功能描述

NestJS Node.js server-side framework development guide.

使用说明 (SKILL.md)

NestJS Development Guide

Name: NestJS Development Guide
Author: openlark

NestJS is a progressive framework for building efficient, scalable Node.js server-side applications. Built with TypeScript, it integrates OOP/FP/FRP, uses Express (default) or Fastify under the hood, and its architecture is deeply inspired by Angular.

Version: v11+ | Requires Node.js ≥20

Trigger Scenarios

Use when the user needs to build a backend application with NestJS, create REST APIs, use decorators and dependency injection, build microservices, configure Swagger documentation, or write NestJS Controllers/Providers/Modules/Guards/Pipes/Interceptors. Trigger keywords include "nest", "nestjs", "create API", "backend service", "decorator injection", "guard", "pipe", "interceptor", "swagger", etc.

Quick Start

npm i -g @nestjs/cli
nest new my-project
cd my-project && npm run start:dev

Or use npx @nestjs/cli@latest new my-project to avoid global installation.

Project File Structure

src/
├── main.ts              # Application entry, NestFactory.create()
├── app.module.ts        # Root module
├── app.controller.ts    # Base controller
├── app.controller.spec.ts
└── app.service.ts       # Base service

Core Concepts

1. Module

The @Module() decorator defines modules — the logical boundaries and DI container scopes of the application.

@Module({
  imports: [OtherModule],        // Import other modules
  controllers: [CatsController], // Register controllers
  providers: [CatsService],      // Register providers
  exports: [CatsService],        // Export providers for use by other modules
})
export class CatsModule {}

Feature modules: Organized by domain, e.g., CatsModule, UsersModule
Shared modules: Expose providers via the exports array
Global modules: @Global() decorator, but not recommended to overuse
Dynamic modules: static forRoot() returns a runtime-configured module
Module re-exporting: Put imported modules in exports

2. Controller

@Controller('prefix') + HTTP method decorators define routes:

@Controller('cats')
export class CatsController {
  @Get()        findAll() {}
  @Get(':id')   findOne(@Param('id') id: string) {}
  @Post()       create(@Body() dto: CreateCatDto) {}
  @Put(':id')   update(@Param('id') id: string, @Body() dto: UpdateCatDto) {}
  @Delete(':id') remove(@Param('id') id: string) {}
}

Parameter Decorators Cheat Sheet:

Decorator	Extracts
`@Param(key?)`	Route parameters
`@Body(key?)`	Request body
`@Query(key?)`	Query parameters
`@Headers(name?)`	Request headers
`@Req()`	Native Request object
`@Res()`	Native Response (manual management required)
`@Ip()`	Client IP
`@HostParam()`	Subdomain parameters

Route wildcards: @Get('ab{*splat}cd'), @Get('prefix/*')

Status codes and headers: @HttpCode(204), @Header('Cache-Control', 'none')

Redirect: @Redirect('url', 301) or return { url, statusCode }

DTO Definition: Use class (not interface), because interfaces disappear after compilation and cannot provide runtime type metadata:

export class CreateCatDto {
  name: string;
  age: number;
  breed: string;
}

3. Provider

Classes marked with @Injectable(), injected via constructor:

@Injectable()
export class CatsService {
  private cats: Cat[] = [];
  create(cat: Cat) { this.cats.push(cat); }
  findAll(): Cat[] { return this.cats; }
}

@Controller('cats')
export class CatsController {
  constructor(private catsService: CatsService) {}  // Auto-injected
}

Custom Providers (using full syntax in @Module.providers):

Syntax	Purpose
`{ provide: Token, useClass: Class }`	Standard class provider
`{ provide: Token, useValue: value }`	Constant value / mock object
`{ provide: Token, useFactory: fn, inject: [...] }`	Factory function
`{ provide: Token, useExisting: OtherToken }`	Alias

Scope: Default SINGLETON (application-level singleton), can be set to REQUEST (request-level).

Optional Providers: @Optional() decorator, no error if dependency is missing.

4. Middleware

Plain Express middleware class implementing NestMiddleware, bound in consumer:

@Injectable()
export class LoggerMiddleware implements NestMiddleware {
  use(req: Request, res: Response, next: NextFunction) { /* ... */ next(); }
}

// Apply in module
export class AppModule implements NestModule {
  configure(consumer: MiddlewareConsumer) {
    consumer.apply(LoggerMiddleware).forRoutes('cats');
  }
}

5. Pipe — Validation & Transformation

Implements PipeTransform, performs validation and/or data transformation. Execution order: Middleware → Guards → Interceptor(pre) → Pipe → Handler → Interceptor(post) → Exception Filter.

Built-in pipes: ValidationPipe, ParseIntPipe, ParseBoolPipe, ParseArrayPipe, ParseUUIDPipe

ValidationPipe (Recommended)

npm i class-validator class-transformer

// main.ts — global enable
app.useGlobalPipes(new ValidationPipe({
  whitelist: true,            // Automatically strip undeclared properties
  forbidNonWhitelisted: true, // Error if non-whitelisted properties exist
  transform: true,            // Auto type conversion (string→number etc.)
  disableErrorMessages: false,
}));

// DTO using validation decorators
import { IsString, IsInt, IsEmail, Min, Max } from 'class-validator';

export class CreateUserDto {
  @IsString() @IsNotEmpty()
  name: string;

  @IsInt() @Min(0) @Max(150)
  age: number;

  @IsEmail()
  email: string;
}

Zod validation alternative:

const schema = z.object({ name: z.string(), age: z.number() });
@UsePipes(new ZodValidationPipe(schema))

6. Guard — Authorization Control

Implements CanActivate, returns boolean determining whether to proceed. Executes after middleware and before interceptors/pipes.

@Injectable()
export class AuthGuard implements CanActivate {
  canActivate(context: ExecutionContext): boolean {
    const request = context.switchToHttp().getRequest();
    return validateRequest(request);
  }
}

Role guard + custom metadata:

// Create decorator
import { Reflector } from '@nestjs/core';
export const Roles = Reflector.createDecorator\x3Cstring[]>();

// Usage
@Post()
@Roles(['admin'])
async create() {}

// Read in guard
@Injectable()
export class RolesGuard implements CanActivate {
  constructor(private reflector: Reflector) {}
  canActivate(context: ExecutionContext): boolean {
    const roles = this.reflector.get(Roles, context.getHandler());
    if (!roles) return true;
    const { user } = context.switchToHttp().getRequest();
    return roles.some(r => user.roles?.includes(r));
  }
}

Binding scope: @UseGuards(RolesGuard) on class/method; app.useGlobalGuards() global; via APP_GUARD token for DI.

7. Interceptor — AOP Aspect

Implements NestInterceptor. Inserts logic before/after methods, can transform results/exceptions.

// Logging interceptor
@Injectable()
export class LoggingInterceptor implements NestInterceptor {
  intercept(ctx: ExecutionContext, next: CallHandler): Observable\x3Cany> {
    const now = Date.now();
    return next.handle().pipe(
      tap(() => console.log(`After... ${Date.now() - now}ms`))
    );
  }
}

// Uniform response wrapper
@Injectable()
export class TransformInterceptor\x3CT> implements NestInterceptor\x3CT, {data: T}> {
  intercept(ctx: ExecutionContext, next: CallHandler) {
    return next.handle().pipe(map(data => ({ data })));
  }
}

8. Exception Filter

// Built-in exceptions
throw new BadRequestException('message');
throw new NotFoundException();
throw new UnauthorizedException();
// 20+ types: Forbidden, Conflict, InternalServerError, BadGateway, ...

// Custom
throw new HttpException('Forbidden', HttpStatus.FORBIDDEN);
throw new HttpException({ status: 403, error: 'custom' }, 403);

Custom filter:

@Catch(HttpException)
export class HttpExceptionFilter implements ExceptionFilter {
  catch(exception: HttpException, host: ArgumentsHost) {
    const ctx = host.switchToHttp();
    const res = ctx.getResponse\x3CResponse>();
    const status = exception.getStatus();
    res.status(status).json({ statusCode: status, timestamp: new Date().toISOString() });
  }
}

Nest CLI

nest new \x3Cname>          # Create new project
nest g resource \x3Cname>   # Generate complete CRUD resource (module/controller/service/dto)
nest g module \x3Cname>     # Generate module
nest g controller \x3Cname> # Generate controller
nest g service \x3Cname>    # Generate service
nest g guard \x3Cname>      # Generate guard
nest g pipe \x3Cname>       # Generate pipe
nest g interceptor \x3Cname># Generate interceptor
nest g filter \x3Cname>     # Generate filter
nest build               # Compile
nest start               # Start
nest info                # System information

OpenAPI (Swagger)

npm i @nestjs/swagger

// main.ts
import { SwaggerModule, DocumentBuilder } from '@nestjs/swagger';

const config = new DocumentBuilder()
  .setTitle('API Docs').setVersion('1.0').addBearerAuth().build();

const documentFactory = () => SwaggerModule.createDocument(app, config);
SwaggerModule.setup('api', app, documentFactory);
// Access http://localhost:3000/api

Decorators: @ApiTags(), @ApiOperation(), @ApiProperty(), @ApiResponse(), @ApiBearerAuth()

Common Technology Modules

Database

Nest recommends using TypeORM (@nestjs/typeorm) or Prisma:

npm i @nestjs/typeorm typeorm pg

// app.module.ts
TypeOrmModule.forRoot({ type: 'postgres', host: 'localhost', database: 'mydb', autoLoadEntities: true, synchronize: true })

// feature module
TypeOrmModule.forFeature([User])

Configuration Management

npm i @nestjs/config

// app.module.ts
ConfigModule.forRoot({ isGlobal: true, envFilePath: '.env' })

// Usage
constructor(private configService: ConfigService) {}
this.configService.get\x3Cstring>('DATABASE_URL')

Task Scheduling

npm i @nestjs/schedule

@Cron('45 * * * * *')  handleCron() {}
@Interval(10000)       handleInterval() {}
@Timeout(5000)         handleTimeout() {}

Caching

npm i @nestjs/cache-manager cache-manager

CacheModule.register() + @UseInterceptors(CacheInterceptor)

Global Registration vs DI Injection

Most Nest components support two global registration approaches:

// Method 1: Register directly in main.ts (cannot inject dependencies)
app.useGlobalPipes(new ValidationPipe());
app.useGlobalGuards(new RolesGuard());
app.useGlobalInterceptors(new LoggingInterceptor());
app.useGlobalFilters(new HttpExceptionFilter());

// Method 2: Register via Token in AppModule (supports DI)
providers: [
  { provide: APP_PIPE, useClass: ValidationPipe },
  { provide: APP_GUARD, useClass: RolesGuard },
  { provide: APP_INTERCEPTOR, useClass: LoggingInterceptor },
  { provide: APP_FILTER, useClass: HttpExceptionFilter },
]

Request Lifecycle Order

1. Middleware
2. Guard
3. Interceptor (pre)
4. Pipe
5. Route Handler
6. Interceptor (post)
7. Exception Filter (if exception occurs)

Recommended Directory Structure

src/
├── common/            # Shared: decorators, filters, guards, interceptors, pipes
├── config/            # Configuration
├── modules/
│   ├── users/
│   │   ├── dto/
│   │   ├── entities/
│   │   ├── users.controller.ts
│   │   ├── users.service.ts
│   │   └── users.module.ts
│   └── auth/
│       ├── dto/
│       ├── strategies/
│       ├── auth.controller.ts
│       ├── auth.service.ts
│       └── auth.module.ts
├── app.module.ts
└── main.ts

Detailed API reference see references/api-reference.md.

安全使用建议

Safe to install as a NestJS reference guide. Review any npm, npx, database, scheduling, or configuration examples before applying them to a real project, as those are normal development actions that can affect your local environment.

能力评估

✓ Purpose & Capability

The artifact coherently matches its stated purpose: it provides NestJS guidance, examples, and a reference file for common backend development patterns.

✓ Instruction Scope

Instructions are limited to when to use the guide and how to apply NestJS concepts; no prompt overrides, role changes, unrelated agent control, or deceptive instructions were found.

ℹ Install Mechanism

The guide includes user-directed npm and npx examples, including a global Nest CLI install, but the skill package itself has no executable installer or automatic mutation behavior.

✓ Credentials

Mentions of .env files, sessions, cookies, uploads, database passwords, and localhost URLs appear as normal NestJS example material and are proportionate to the stated development-guide purpose.

✓ Persistence & Privilege

The package consists only of markdown files; no background worker, persistent agent behavior, privilege escalation, credential harvesting, or local profile/session access logic was found.

版本历史

v1.0.0

Initial release of nestjs-dev-guide – a comprehensive development guide for building backend applications with NestJS. - Covers core NestJS concepts: Modules, Controllers, Providers, Middleware, Pipes, Guards, Interceptors, and Exception Filters - Includes quick start instructions, file structure overview, and detailed trigger scenarios - Provides code examples for dependency injection, custom providers, DTO validation, and authorization guards - Documents pipe validation (class-validator, Zod), role-based guards, and response transformation - Lists tips for controller decorators, parameter extraction, and status code management

元数据

Slug nestjs-dev-guide

版本 1.0.0

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 1

常见问题