Schedule-Pro-API is the backend service for the Schedule Pro platform. It provides robust authentication, session management, role-based access control (RBAC), email notifications via SendGrid, and OTP-based verification using Twilio. This API ensures secure user management and communication flows for the application.
This project serves as the API implementation for Schedule Pro, a modern appointment and scheduling management system designed to streamline operations for service-based businesses.
Built with NestJS, Node.js, TypeScript, Prisma, SendGrid, and Twilio, the Schedule Pro API provides a secure and scalable backend for managing users, sessions, and appointments.
The API includes robust authentication with JWT, role-based access control (RBAC), secure session management, and integrates external services like SendGrid for transactional emails and Twilio for OTP-based verification. This architecture ensures a reliable communication flow, secure user authentication, and efficient permission management across the platform.
- JWT-based authentication with refresh tokens
- Role-based access control (RBAC) - Customer, Staff, Admin
- Session management with user sessions tracking
- OTP verification via Twilio SMS
- Rate limiting and throttling protection
- Complete CRUD operations for appointments
- Advanced filtering and pagination
- Real-time availability checking
- Appointment status tracking (Scheduled, Confirmed, Completed, Cancelled)
- Multi-role user system (Customer, Staff, Admin)
- Profile management with avatar support
- Email verification via SendGrid
- Password reset functionality
- AI-powered toxicity validation for reviews using Google Perspective API
- Customizable toxicity thresholds for blocking offensive content
- Secure error handling for review submissions
- Google Cloud Pub/Sub integration for real-time event processing
- Asynchronous review and appointment event handling
- Appointment analytics and reporting
- Staff performance metrics
- Customer engagement tracking
- Audit logging for compliance
- Comprehensive unit and integration tests with Jest
- E2E testing setup
- Code coverage reporting
- Automated testing pipeline
- NestJS - Progressive Node.js framework for building scalable applications
- TypeScript - Type-safe JavaScript for better development experience
- PostgreSQL - Robust relational database
- Prisma - Modern database toolkit with type-safe queries
- Redis - In-memory caching for performance optimization
- JWT - JSON Web Tokens for stateless authentication
- Passport.js - Authentication middleware
- bcrypt - Password hashing and verification
- SendGrid - Transactional email service
- Twilio - SMS and OTP verification
- GraphQL - Query language for APIs
- Jest - Testing framework
- ESLint - Code linting
- Prettier - Code formatting
- Node.js 18+ (LTS version recommended)
- PostgreSQL 14+
- Redis (optional, for caching)
- pnpm (recommended package manager)
# 1. Clone the repository
git clone https://github.com/kaikyMoura/Schedule-Pro-API.git
cd Schedule-Pro-API
# 2. Install dependencies
pnpm install
# 3. Set up environment variables
cp .env.example .env
# Edit .env with your configuration
# 4. Set up database
pnpm prisma migrate deploy
pnpm prisma generate
# 5. Start development server
pnpm start:dev# Using Docker Compose
docker-compose up -d
# Or build manually
docker build -t schedule-pro-api .
docker run -p 5000:5000 schedule-pro-api# Application
NODE_ENV=development
PORT=5000
# Database
DATABASE_URL="postgresql://user:password@localhost:5432/schedule_pro"
# JWT Authentication
JWT_SECRET_KEY=your_super_secret_jwt_key_here
JWT_EXPIRATION_TIME=1h
JWT_REFRESH_EXPIRATION_TIME=7d
# External Services
SENDGRID_API_KEY=your_sendgrid_api_key
SENDGRID_SENDER_EMAIL=noreply@yourdomain.com
TWILIO_ACCOUNT_SID=your_twilio_account_sid
TWILIO_AUTH_TOKEN=your_twilio_auth_token
TWILIO_VERIFY_SERVICE_SID=your_twilio_verify_service_sid
# Redis (Optional)
REDIS_URL=redis://localhost:6379
REDIS_TTL=300
# Rate Limiting
THROTTLER_TTL=60
THROTTLER_LIMIT=10
# CORS
FRONTEND_URL=http://localhost:3000- JWT_SECRET_KEY: Generate a strong secret key (min 32 characters)
- DATABASE_URL: PostgreSQL connection string
- SENDGRID_API_KEY: Get from SendGrid dashboard
- TWILIO_*: Get from Twilio console
Access the interactive GraphQL playground at:
http://localhost:5000/graphql
POST /auth/register- User registrationPOST /auth/login- User loginPOST /auth/refresh- Refresh JWT tokenPOST /auth/logout- User logout
GET /users- Get users (with pagination)GET /users/:id- Get user by IDPUT /users/:id- Update userDELETE /users/:id- Delete user
GET /appointments- Get appointments (with filters)POST /appointments- Create appointmentPUT /appointments/:id- Update appointmentDELETE /appointments/:id- Cancel appointment
The API uses GraphQL for flexible data querying. Explore the schema in the GraphQL playground.
# Development
pnpm start:dev # Start development server with hot reload
pnpm start:debug # Start with debug mode
# Testing
pnpm test # Run unit tests
pnpm test:e2e # Run end-to-end tests
pnpm test:cov # Run tests with coverage
pnpm test:watch # Run tests in watch mode
# Database
pnpm prisma studio # Open Prisma Studio
pnpm prisma migrate dev # Create and apply new migration
pnpm prisma generate # Generate Prisma client
# Code Quality
pnpm lint # Run ESLint
pnpm lint:fix # Fix ESLint issues
pnpm format # Format code with Prettiersrc/
├── appointment/ # Appointment management
├── auth/ # Authentication & authorization
├── common/ # Shared utilities & interceptors
├── graphql/ # GraphQL loaders & context
├── notification/ # Email & SMS notifications
├── reviews/ # Review system
├── serviceItem/ # Service management
├── staff-availability/ # Staff scheduling
├── staff-service/ # Staff-service associations
├── user/ # User management
└── user-session/ # Session tracking
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
- Follow TypeScript best practices
- Write unit tests for new features
- Use conventional commit messages
- Ensure all tests pass before submitting PR
# Check if PostgreSQL is running
sudo systemctl status postgresql
# Reset database
pnpm prisma migrate reset- Ensure
JWT_SECRET_KEYis at least 32 characters - Check token expiration settings
- Verify SendGrid API key is valid
- Check Twilio credentials and service SID
# Build the application
pnpm build
# Start production server
pnpm start:prod# Build Docker image
docker build -t schedule-pro-api .
# Run with environment variables
docker run -p 5000:5000 \
-e DATABASE_URL="your_production_db_url" \
-e JWT_SECRET_KEY="your_production_jwt_secret" \
schedule-pro-api- Set
NODE_ENV=production - Use strong JWT secrets
- Configure production database
- Set up proper CORS origins
- Non-commercial project.
- All rights related to user data and privacy are respected.
- This project aims to serve as a learning and portfolio tool.
Kaiky Tupinambá - Fullstack developer