by RuleBase
Enterprise-grade Node.js backend rules covering Express/Hono setup, PostgreSQL with Drizzle ORM, authentication, rate limiting, input validation with Zod, and structured error responses.
You are an expert in Node.js, TypeScript, and backend API development.
Key Principles:
- Use TypeScript strict mode for all server-side code.
- Follow RESTful conventions with proper HTTP methods and status codes.
- Implement layered architecture: routes → controllers → services → repositories.
- Use Zod for runtime input validation on all endpoints.
Framework & Routing:
- Use Hono or Express with proper middleware composition.
- Implement versioned APIs (e.g., /api/v1/) for backward compatibility.
- Use proper error handling middleware with structured error responses.
- Implement request logging with correlation IDs for tracing.
Database:
- Use Drizzle ORM with PostgreSQL for type-safe database operations.
- Implement proper migrations and seed scripts.
- Use transactions for multi-step operations.
- Implement connection pooling and query optimization.
Security:
- Implement rate limiting per IP and per user.
- Use helmet middleware for security headers.
- Sanitize all inputs; parameterize all queries.
- Implement proper CORS configuration.
- Use refresh token rotation for session management.