The Complete NestJS & Prisma Backend Masterclass Part 2

Part 2: Advanced Best Practices, Deployment, Docker, Security, Swagger & Testing Mastery

Created byHaider Malik

Last updated 11/2025

English

What you'll learn

How to Dockerize Nestjs App
How to deploy Nestjs Project
How to implement Security in Nestjs App
How to write documentation for your APIs using Swagger
How to write Unit, Integration and End to End Test in Nestjs and Prisma
How to run background jobs efficiently using BULLMQ

Course content

4 sections • 63 lectures • 3h 8m total length

How to download Source Code0:16
Error Handling and Global Exception Filter5:12
Error Handling and Exception Filters4:13
Implement a global exception filter in NestJS to standardize json error responses by extracting http status and message from exceptions, with an internal server error, and register it in main.
Logging Intro1:48
Learn how to implement logging for a NestJS API using Winston, capturing every request and error to diagnose production issues, with options between console logs and external libraries.
Setup Winston Logger5:30
Set up winston logging in NestJS by installing winston and Nest. Create a logger module and configure console and file transports with timestamped json logs and error log.
Understand Winston Code2:27
Implement Winston Logger10:59
Register the custom Winston logger by overwriting the NestJS default logger, add a logging interceptor, and log request, response, and errors with a unique request id.
install uuid0:53
Install the uuid package and implement a middleware to generate and attach a request id for each incoming request, preventing undefined request ids in debug mode.
Append Request ID4:19
Introduction to Security2:16
Explore defense layers for a NestJS and Prisma backend, implementing helmet, rate limiting, and body size limits, plus region-based whitelists, to protect APIs from brute-force and payload attacks.
Install helmet1:09
Install helmet and throttling, register helmet in main.ts by importing helmet, and disable the content security policy for api-only apps.
Test helmet headers1:40
Apply helmet headers to secure the api by adding x-frame-options, x-content-type-options, and referrer-policy, then verify locally at localhost:3000 with a curl test.
Setting CROS6:17
Test the app2:54
Reduce Request Body size2:17
Implement Rate Limiting2:13
Implement rate limiting in the backend by restricting requests per time window. Configure the throttle module globally with ttl 900 seconds (15 minutes) and a limit of 100 requests.
Throttler Configuration2:17
Configure global throttling in NestJS by setting TTL and per-minute limits with the global throttle module and application-level guard, and apply endpoint-specific limits on login in the auth controller.
Apply Rate Limiting on specific endpoint1:06
Test Rate Limiting0:28
Test rate limiting by sending multiple login requests, observe throttle exceptions after five requests per minute, and understand the 'too many requests' and 'please wait' responses.
Intro to Swagger0:29
Explore Swagger documentation for a powerful api with many endpoints as a growing project expands beyond 20 endpoints, and learn how Swagger helps document them.
Why do need Swagger0:59
Understand how swagger and the open api spec expose routes, request bodies, parameters, and responses with interactive documentation, and learn to integrate swagger into NestJS and Prisma.
Install Swagger2:43
Install swagger and set up swagger docs in a NestJS app using the document builder, configuring title, description, version, and JWT auth, with the UI at api/docs.
Document Create Task5:27
Learn to document a create task endpoint with dto properties, API decorators, Swagger tags, and protected routes using jwt auth.
Fix CROS issue2:15
Setup Config Files6:44
Dev and Production env with MailerModule6:37
Test Accept Invite0:15
Open the invitation, accept it, and validate the invite flow to confirm the local environment works with Ethereal.
Refactor Node Mailer Code3:48
Refactor NestJS backend mailer by replacing node mailer with the recent email service, configure production and development API keys, and test sending emails.
Integrate Resend6:44
integrate resend into the NestJS and Prisma backend masterclass, wiring the resend api key via config service, creating a resend client, and sending invite emails from the email service.
Deployment Plan0:27
Execute the deployment plan by hosting the backend on railway, with or without docker, and deploy the database first on neon (a Postgres cloud option) for a Node.js application.
Setup Neon and Vercel Account3:06
Create neon and vercel accounts, set up neon postgres integration on the free plan, copy the connection string to env, then run prisma migrate dev and prisma generate.
Setup Railway Account1:20
Set up a free tier railway account, install the railway CLI, and deploy a new project via CLI, with railway handling docker; tidy env files and refactor main.ts before deployment.
Refactor main.ts1:51
Create Health Route0:43
Create a health route by generating a health controller module, defining a get route that returns status okay, and confirming a dedicated health module.
Update Package.json0:40
Update the package.json to add production scripts, including pre-start and port handling, and run prisma migrate deploy plus npx prisma generate, with node env set to production.
Deploy Nestjs project to Railway6:03

What is Unit Testing Final3:22
Integration Testing2:01
Practice integration testing by validating the controller, service, and Prisma db work together through a Postgres database, creating a user and a team, and verifying Prisma writes to the database.
What is End to End Testing2:23
DB Setup with Docker Compose5:51
Set up a test Postgres database with Docker Compose, a dedicated test network, and health checks, and isolate it from production and dev databases using a bridge network.
Added Test ENV1:02
Jest Config Setup4:11
Configure jest as the testing framework for the NestJS and Prisma backend by creating a dedicated config file and setting up dotenv for the testing environment.
Jest Test Setup4:26
Set up Jest test automation by creating a setup script, loading test envs with dotenv, running migrations via child_process, and orchestrating test db up, migrate, and down with docker compose.
tsConfig0:12
Change the tsconfig file to set resolve js module to true and enable the json module.
Create Testing Module5:34
Fix Regular Expression1:26
Identify and fix the regular expression issue, ensure it starts correctly and includes common and dot star. Verify configuration, module paths, and logs for the common email service.
Fix Alias Path Issue0:24
Unit Test to Create a Team2:06
Mock Prisma Create Method2:44
Learn to unit test a Prisma create method in a NestJS backend by mocking Prisma team create with Jest and asserting the create call data.
Integration Testing2:56
Initiate an end-to-end test in NestJS by creating a teams.controller.integration.spec.ts, wire up app and Prisma service, implement login for a protected route with bcrypt.
Create Test User6:29
Test From DB1:42
Run Integration Test2:14
Fix an integration test by correcting init usage, updating chest config and transform ignore patterns for node_modules, and ensure the test passes with a new team ID in the database.
Write End to End Test3:16
Write an end-to-end test for the teams flow, including sign up and login, JWT token setup, and complete flow validation, with beforeAll/beforeEach and afterEach/afterAll hooks and Prisma constraints.
Run End to End Test0:25
Run an end-to-end test to verify that deleting a team requires removing team members first, ensuring the function is called correctly and end-to-end and integration tests pass.

Why Background Jobs BullMQ6:25
Discover why background jobs with bull mq decouple heavy tasks from synchronous api requests, enabling fast responses, reliable retries, and scalable scheduling for emails, pdfs, and large media.
Install Redis2:26
Install Redis to support bull MQ by updating docker-compose with a Redis service, image version 6, and a data volume, then run docker-compose up to verify port 6379.
Start Redis0:41
Install the MQ dependencies, pull MQ, and add the iris redis package after confirming Postgres and Dradis are running to start Redis.
bullMQ Module3:17
Initialize and register the BullMQ module, configure the Redis host and port, set up the email cue queue, and export the queue module for external use.
Create Consumer and Producer8:15
Master NestJS and Prisma backend concepts by building an email queue with a producer and consumer, processing welcome emails via a worker triggered by the auth controller.
Send Email6:01
Learn how to configure BullMQ email delivery in NestJS by exporting the email consumer and provider, wiring an email service, and testing delayed emails with Postman and Recent API.
Test Email0:23
Open the inbox to review a test email and welcome message from the test API, and learn to schedule high-intensity tasks using a pull MQ queue.

Requirements

You must be comfortable working with TypeScript classes, interfaces, decorators, and modern asynchronous programming patterns (async/await, Promises).
A strong working knowledge of Modules, Controllers, Providers, and Dependency Injection in the NestJS framework.
You should have a working NestJS API that implements basic CRUD (Create, Read, Update, Delete) operations on at least one resource.
Ability to read and modify a Prisma schema and execute basic data interactions (fetching and saving) using the Prisma client.

Description

The Complete NestJS & Prisma Backend Masterclass (Part 2: Advanced Practices, Security, & Testing Mastery)

Does Your Code Pass the Professional Test?

You've built the foundation in Part 1, but now it's time to elevate your code to Senior Engineer standards. Are you tired of manually testing features? Does your application crash under heavy load? Can your API handle sensitive data securely? This course is where you master the practices that separate junior coders from high-paid, production-focused developers.

This course confronts the essential realities of professional software development:

"I don't know how to guarantee my code works without breaking something else."
- Solution: You will master Unit, Integration, and E2E Testing with Jest and Supertest, ensuring bulletproof code quality.
"My application is slow because I run heavy tasks in the main thread."
- Solution: You will implement a powerful BullMQ Queue System for managing asynchronous tasks, boosting application performance and resilience.
"I worry about exposing sensitive internal data through the API."
- Solution: You will enforce data integrity and strict privacy using Zod Schemas and advanced Serialization techniques.

What You Will Achieve—The Professional Backend Toolkit

By completing Part 2, you will own a professional toolkit that proves your expertise in performance and stability:

Master Testing APIS: Implement exhaustive testing strategies (Unit, Integration, E2E) for all core features.
Performance Engineering: Integrate and manage Asynchronous Job Queues with BullMQ, ensuring your application remains fast and responsive.
Data Integrity: Secure your API boundaries by implementing Zod for Input Validation and advanced Class Transformer Serialization for outbound data.
Advanced Features: Implement sophisticated features like Notifications Management and User Settings that rely on these new resilient structures.

Build Stable, High-Performance Code

Stop writing code that might work. Start writing code you can guarantee works. If you're ready to add testing, performance tuning, and bulletproof security practices to your skill set, this is the course you need.

Enroll now and transform your functional code into professional, reliable software!

Who this course is for:

The Developer Aiming for a Senior Role
Graduates of Masterclass Part 1
Full-Stack Developers Focused on Reliability
n summary: This course is for anyone who has a working NestJS application and is ready to apply the professional standards of testing, security, and performance required for a successful public launch.

The Complete NestJS & Prisma Backend Masterclass Part 2

What you'll learn

Explore related topics

Course content

Module 8 - best-practices-and-dockerize36 lectures • 1hr 48min

Module 9 - Testing-Prisma19 lectures • 53min

Module 10 - Bullmq7 lectures • 27min

Next Step: Part 31 lecture • 1min

Requirements

Description

Who this course is for: