feat: v5.1.0

Author: surmon-china

.prettierrc

@@ -2,7 +2,7 @@
   "tabWidth": 2,
   "semi": false,
   "singleQuote": true,
-  "printWidth": 118,
+  "printWidth": 116,
   "endOfLine": "auto",
   "trailingComma": "none"
 }

ARCHITECTURE.md

@@ -1,8 +1,8 @@
-## Architecture of NodePress v4.x
+## Architecture of NodePress (>= v4.x)
 
 ### API Overview
 
-**HTTP Status Codes** [`errors`](/src/errors)
+**HTTP Status Codes**
 
 - `400` — Request rejected due to business logic
 - `401` — Authentication failed
@@ -18,9 +18,8 @@
 - `status`
   - `success` — Successful response
   - `error` — Error occurred
-- `message` — Always present; injected by [`responser.decorator.ts`](/src/decorators/responser.decorator.ts)
-- `error` — Required when `status` is `error`, useful for debugging
-- `debug` — Stack trace (only in development mode)
+- `message` — Always present; injected by [`success-response.decorator.ts`](/src/decorators/success-response.decorator.ts)
+- `error` — Required when `status` is `error`, usually a simple description of the error
 - `result` — Required when `status` is `success`
   - For entity: e.g. `{ title: '', content: '', ... }`
   - For list: e.g. `{ pagination: {...}, data: [...] }`
@@ -60,26 +59,25 @@
 **Request Lifecycle**
 
 1. `request` — Incoming HTTP request
-2. `middleware` — Preprocessing (CORS, origin checks)
+2. `middleware` — Preprocessing (empty in this app)
 3. `guard` — Authentication guards
 4. `interceptor:before` — Input transformation (empty in this app)
-5. `pipe` — Data validation and transformation; attaches payload to context
+5. `pipe` — Data validation and transformation
 6. `controller` — Request handler logic
 7. `service` — Business logic
 8. `interceptor:after` — Output formatting and error handling
 9. `filter` — Captures and handles thrown exceptions
 
 **Authentication Flow**
 
-1. Guard entry point: [`guards`](/src/guards)
-2. `canActivate()` — Entry check
-3. `JwtStrategy.validate()` — Calls [`jwt.strategy.ts`](/src/modules/auth/jwt.strategy.ts)
-4. `handleRequest()` — Accept or reject based on validation result
+1. [`main.ts`](/src/main.ts): Uses Fastify’s `onRequest` to perform authentication and inject auth data into the request
+2. Uses [`Guards`](/src/guards) to validate and intercept each controller method
+3. `handleRequest()` — Accept or reject based on validation result
 
 **Access Control Levels**
 
 - CUD (write) operations require tokens: [`AdminOnlyGuard`](/src/guards/admin-only.guard.ts)
-- GET (read) operations auto-detect token presence: [`AdminMaybeGuard`](/src/guards/admin-maybe.guard.ts)
+- GET (read) operations auto-detect token presence: [`AdminOptionalGuard`](/src/guards/admin-optional.guard.ts)
 
 **Validation Rules**
 
@@ -90,41 +88,34 @@
 
 ### Core Components
 
-**Exception Filter** [`error.filter.ts`](/src/filters/error.filter.ts)
+[**Exception Filter**](/src/filters/exception.filter.ts)
 
-**Interceptors** [`interceptors`](/src/interceptors)
+[**Interceptors**](/src/interceptors)
 
-- [Cache](/src/interceptors/cache.interceptor.ts): Adds TTL support
 - [Transformer](/src/interceptors/transform.interceptor.ts): Formats successful service responses
-- [Error](/src/interceptors/error.interceptor.ts): Catches service-layer exceptions
 - [Logging](/src/interceptors/logging.interceptor.ts): Supplements global logging
 
-**Decorators** [`decorators`](/src/decorators)
+[**Decorators**](/src/decorators)
 
-- [Cache](/src/decorators/cache.decorator.ts): Configure cache key/TTL
-- [Response](/src/decorators/responsor.decorator.ts): Adds `message`, pagination, etc.
-- [QueryParams](/src/decorators/queryparams.decorator.ts): Auto-validate and normalize params
-- [Guest](/src/decorators/guest.decorator.ts): Extend sub-fields with metadata for `permission.pipe`
+- [RequestContext](/src/decorators/request-context.decorator.ts): Auto-validate and normalize params
+- [GuestPermission](/src/decorators/guest-permission.decorator.ts): Extend sub-fields with metadata for `permission.pipe`
+- [SuccessResponse](/src/decorators/success-response.decorator.ts): Adds `message`, pagination, etc.
+- [UploadedFile](/src/decorators/uploaded-file.decorator.ts): Reads the uploaded file from `request.file` and converts it to buffer
 
-**Guards** [`guards`](/src/guards)
+[**Guards**](/src/guards)
 
 - Default: All non-GET requests require [`AdminOnlyGuard`](/src/guards/admin-only.guard.ts)
-- Multi-role GET requests use [`AdminMaybeGuard`](/src/guards/admin-maybe.guard.ts)
+- Multi-role GET requests use [`AdminOptionalGuard`](/src/guards/admin-optional.guard.ts)
 
-**Middlewares** [`middlewares`](/src/middlewares)
-
-- [`CORS`](/src/middlewares/cors.middleware.ts): Handles cross-origin requests
-- [`Origin`](/src/middlewares/origin.middleware.ts): Blocks unknown sources
-
-**Pipes** [`pipes`](/src/pipes)
+[**Pipes**](/src/pipes)
 
 - `validation.pipe` — Validates DTO schemas
 - `permission.pipe` — Checks field-level permissions
 
-**Feature Modules** [`modules`](/src/modules)
+[**Feature Modules**](/src/modules)
 
 - `Announcement`, `Article`, `Category`, `Tag`, `Comment`, `Option`
-- `Auth` — Global token and user auth
+- `Admin` — Admin profile and authentication
 - `Vote` — Reaction logic (like/dislike)
 - `Disqus` — Third-party integration
 - `Archive` — Caching layer
@@ -133,16 +124,17 @@
   - DB Backup (manual and scheduled)
   - Miscellaneous third-party services
 
-**Global/Core Modules** [`processors`](/src/processors)
-
-- [`database`](/src/processors/database) — DB connection and error handling
-- [`cache`](/src/processors/cache) — Cache APIs and strategies
-- [`helper`](/src/processors/helper):
-  - [SEO Submission](/src/processors/helper/helper.service.seo.ts)
-  - [Spam Detection](/src/processors/helper/helper.service.akismet.ts)
-  - [Email Service](/src/processors/helper/helper.service.email.ts)
-  - [IP Geolocation](/src/processors/helper/helper.service.ip.ts)
-  - [AWS S3 Upload](/src/processors/helper/helper.service.aws.ts)
+[**Global/Core Modules**](/src/core)
+
+- [`database`](/src/core/database) — DB connection and error handling
+- [`cache`](/src/core/cache) — Cache APIs and strategies
+- [`auth`](/src/core/auth) — Responsible for global JWT authentication logic
+- [`helper`](/src/core/helper):
+  - [SEO Submission](/src/core/helper/helper.service.seo.ts)
+  - [Spam Detection](/src/core/helper/helper.service.akismet.ts)
+  - [Email Service](/src/core/helper/helper.service.email.ts)
+  - [IP Geolocation](/src/core/helper/helper.service.ip.ts)
+  - [AWS S3 Upload](/src/core/helper/helper.service.aws.ts)
   - Google Service Credentials
 
 ---

CHANGELOG.md

@@ -2,6 +2,18 @@
 
 All notable changes to this project will be documented in this file.
 
+### 5.1.0 (2025-07-16)
+
+**Feature**
+
+- Replaced Express with Fastify as the HTTP server
+- Renamed `AuthModule` to `AdminModule`
+- Refactored the global JWT authentication mechanism
+- Refactored decorators
+- Removed all legacy middleware (CORS)
+- Removed the unused Cache decorator
+- Removed unnecessary global constants
+
 ### 5.0.0 (2025-06-16)
 
 **Feature**
@@ -323,7 +335,6 @@ All notable changes to this project will be documented in this file.
 **Chore**
 
 - Upgrade deps
-
   - `Redis` > v4
   - `nest` > v8
   - `mongoose` > v6

README.md

@@ -45,9 +45,8 @@ $ pnpm run start:dev
 # test
 $ pnpm run lint
 $ pnpm run test
-$ pnpm run test:e2e
-$ pnpm run test:cov
 $ pnpm run test:watch
+$ pnpm run test:cov
 
 # build
 $ pnpm run build

jest.config.ts

@@ -0,0 +1,20 @@
+import { pathsToModuleNameMapper } from 'ts-jest'
+import { compilerOptions } from './tsconfig.json'
+import type { Config } from 'jest'
+
+const config: Config = {
+  preset: 'ts-jest',
+  testEnvironment: 'node',
+  moduleFileExtensions: ['js', 'json', 'ts'],
+  rootDir: '.',
+  testMatch: ['<rootDir>/src/**/*.spec.ts'],
+  coverageDirectory: 'coverage',
+  transform: {
+    '^.+\\.(t|j)s$': 'ts-jest'
+  },
+  moduleNameMapper: pathsToModuleNameMapper(compilerOptions.paths, {
+    prefix: '<rootDir>/'
+  })
+}
+
+export default config

package.json

@@ -1,6 +1,6 @@
 {
   "name": "nodepress",
-  "version": "5.0.2",
+  "version": "5.1.0",
   "description": "RESTful API service for Surmon.me blog",
   "author": "Surmon",
   "license": "MIT",
@@ -20,48 +20,41 @@
     "start:dev": "cross-env NODE_ENV=development nest start --watch",
     "start:debug": "cross-env NODE_ENV=development nest start --debug --watch",
     "start:prod": "cross-env NODE_ENV=production node dist/main",
-    "test": "cross-env NODE_ENV=test jest",
-    "test:watch": "cross-env NODE_ENV=test jest --watch",
-    "test:cov": "cross-env NODE_ENV=test jest --coverage",
-    "test:debug": "cross-env NODE_ENV=test node --inspect-brk -r tsconfig-paths/register -r ts-node/register node_modules/.bin/jest --runInBand",
-    "test:e2e": "cross-env NODE_ENV=test jest --config ./test/jest-e2e.json",
-    "doc": "compodoc -p tsconfig.json -n 'NodePress documentation' -d documentation --disableCoverage --hideGenerator --customFavicon branding/favicon.ico",
+    "test": "jest",
+    "test:watch": "jest --watch",
+    "test:cov": "jest --coverage",
+    "test:debug": "node --inspect-brk -r tsconfig-paths/register -r ts-node/register node_modules/.bin/jest --runInBand",
+    "doc": "compodoc -p tsconfig.compodoc.json -n 'NodePress documentation' -d documentation --disableCoverage --hideGenerator --customFavicon branding/favicon.ico",
     "release": ". ./scripts/release-via-github.sh"
   },
   "dependencies": {
-    "@aws-sdk/client-s3": "^3.832.0",
+    "@aws-sdk/client-s3": "^3.846.x",
+    "@fastify/cookie": "^11.x",
+    "@fastify/multipart": "^9.x",
     "@nestjs/axios": "^4.0.x",
     "@nestjs/common": "^11.1.x",
     "@nestjs/core": "^11.1.x",
     "@nestjs/jwt": "^11.x",
     "@nestjs/mapped-types": "^2.1.x",
-    "@nestjs/passport": "^11.x",
-    "@nestjs/platform-express": "^11.x",
+    "@nestjs/platform-fastify": "^11.x",
     "@nestjs/throttler": "^6.4.x",
     "@redis/client": "^5.x",
     "@typegoose/auto-increment": "^4.13.x",
     "@typegoose/typegoose": "^12.17.x",
     "akismet-api": "^6.x",
     "axios": "^1.10.x",
-    "body-parser": "^2.2.x",
     "class-transformer": "^0.5.1",
     "class-validator": "^0.14.x",
-    "compression": "^1.8.x",
-    "cookie-parser": "^1.4.x",
     "cross-env": "^7.x",
     "dayjs": "^1.11.x",
-    "express": "^5.1.x",
     "fast-xml-parser": "^5.2.x",
-    "googleapis": "^150.x",
-    "helmet": "^8.x",
+    "googleapis": "^153.x",
     "js-base64": "^3.7.x",
     "jsonwebtoken": "^9.0.x",
-    "lodash": "^4.17.x",
+    "lodash": "^4.x",
     "mongoose": "~8.16.0",
     "node-schedule": "^2.1.x",
     "nodemailer": "^7.x",
-    "passport": "~0.7.0",
-    "passport-jwt": "^4.0.1",
     "picocolors": "^1.x",
     "reflect-metadata": "^0.2.2",
     "rimraf": "^6.x",
@@ -76,27 +69,22 @@
     "@nestjs/cli": "^11.0.x",
     "@nestjs/schematics": "^11.x",
     "@nestjs/testing": "^11.x",
-    "@types/body-parser": "^1.19.x",
-    "@types/cookie-parser": "^1.4.x",
-    "@types/express": "^5.x",
     "@types/jest": "30.x",
-    "@types/jsonwebtoken": "^9.0.x",
+    "@types/jsonwebtoken": "^9.x",
     "@types/lodash": "^4.17.x",
-    "@types/multer": "^1.4.x",
     "@types/node": "^22.x",
     "@types/node-schedule": "^2.x",
     "@types/nodemailer": "^6.x",
-    "@types/passport": "~1.0.17",
-    "@types/passport-jwt": "^4.0.1",
     "@types/shelljs": "^0.8.x",
     "@types/supertest": "^6.x",
     "@types/validator": "^13.15.x",
     "eslint": "^9.x",
     "eslint-config-prettier": "^10.x",
     "eslint-plugin-prettier": "^5.x",
+    "fastify": "5.4.0",
     "globals": "^16.x",
     "jest": "^30.x",
-    "prettier": "^3.5.x",
+    "prettier": "^3.6.x",
     "supertest": "^7.x",
     "ts-jest": "^29.x",
     "ts-loader": "^9.5.x",
@@ -107,19 +95,5 @@
   },
   "engines": {
     "node": ">=22"
-  },
-  "jest": {
-    "moduleFileExtensions": [
-      "js",
-      "json",
-      "ts"
-    ],
-    "rootDir": "src",
-    "testRegex": ".spec.ts$",
-    "transform": {
-      "^.+\\.(t|j)s$": "ts-jest"
-    },
-    "coverageDirectory": "../coverage",
-    "testEnvironment": "node"
   }
 }