Skip to content
node-express-ts-supabase-prisma-boilerplate GitHub Details, Stars and Alternatives | OpenRepoFinder
Home / Repositories / taahabz/node-express-ts-supabase-prisma-boilerplate taahabz / repository
node-express-ts-supabase-prisma-boilerplate A production-ready Node.js REST API built with Supabase Authentication and Prisma ORM for secure, scalable backends. Features enterprise-grade architecture with JWT auth, validation, rate limiting, and clean layered design. Ideal for building modern, secure applications with PostgreSQL and full TypeScript safety.
View Repository on GitHub ↗ REPOSITORY OVERVIEW Live repository statistics ★ 5 Stars
⑂ 0 Forks
◯ 0 Open issues
◉ 5 Watchers
61 /100
OPENREPOHUB HEALTH SIGNAL Mixed signals A transparent discovery signal based on current public GitHub metadata.
Recent activity35% weight
100 Community adoption25% weight
10 Maintenance state20% weight
100 License clarity10% weight
0 Project information10% weight
35 This score does not audit code, security, maintainers, documentation quality, or suitability. Verify the repository and its current documentation before adoption.
README preview Node.js + Supabase + Prisma Enterprise Backend
Production-ready REST API with Supabase Authentication, Prisma ORM, and enterprise-grade architecture including validation, rate limiting, error handling, and JWT authentication middleware.
🚀 Features
Supabase Auth : JWT-based authentication with signup/login
Prisma ORM : Type-safe database queries with PostgreSQL
TypeScript : Full type safety across the stack
Zod Validation : Request/response schema validation
Rate Limiting : Protect endpoints from abuse
Helmet Security : Essential HTTP security headers
Error Handling : Centralized error handling with proper status codes
JWT Middleware : Protected routes with Bearer token authentication
Graceful Shutdown : Clean server and DB connection cleanup
Layered Architecture : Controller → Service → Repository pattern
📋 Prerequisites
Node.js 18+ (Download )
npm or yarn
Supabase Account (Sign up free )
Git (optional, for version control)
🛠️ Installation
1. Clone & Install
git clone <your-repo-url>
cd node-supabase-prisma
npm install
2. Create Supabase Project
Go to Supabase Dashboard
Click "New Project"
Fill in project details and create
Wait ~2 minutes for provisioning
3. Configure Environment Variables
Copy the example env file:
cp example.env .env
Now fill in each variable:
SUPABASE_URL
Go to Project Settings → API
Copy Project URL (e.g., https://abcdefgh.supabase.co)
Paste into .env:
ALGORITHMICALLY RELATED Similar Open-Source Projects Selected from shared topics, language and repository description—not editorial ratings.
Node.js Backend Architecture Typescript - Learn to build a backend server for production ready blogging platform like Medium and FreeCodeCamp. Main Features: Role based, Express.js, Mongoose, Redis, Mongodb, Joi, Docker, JWT, Unit Tests, Integration Tests.
93 /100 healthRecently updated Active repository Has homepage
TypeScriptApache-2.0 #docker #docker-compose #express #expressjs
⑂ 707 forks ◯ 11 issues Updated 2 days ago
Project homepage ↗ Fast and production-ready question answering in Node.js
30 /100 healthArchived
TypeScriptApache-2.0 #bert #nlp #nodejs #question-answering
⑂ 53 forks ◯ 37 issues Updated 15 days ago
SUPABASE_URL=https://your-project-ref.supabase.co
SUPABASE_SERVICE_ROLE_KEY
DATABASE_URL & DIRECT_URL Step 1: Create dedicated Prisma user :
Go to SQL Editor in Supabase and run:
create user "prisma" with password 'YOUR_SECURE_PASSWORD' bypassrls createdb;
grant "prisma" to "postgres";
grant usage, create on schema public to prisma;
grant all on all tables in schema public to prisma;
grant all on all routines in schema public to prisma;
grant all on all sequences in schema public to prisma;
alter default privileges for role postgres in schema public grant all on tables to prisma;
alter default privileges for role postgres in schema public grant all on routines to prisma;
alter default privileges for role postgres in schema public grant all on sequences to prisma;
Step 2: Get connection strings :
Go to Project Settings → Database → Connection string
Select Session mode (NOT Transaction mode)
Copy the URI shown (it uses the pooler host on port 5432)
Step 3: Format the connection strings :
postgresql://prisma.PROJECT_REF:YOUR_PASSWORD@aws-1-REGION.pooler.supabase.com:5432/postgres?sslmode=require
⚠️ Important : If your password contains special characters like @, !, or #, URL-encode them:
# If password is: my@pass!123
# Encoded becomes: my%40pass%2121
DATABASE_URL=postgresql://prisma.abcdefgh:my%40pass%2121@aws-1-ap-northeast-1.pooler.supabase.com:5432/postgres?sslmode=require
DIRECT_URL=postgresql://prisma.abcdefgh:my%40pass%2121@aws-1-ap-northeast-1.pooler.supabase.com:5432/postgres?sslmode=require
NODE_ENV (optional)
Set to development or production
Defaults to development
PORT (optional)
Server port (default: 3000)
4. Initialize Database Generate Prisma client and push schema to Supabase:
npm run prisma:generate
npm run prisma:push
This creates the Profile table in your database.
5. Start Development Server Server runs at http://localhost:3000 🎉
📁 Project Structure node-supabase-prisma/
├── prisma/
│ └── schema.prisma # Database schema (tables, relations)
├── src/
│ ├── config/
│ │ ├── env.ts # Environment validation with Zod
│ │ └── supabase.ts # Supabase client singleton
│ ├── controllers/
│ │ └── auth.controller.ts # Request handlers (HTTP layer)
│ ├── middleware/
│ │ ├── auth.middleware.ts # JWT authentication
│ │ ├── error.middleware.ts # Centralized error handling
│ │ ├── rateLimiter.middleware.ts # Rate limiting config
│ │ └── validate.middleware.ts # Zod schema validation
│ ├── routes/
│ │ ├── auth.routes.ts # Auth endpoints
│ │ ├── health.routes.ts # Health check endpoints
│ │ └── index.ts # Route aggregator
│ ├── services/
│ │ └── auth.service.ts # Business logic layer
│ ├── types/
│ │ └── index.ts # Custom types & error classes
│ ├── validators/
│ │ └── auth.validator.ts # Zod schemas for validation
│ ├── app.ts # Express app setup
│ ├── index.ts # Server entry point
│ └── prisma.ts # Prisma client instance
├── .env # Environment variables (git-ignored)
├── .gitignore # Files to ignore in git
├── example.env # Environment template
├── package.json # Dependencies & scripts
├── tsconfig.json # TypeScript configuration
└── README.md # This file
Architecture Layers
Routes → Define endpoints and attach middleware
Middleware → Validation, authentication, rate limiting
Controllers → Handle HTTP requests/responses
Services → Business logic and orchestration
Prisma → Database operations
Config → Centralized configuration and clients
🔌 API Endpoints Base URL: http://localhost:3000/api
Health Checks
GET /api/healthCheck if the API is running.
{
"success": true,
"data": { "status": "ok" }
}
GET /api/health/dbCheck database connectivity.
{
"success": true,
"data": { "status": "ok", "db": "up" }
}
Authentication
POST /api/auth/signupCreate a new user account.
Rate Limit: 5 requests per 15 minutes
{
"email": "user@example.com",
"password": "securepass123"
}
Email must be valid
Password minimum 8 characters
{
"success": true,
"data": {
"user": {
"id": "uuid",
"email": "user@example.com",
...
}
}
}
POST /api/auth/loginLogin to get access token.
Rate Limit: 5 requests per 15 minutes
{
"email": "user@example.com",
"password": "securepass123"
}
{
"success": true,
"data": {
"session": {
"access_token": "eyJhbGc...",
"refresh_token": "...",
"expires_in": 3600
},
"user": { ... }
}
}
Save the access_token for authenticated requests!
GET /api/auth/profileGet user profile (protected route).
Authorization: Bearer token required
Authorization: Bearer YOUR_ACCESS_TOKEN
{
"success": true,
"data": {
"id": "uuid",
"email": "user@example.com",
"createdAt": "2025-01-01T00:00:00.000Z",
"updatedAt": "2025-01-01T00:00:00.000Z"
}
}
🧪 Testing with cURL
1. Signup curl -X POST http://localhost:3000/api/auth/signup \
-H "Content-Type: application/json" \
-d '{"email":"test@example.com","password":"password123"}'
2. Login curl -X POST http://localhost:3000/api/auth/login \
-H "Content-Type: application/json" \
-d '{"email":"test@example.com","password":"password123"}'
Copy the access_token from the response.
3. Get Profile (Protected) curl http://localhost:3000/api/auth/profile \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN_HERE"
4. Health Checks curl http://localhost:3000/api/health
curl http://localhost:3000/api/health/db
📜 Available Scripts Command Description npm run devStart development server with hot reload npm startStart production server npm run buildCompile TypeScript to JavaScript npm run checkType-check without building npm run prisma:generateGenerate Prisma client npm run prisma:pushSync schema to database (dev) npm run prisma:pullPull schema from database npm run prisma:migrateCreate migration files (production) npm run prisma:studioOpen Prisma Studio GUI (localhost:5555)
🗄️ Database Management
Adding a New Table
Edit prisma/schema.prisma:
model Post {
id String @id @default(uuid())
title String
content String?
authorId String
author Profile @relation(fields: [authorId], references: [id])
createdAt DateTime @default(now())
}
Update Profile model to include relation:
model Profile {
id String @id @default(uuid())
email String @unique
posts Post[] // Add this
createdAt DateTime @default(now())
updatedAt DateTime @updatedAt
}
npm run prisma:generate
npm run prisma:push
Using Prisma in Code import { prisma } from './prisma.js';
// Create
const post = await prisma.post.create({
data: {
title: 'My Post',
content: 'Hello world',
authorId: 'user-id'
}
});
// Read
const posts = await prisma.post.findMany({
include: { author: true }
});
// Update
await prisma.post.update({
where: { id: 'post-id' },
data: { title: 'Updated Title' }
});
// Delete
await prisma.post.delete({ where: { id: 'post-id' } });
🔒 Security Features
Helmet : Sets secure HTTP headers
CORS : Configurable cross-origin requests
Rate Limiting :
Auth endpoints: 5 requests/15min
API endpoints: 100 requests/15min
JWT Authentication : Bearer token validation
Zod Validation : Input sanitization and validation
Service Role Key : Never exposed to frontend
Environment Variables : Sensitive data in .env (git-ignored)
🚨 Error Handling All errors return consistent format:
{
"success": false,
"error": "Error message",
"details": { ... } // Only in development
}
400 - Validation error (Zod)
401 - Authentication required/failed
404 - Resource not found
429 - Rate limit exceeded
500 - Internal server error
🔧 Troubleshooting
Database Connection Issues Error: Can't reach database server
Verify DATABASE_URL is correct (check for typos)
URL-encode special characters in password (@ → %40)
Ensure Supabase project isn't paused
Check network allows outbound port 5432
Use the pooler host (*.pooler.supabase.com) not direct host if IPv4-only
Prisma Client Not Generated Error: Cannot find module '@prisma/client'
Port Already in Use Error: EADDRINUSE: address already in use
Solution:
Change PORT in .env or kill the process using port 3000.
📝 Environment Variables Reference Variable Required Description Example NODE_ENVNo Environment mode development or productionPORTNo Server port 3000SUPABASE_URLYes Supabase project URL https://abc.supabase.coSUPABASE_SERVICE_ROLE_KEYYes Service role key (secret) eyJhbGc...DATABASE_URLYes Pooled connection string postgresql://prisma...DIRECT_URLYes Direct connection for migrations postgresql://prisma...
📚 Learn More A boilerplate for making production-ready RESTful APIs using Node.js, TypeScript, Express, and Mongoose
79 /100 healthRecently updated Active repository
TypeScriptMIT #boilerplate #express #express-boilerplate #hot-reload
⑂ 106 forks ◯ 18 issues Updated 15 days ago
A production-ready Node.js template following Clean Architecture principles, designed for scalability and maintainability.
67 /100 healthActive repository
TypeScriptMIT #boilerplate #clean-architecture #fastify #node
⑂ 31 forks ◯ 0 issues Updated Apr 14, 2026
🛠️ A production-ready LLM-Powered Node.js & TypeScript REST API template, with a focus on Clean Architecture
80 /100 healthRecently updated Active repository
TypeScriptMIT #boilerplate-template #clean-architechture #codegen #deepseek
⑂ 18 forks ◯ 8 issues Updated 5 days ago
Instantly build Node.js API backend services with Vratix 🚀. A collection of open-source, production-ready API modules for Express.js written in TypeScript. Supports authentication, Stripe billing, email integrations (Postmark), AWS S3 uploads, Docker configs, and more!
75 /100 healthActive repository Has homepage
TypeScriptMIT #apis #authentication #automation #backend
⑂ 8 forks ◯ 0 issues Updated May 2, 2026
Project homepage ↗