Introduction
An overview of the RawStack API component.
The API is the NestJS backend that powers the entire RawStack platform. It exposes a RESTful HTTP interface, handles authentication, and coordinates communication with PostgreSQL and Redis.
Responsibilities
- User registration and authentication (JWT + refresh tokens)
- Role-based access control (RBAC)
- Business logic via CQRS commands and queries
- Publishing domain events to EventBridge (consumed by the Notification service)
Architecture
The API follows Hexagonal Architecture, separating concerns into three layers:
Domain layer Pure business logic. Contains entities, value objects, domain services, and repository interfaces. Has no dependencies on frameworks or infrastructure.
Application layer Orchestrates use cases. Commands and queries are handled here. Sagas coordinate multi-aggregate workflows via the NestJS event bus.
Infrastructure layer Adapters for the outside world: HTTP controllers, Prisma repositories, Redis cache, and the EventBridge publisher.
src/
├── auth/
│ ├── application/ # Commands, queries, response builders
│ ├── domain/ # Entities, services, repository interfaces
│ └── infrastructure/ # Controllers, Prisma repos, Redis repo, sagas
├── user/
│ ├── application/
│ ├── domain/
│ └── infrastructure/
└── common/ # Shared exception filters, base domain modelsKey features
- JWT authentication with access + refresh token rotation
- Argon2 password hashing
- Zod schema validation on all incoming requests
- Prisma ORM with PostgreSQL
- Redis for token caching and ephemeral state
- OpenAPI documentation generated automatically from controller annotations
- CQRS via
@nestjs/cqrs