Skip to content

Nexacore-Org/NexaFx-backend

BranchesTags

Repository files navigation

NexaFX Backend

NexaFX is a Web3-powered currency exchange platform that supports real-time fiat and crypto conversions. The backend is built using NestJS and interfaces with smart contracts written in Rust on the Stellar network.

πŸš€ Features

  • JWT-based authentication and authorization
  • Role-based access control (Admin, User, Tutor)
  • Multi-currency exchange system
  • Blockchain integration with Stellar smart contracts
  • Real-time and historical transactions tracking
  • Modular, scalable NestJS architecture
  • Exportable transaction data (CSV, Excel, PDF)

πŸ—οΈ Project Structure

nexafx-backend/
β”œβ”€β”€ src/
β”‚   β”œβ”€β”€ admin/                # Admin panel and controls
β”‚   β”œβ”€β”€ audit-logs/           # Audit trail and logging
β”‚   β”œβ”€β”€ auth/                 # JWT authentication & authorization
β”‚   β”œβ”€β”€ beneficiaries/        # Beneficiary management
β”‚   β”œβ”€β”€ blockchain/           # Stellar blockchain integration
β”‚   β”œβ”€β”€ common/               # Shared guards, interceptors, decorators, services
β”‚   β”œβ”€β”€ currencies/           # Fiat and crypto currency management
β”‚   β”œβ”€β”€ database/             # Database seeding scripts
β”‚   β”œβ”€β”€ exchange-rates/       # Real-time exchange rate providers
β”‚   β”œβ”€β”€ fees/                 # Transaction fee management
β”‚   β”œβ”€β”€ health/               # Health check endpoints
β”‚   β”œβ”€β”€ kyc/                  # KYC/AML compliance
β”‚   β”œβ”€β”€ notifications/        # Push & email notifications
β”‚   β”œβ”€β”€ otps/                 # One-time passwords for 2FA
β”‚   β”œβ”€β”€ push-notifications/   # Firebase push notifications
β”‚   β”œβ”€β”€ rate-alerts/          # Rate change alerts (utility)
β”‚   β”œβ”€β”€ receipts/             # Transaction receipts
β”‚   β”œβ”€β”€ referrals/            # Referral program
β”‚   β”œβ”€β”€ scheduled-jobs/       # Background scheduled tasks
β”‚   β”œβ”€β”€ tokens/               # Refresh token management (utility)
β”‚   β”œβ”€β”€ transactions/         # Transaction processing & tracking
β”‚   β”œβ”€β”€ two-factor/           # Two-factor authentication
β”‚   β”œβ”€β”€ users/                # User management (CRUD, roles, profiles)
β”‚   β”œβ”€β”€ app.module.ts         # Root application module
β”‚   β”œβ”€β”€ app.controller.ts     # Root application controller
β”‚   β”œβ”€β”€ app.service.ts        # Root application service
β”‚   └── main.ts               # Application entry point
β”œβ”€β”€ migrations/               # TypeORM migration files
β”œβ”€β”€ test/                     # E2E and integration tests
β”œβ”€β”€ .env.example              # Environment configuration template
β”œβ”€β”€ package.json              # Dependencies and scripts
β”œβ”€β”€ tsconfig.json             # TypeScript configuration
└── README.md                 # This file

πŸ“¦ Tech Stack

  • Backend Framework: NestJS 11, TypeScript 5.7
  • Database ORM: TypeORM 0.3 (PostgreSQL)
  • Authentication: JWT (Passport.js), Bcrypt, TOTP
  • Blockchain: Stellar SDK with Horizon API integration
  • Background Jobs: NestJS Schedule (@nestjs/schedule)
  • Notifications: Mailgun (email), Firebase (push notifications)
  • Rate Limiting: NestJS Throttler
  • Documentation: Swagger/OpenAPI
  • Testing: Jest, Supertest
  • Code Quality: ESLint, Prettier

πŸš€ Getting Started

Prerequisites

  • Node.js: v18+ (LTS recommended)
  • PostgreSQL: v12+ running locally or via Docker
  • npm or yarn

1. Clone the Repository

git clone https://github.com/Nexacore-Org/NexaFx-backend.git
cd NexaFx-backend

2. Install Dependencies

npm install

3. Setup Environment Variables

Copy the .env.example file and create a .env file:

cp .env.example .env

Edit .env and configure your variables (see Environment Variables section below).

4. Setup Database with TypeORM

Initialize the PostgreSQL database and apply migrations:

# Ensure PostgreSQL is running and DATABASE_URL is configured in .env
# TypeORM will auto-synchronize schema on startup if synchronize: true

# Create the database (first time only)
npm run typeorm:db:create

# Run migrations
npm run typeorm:migration:run

# OR generate a new migration after schema changes
npm run typeorm:migration:generate -- src/migrations/my-migration-name

# To revert the last migration
npm run typeorm:migration:revert

Note: The application uses TypeORM with autoLoadEntities: true, which automatically loads all entity metadata. Ensure all .entity.ts files are properly decorated with @Entity().

5. Run the Application

# Development (watch mode)
npm run start:dev

# Debug mode
npm run start:debug

# Production
npm run build
npm run start:prod

The API will be available at http://localhost:3000 API documentation: http://localhost:3000/api/docs

βš™οΈ Environment Variables

Copy .env.example to .env and configure the following variables:

Database Configuration

Variable Type Required Example Description
DATABASE_URL string βœ… Yes postgresql://user:pass@localhost:5432/nexafx PostgreSQL connection string
DB_HOST string βœ… Yes localhost Database host address
DB_PORT number βœ… Yes 5432 Database port
DB_USERNAME string βœ… Yes postgres Database user
DB_PASSWORD string βœ… Yes secure_password Database password
DB_NAME string βœ… Yes nexafx Database name

Application Configuration

Variable Type Required Example Description
NODE_ENV string βœ… Yes development Runtime environment: development, staging, production
PORT number βœ… Yes 3000 Server port

JWT & Authentication

Variable Type Required Min Length Description
JWT_SECRET string βœ… Yes 32 chars Secret key for signing JWT tokens (keep secure in production)
JWT_EXPIRES_IN string βœ… Yes N/A JWT expiration time (e.g., 15m, 1h, 7d)
REFRESH_TOKEN_SECRET string βœ… Yes 32 chars Secret for refresh token signing
REFRESH_TOKEN_EXPIRES_DAYS number βœ… Yes N/A Refresh token lifespan in days (default: 30)

OTP & Two-Factor Authentication

Variable Type Required Description
OTP_SECRET string βœ… Yes HMAC secret for TOTP generation (min 32 chars)
OTP_EXPIRES_MINUTES number βœ… Yes OTP validity period in minutes (default: 10)

Stellar Blockchain

Variable Type Required Description
STELLAR_NETWORK string βœ… Yes Network: TESTNET or PUBLIC
STELLAR_HORIZON_URL string βœ… Yes Horizon API endpoint (testnet: https://horizon-testnet.stellar.org)
STELLAR_BASE_FEE number βœ… Yes Base transaction fee in stroops (typically 100)
STELLAR_HOT_WALLET_SECRET string βœ… Yes Secret key for Stellar hot wallet (keep secure!)

Wallet Encryption

Variable Type Required Description
WALLET_ENCRYPTION_KEY string βœ… Yes 64-character hex key for wallet encryption. Generate: openssl rand -hex 32

Email Service (Mailgun)

Variable Type Required Description
MAILGUN_API_KEY string βœ… Yes Mailgun API key from dashboard
MAILGUN_DOMAIN string βœ… Yes Verified Mailgun domain (e.g., mail.nexafx.com)
MAILGUN_FROM_EMAIL string βœ… Yes Sender email address (e.g., noreply@nexafx.com)
MAILGUN_FROM_NAME string ❌ No Display name for emails (default: NexaFX)
SKIP_EMAIL_SENDING boolean ❌ No Skip email sending in development (default: false)

Frontend Configuration

Variable Type Required Description
FRONTEND_URL string βœ… Yes Frontend URL for CORS and email links (e.g., http://localhost:3001)

Rate Limiting

Variable Type Required Description
THROTTLE_TTL number βœ… Yes Time window in seconds (default: 60)
THROTTLE_LIMIT number βœ… Yes Max requests per window (default: 100)
THROTTLE_AUTH_LIMIT number βœ… Yes Max auth attempts per window (default: 5)

Exchange Rates Provider

Variable Type Required Description
EXCHANGE_RATES_PROVIDER_BASE_URL string βœ… Yes Provider API base URL (default: https://api.exchangerate.host)
EXCHANGE_RATES_PROVIDER_API_KEY string ❌ No API key if required by provider
EXCHANGE_RATES_PROVIDER_TIMEOUT_MS number βœ… Yes Request timeout in milliseconds (default: 5000)
EXCHANGE_RATES_CACHE_TTL_SECONDS number βœ… Yes Cache duration in seconds (default: 600 = 10 min)
EXCHANGE_RATES_CACHE_MAX_SIZE number βœ… Yes Max cached rates (default: 1000)

πŸ§ͺ Running Tests

# Unit & Integration
npm run test

# E2E
npm run test:e2e

# Coverage
npm run test:cov

πŸ” Role-Based Access Control

The application implements role-based access control (RBAC) with the following roles:

  • USER: Can perform standard exchange operations, manage own profile, view transactions
  • ADMIN: Full control of all resources, user management, configuration, audit logs
  • SUPER_ADMIN: System-level administrative access (future)

Guards are applied at controller and route levels using custom decorators (@RequireRole(), @Permissions()) and NestJS Guards.

πŸ“ Module Overview & Architecture

All major modules are fully implemented and integrated:

Module File Location Purpose Status
auth src/auth/ JWT authentication, password reset, OAuth2 strategies. Implements Passport.js strategies and JWT verification βœ… Complete
admin src/admin/ Admin dashboard, user moderation, system controls, configuration management βœ… Complete
users src/users/ User CRUD operations, profile management, roles, KYC status, personal data storage βœ… Complete
currencies src/currencies/ Fiat and crypto currency registry, metadata, pairs, support matrix βœ… Complete
transactions src/transactions/ Core exchange transactions, Stellar blockchain integration, settlement tracking, reversals βœ… Complete
exchange-rates src/exchange-rates/ Real-time rate fetching, multi-provider aggregation, in-memory caching βœ… Complete
beneficiaries src/beneficiaries/ Manage recipient accounts, wallets, bank details for transactions βœ… Complete
kyc src/kyc/ KYC/AML workflows, document collection, verification, compliance status βœ… Complete
notifications src/notifications/ Email & SMS system via Mailgun, verification codes, alerts, announcements βœ… Complete
push-notifications src/push-notifications/ Firebase Cloud Messaging (FCM) integration for mobile push notifications βœ… Complete
referrals src/referrals/ Referral program tracking, unique codes, rewards, commission calculation βœ… Complete
receipts src/receipts/ Transaction receipt generation and export (PDF via pdfkit, CSV, Excel via exceljs) βœ… Complete
fees src/fees/ Dynamic fee calculation, fee matrices, tier-based pricing, settlement βœ… Complete
audit-logs src/audit-logs/ Comprehensive audit trail for compliance, debugging, user activity tracking βœ… Complete
scheduled-jobs src/scheduled-jobs/ Background tasks: rate updates, data cleanup, notification batching, reconciliation βœ… Complete
common src/common/ Shared infrastructure: global guards, interceptors, decorators, pipes, error filters, shared services βœ… Complete
health src/health/ Health check endpoints for monitoring, load balancer integration, readiness/liveness probes βœ… Complete
blockchain src/blockchain/ Stellar SDK integration, Horizon API communication, contract deployment, transaction signing βœ… Complete
two-factor src/two-factor/ TOTP-based 2FA, recovery codes, backup authentication methods βœ… Complete
otps src/otps/ One-time password generation, validation, expiration, retry limits βœ… Complete

πŸ“„ API Documentation

Swagger/OpenAPI documentation is available when the backend is running:

  • URL: http://localhost:3000/api/docs
  • Features: Interactive API explorer, request/response examples, schema definitions
  • Auto-generated from NestJS decorators

🧱 Blockchain Integration

Stellar Network provides the foundation for trustless, fast international transfers:

  • Smart Contracts: Rust-based contracts deployed on Stellar
  • Horizon API: Communication layer for account, ledger, and transaction queries
  • Asset Creation: Native and custom asset support
  • Multi-Signature Accounts: Enhanced security for hot wallets
  • Transaction Flow: NestJS service β†’ Stellar SDK β†’ Horizon β†’ Ledger

Current implementation:

  • Account creation and funding
  • Asset issuance
  • Payment operations
  • Transaction signing and submission
  • Advanced: path payments, atomic swaps

πŸ§ͺ Testing Strategy

Unit & Integration Tests

npm run test           # Run all tests
npm run test:watch    # Watch mode (re-run on file changes)
npm run test:cov      # Generate coverage report

Test files follow the pattern: *.spec.ts
Coverage reports are generated in coverage/ directory

E2E Tests

npm run test:e2e       # Run end-to-end tests
npm run test:debug     # Debug mode (use Chrome DevTools on port 9229)

E2E test suite: test/jest-e2e.json

Best Practices

  • Use describe() blocks for logical grouping
  • Mock external services (Stellar, Mailgun, etc.)
  • Test controller endpoints with supertest
  • Test services in isolation with mocked repositories
  • Aim for 80%+ coverage for critical paths

πŸ“ Development Workflow

Commit Message Format

Follow Conventional Commits:

type(scope): subject

# Types: feat, fix, docs, style, refactor, perf, test, chore
# Scopes: auth, users, transactions, etc.

# Examples:
git commit -m "feat(transactions): add Stellar integration"
git commit -m "fix(auth): validate JWT expiration"
git commit -m "docs(readme): update setup instructions"  
git commit -m "chore(deps): upgrade NestJS to 11.0.2"

Pull Request Workflow

  1. Create feature branch: git checkout -b feature/your-feature-name
  2. Make changes and write tests
  3. Submit PR with description and linked issue
  4. Wait for CI/CD checks and code review
  5. Merge after approval

πŸ“Œ Project Roadmap

βœ… Completed

  • Authentication module with JWT and refresh tokens
  • User management (CRUD, profile, roles)
  • Multi-currency support (fiat + crypto)
  • Transactions module with full Stellar integration ← Currently fully implemented
  • Real-time exchange rate updates
  • KYC/AML compliance workflows
  • Email notifications (Mailgun)
  • Push notifications (Firebase)
  • Admin controls and audit logging
  • Transaction receipts and export (PDF/CSV/Excel)
  • Two-factor authentication (TOTP)
  • Referral program
  • Fee management system
  • Scheduled background jobs
  • Rate alerts
  • Beneficiary management

🚧 In Progress

  • Advanced payment routing (path payments)
  • DAO governance and voting
  • Smart contract optimization

πŸ“‹ Planned

  • Mobile app (React Native)
  • Multi-wallet support
  • API rate tiering
  • Advanced reporting and analytics
  • Webhook events system
  • GraphQL API layer

πŸ› οΈ Troubleshooting

Common Setup Issues

1. Database Connection Error

Error: connect ECONNREFUSED 127.0.0.1:5432

Solution:

  • Verify PostgreSQL is running: brew services list (macOS) or sudo systemctl status postgresql (Linux)
  • Check DATABASE_URL in .env
  • Default: postgresql://postgres:postgres@localhost:5432/nexafx
  • Create database if missing: createdb nexafx

2. TypeORM Migrations Fail

Error: migrations not found

Solution:

# Ensure migration scripts exist in package.json
npm run typeorm:migration:run  # Run pending migrations
npm run typeorm:migration:create -- src/migrations/fresh-migration

3. JWT Token Verification Failed

Error: jwt malformed

Solution:

  • Verify JWT_SECRET is set in .env (minimum 32 characters)
  • Ensure token format: Authorization: Bearer <token>
  • Check token expiration: JWT_EXPIRES_IN (default: 15m)

4. Stellar Network Connection Error

Error: ECONNREFUSED (Horizon endpoint)

Solution:

  • Verify STELLAR_HORIZON_URL: testnet=https://horizon-testnet.stellar.org
  • Check internet connectivity
  • Verify STELLAR_NETWORK is set to TESTNET or PUBLIC
  • Testnet transactions: browse at https://stellar.expert/explorer/testnet

5. Email Sending Not Working

Error: Mailgun credentials invalid

Solution:

  • Verify Mailgun API key and domain in .env
  • Check MAILGUN_DOMAIN is verified in Mailgun dashboard
  • Test: SKIP_EMAIL_SENDING=true to bypass sending locally
  • Ensure MAILGUN_FROM_EMAIL matches verified sender

6. Port 3000 Already in Use

Error: listen EADDRINUSE :::3000

Solution:

# Kill the process
lsof -ti:3000 | xargs kill -9       # macOS/Linux
netstat -ano | findstr :3000        # Windows

# Or use a different port
PORT=3001 npm run start:dev

7. Module Not Found Error

Error: Cannot find module '@nestjs/typeorm'

Solution:

# Reinstall dependencies
rm -rf node_modules package-lock.json
npm install
npm run build

Debugging Tips

Enable Debug Logging:

DEBUG=* npm run start:dev

TypeORM Query Logging: Add to .env:

TYPEORM_LOGGING=true

Check Application State:

curl http://localhost:3000/health

View API Docs:

http://localhost:3000/api/docs

οΏ½ Monitoring

The NexaFX API provides health check endpoints for monitoring and uptime verification. These endpoints are designed for use with load balancers, orchestration platforms (e.g., Render, Kubernetes), and monitoring systems.

Root Status Endpoint (GET /)

Returns the current status of the API service without making database queries. This endpoint is used by Render and other platforms to verify service liveness.

Request:

curl http://localhost:3000/

Response:

{
  "status": "ok",
  "service": "NexaFX API",
  "version": "1.0.0",
  "timestamp": "2024-04-24T10:30:45.123Z",
  "environment": "production"
}

Status Code: 200 OK
Response Time: < 100ms (no database calls)
Authentication: Not required (@Public())

Health Check Endpoint (GET /health)

Performs a comprehensive health check including database connectivity and Stellar blockchain status. This endpoint is used for readiness probes to verify the service is fully operational.

Request:

curl http://localhost:3000/health

Response:

{
  "status": "ok",
  "details": {
    "database": "ok",
    "stellar": "ok",
    "cache": "ok"
  }
}

Status Codes:

  • 200 OK - Service and all dependencies are healthy
  • 503 Service Unavailable - One or more dependencies are down

Authentication: Not required (@Public())

Usage with Render

Render's infrastructure uses the GET / endpoint (HEAD requests) to verify service availability during deployments:

  1. Liveness Check: Render sends HEAD / every 30 seconds
  2. Readiness Check: Render sends GET /health before marking service as healthy
  3. Configuration: No additional setup needed; Render uses the default health check

To monitor in Render's dashboard:

  • View live logs: Check Logs tab for "GET /" requests
  • Monitor uptime: Verify zero Cannot HEAD / errors in error logs
  • Check dependencies: Use GET /health endpoint manually if database appears down

Manual Health Verification

# Test liveness (quick check)
curl -i http://localhost:3000/

# Test readiness (full health check)
curl -i http://localhost:3000/health

# Monitor logs (development)
npm run start:dev | grep -i "health\|head\|404"

οΏ½πŸ”— Related Repositories & Resources

Resource URL Purpose
Frontend NexaFx-frontend Next.js 14 web UI with React, Tailwind CSS
Smart Contracts NexaFx-contract Rust smart contracts deployed on Stellar
API Docs http://localhost:3000/api/docs Interactive Swagger documentation (local)
Stellar Testnet Explorer stellar.expert/explorer/testnet View transactions and accounts on Stellar testnet
Stellar Horizon API horizon-testnet.stellar.org Official Stellar Horizon API endpoint

πŸ“œ License

This project is licensed under the MIT License. See the LICENSE file for details.

πŸ“§ Support & Community

Have questions, need help, or want to contribute? Here's how to reach us:

Channel Link Purpose
Email contact@nexacore.org Business inquiries, partnerships
Telegram t.me/NexaFx Community chat, quick support
GitHub Issues Issues Bug reports, feature requests
Discussions Discussions Technical questions, ideas

πŸ‘₯ Contributing

We welcome contributions from the community! Please start with:

  1. Fork the repository
  2. Create a feature branch: git checkout -b feature/your-feature
  3. Commit changes: git commit -m "feat(module): description" (see Commit Format)
  4. Push to your fork: git push origin feature/your-feature
  5. Open a Pull Request with your changes

Before submitting:

  • CI Pipeline Passes: Ensure GitHub Actions (Lint, Type-check, Tests, Build) complete successfully. Failing CI will block PR merges.
  • Tests pass locally: npm run test
  • Linting passes locally: npm run lint
  • Coverage is adequate
  • Updated README if adding major features

See CONTRIBUTING.md for detailed guidelines.

Happy coding! πŸš€

About

No description, website, or topics provided.

Resources

Readme

Contributing

Contributing
Activity
Custom properties

Stars

2 stars

Watchers

0 watching

Forks

73 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages