for the backend of the Zero-Knowledge Password Manager, including currently installed tools and those planned for future phases.
- NestJS (v11): A progressive Node.js framework for building efficient, reliable, and scalable server-side applications. We use it for routing, dependency injection, and overall modular architecture.
- TypeScript: Adds strict static typing to JavaScript, ensuring better developer experience, code quality, and fewer runtime errors.
- Node.js: The JavaScript runtime environment executing our backend code.
- PostgreSQL: The primary relational database used for robust data storage. It's highly scalable and perfect for relational models (users, vaults, items, folders, etc.).
- Prisma (v7): A Next-generation Node.js and TypeScript ORM. Used for type-safe database access, automated migrations, and declarative schema modeling.
- Better Auth: A modern, comprehensive authentication library for TypeScript. We will use this to manage our sessions, users, and 2FA.
- Zero-Knowledge Adaptation: Better Auth normally expects a plaintext password. We will instead send our client-side generated "Authentication Hash" as the password payload. Better Auth will securely hash this again before storing it, providing defense-in-depth without breaking our zero-knowledge architecture.
- helmet: To secure our HTTP endpoints by setting various HTTP headers (e.g., preventing XSS, Clickjacking).
- class-validator: For declarative input validation using decorators on Data Transfer Objects (DTOs). Ensures all incoming API requests (e.g., registering, creating vaults) are strictly validated before hitting the controller logic.
- class-transformer: To transform incoming plain JSON objects into class instances and strip out unknown properties (whitelisting).
- @aws-sdk/client-s3 (AWS SDK v3): For interacting with S3-compatible object storage (like AWS S3, Cloudflare R2, or MinIO). This is necessary for storing user attachments.
- Multer: Middleware for handling
multipart/form-dataduring file uploads before securely piping them to object storage.
- @nestjs/swagger & swagger-ui-express: For generating automated, interactive API documentation (OpenAPI spec). This will allow the frontend team to easily understand and test the API endpoints.
- Jest: A delightful JavaScript Testing Framework used for unit testing services, controllers, and utilities.
- Supertest: Used alongside Jest for robust End-to-End (E2E) testing of HTTP endpoints.
- ESLint & Prettier: For strict code linting and consistent formatting across the codebase.
- Docker & Docker Compose: For containerizing the application and its dependencies (like PostgreSQL and Redis/MinIO if needed) to ensure identical environments across local development, staging, and production.
- GitHub Actions (Planned): For Continuous Integration (CI) to automatically run tests, linting, and Docker builds on pull requests.