# Meteor Web Backend

A NestJS-based backend service for the Meteor application with user authentication.

## Features

- User registration with email/password
- Password hashing using bcrypt
- PostgreSQL database with TypeORM
- Database migrations
- Input validation
- Transaction support
- Comprehensive unit and integration tests

## Setup

### Prerequisites

- Node.js (v18 or higher)
- PostgreSQL database
- npm or yarn

### Installation

```bash
npm install
```

### Environment Variables

Create a `.env` file based on `.env.example`:

```env
DATABASE_URL=postgresql://user:password@localhost:5432/meteor_dev
BCRYPT_SALT_ROUNDS=10
```

### Database Setup

Run migrations to set up the database schema:

```bash
npm run migrate:up
```

## API Endpoints

### POST /api/v1/auth/register-email

Register a new user with email and password.

**Request Body:**
```json
{
  "email": "user@example.com",
  "password": "Password123",
  "displayName": "John Doe"
}
```

**Response:**
```json
{
  "message": "User registered successfully",
  "userId": "uuid-string"
}
```

**Validation Rules:**
- Email must be a valid email format
- Password must be at least 8 characters long
- Password must contain at least one lowercase letter, one uppercase letter, and one number
- Display name is required

**Error Responses:**
- `400 Bad Request` - Invalid input data
- `409 Conflict` - Email already registered
- `500 Internal Server Error` - Server error

## Running the Application

### Development

```bash
npm run start:dev
```

### Production

```bash
npm run build
npm run start:prod
```

## Testing

### Unit Tests

```bash
npm test
```

### Integration Tests

```bash
npm run test:e2e
```

### Test Coverage

```bash
npm run test:cov
```

## Database Migrations

### Create New Migration

```bash
npm run migrate:create migration-name
```

### Run Migrations

```bash
npm run migrate:up
```

### Rollback Migrations

```bash
npm run migrate:down
```

## Project Structure

```
src/
├── auth/                 # Authentication module
│   ├── dto/             # Data transfer objects
│   ├── auth.controller.ts
│   ├── auth.service.ts
│   └── auth.module.ts
├── entities/            # TypeORM entities
│   ├── user-profile.entity.ts
│   └── user-identity.entity.ts
├── app.module.ts        # Main application module
└── main.ts             # Application entry point

migrations/              # Database migrations
test/                   # Integration tests
```

## Database Schema

### user_profiles
- `id` (UUID, Primary Key)
- `display_name` (VARCHAR, nullable)
- `avatar_url` (TEXT, nullable)
- `created_at` (TIMESTAMP)
- `updated_at` (TIMESTAMP)

### user_identities
- `id` (UUID, Primary Key)
- `user_profile_id` (UUID, Foreign Key)
- `provider` (VARCHAR) - e.g., 'email'
- `provider_id` (VARCHAR) - e.g., email address
- `email` (VARCHAR, nullable, unique for email provider)
- `password_hash` (VARCHAR, nullable)
- `created_at` (TIMESTAMP)
- `updated_at` (TIMESTAMP)

## Security Features

- Passwords are hashed using bcrypt with configurable salt rounds
- Email uniqueness validation
- Input sanitization and validation
- Database transactions for data consistency
- No sensitive data exposed in API responses