Introduction
Welcome to the Los Inmaduros Backend API - a professional REST API built for the roller skating community Los Inmaduros Rollers Madrid. This backend provides a complete solution for managing skating routes, organizing meetups, sharing photos, and building a vibrant roller skating community.What is Los Inmaduros Backend?
Los Inmaduros Backend is a production-ready REST API that powers a roller skating community platform. It provides secure authentication, comprehensive route management, meetup organization, user reviews, and a moderated photo gallery - everything needed to bring roller skating enthusiasts together.Key Features
The API comes packed with features designed specifically for the roller skating community:- Secure Authentication - Integration with Clerk for robust user authentication and management
- 17 Predefined Routes - Curated skating routes with difficulty levels and detailed information
- Meetup Organization (Route Calls) - Schedule and manage group skating events with meeting points
- Attendance System - Track who’s coming to your meetups
- Reviews & Ratings - Let users share their experiences on different routes
- Personalized Favorites - Save and organize favorite routes per user
- Photo Gallery - Share skating moments with moderation and Supabase Storage integration
- Pagination - All list endpoints support efficient pagination
- Rate Limiting - Built-in protection against attacks and abuse
- Strict Validation - Input validation using Zod schemas
- Interactive Swagger Documentation - Complete API documentation with a testing interface
- Docker Support - Easy deployment with containerization
Tech Stack
The API is built with modern, reliable technologies: Core:- Node.js 20+ - JavaScript runtime
- TypeScript 5.6 - Type-safe development
- Express.js - Fast, minimalist web framework
- PostgreSQL - Robust relational database
- Prisma - Next-generation ORM for type-safe database access
- Clerk - Modern authentication and user management
- Supabase Storage - Scalable image storage solution
- Zod - TypeScript-first schema validation
- Swagger/OpenAPI - Interactive API documentation
- Docker & Docker Compose - Containerized development and deployment
- Jest & Supertest - Comprehensive testing framework (28 passing tests, 40% coverage)
- Express Rate Limit - Protection against brute force and DDoS attacks
- CORS - Secure cross-origin resource sharing
- Input Sanitization - File upload safety and path traversal prevention
API Endpoints Overview
The API exposes 17 main routes organized into logical modules:- Routes - Browse and search skating routes
- Route Calls (Meetups) - Create and manage group skating events
- Reviews - Rate and review skating routes
- Favorites - Manage personal favorite routes
- Attendances - RSVP to meetups
- Photos - Upload and browse community photos
- Auth - User authentication endpoints
- Config - Application configuration
Getting Started
Ready to dive in? Here’s how to get started:Quickstart
Get up and running in minutes with Docker
Installation
Detailed installation guide for all environments
Security Features
Security is a top priority:- Rate Limiting: 100 requests per 15 minutes for general endpoints, 5 requests per 15 minutes for authentication, 20 requests per 15 minutes for resource creation
- CORS Configuration: Only accepts requests from configured frontend origins
- Strict Validation: All inputs validated with Zod schemas, UUIDs verified, future dates required for meetups
- Secure File Upload: Filename sanitization, MIME type validation, 5MB limit, allowed formats (JPEG, PNG, GIF, WebP)
- Environment Protection: Detailed errors only in development, stack traces hidden in production
Community & Support
This is a portfolio project built with love for the Los Inmaduros Rollers Madrid skating community. The project is open source under the MIT License. Author: Adriana Suárez - Frontend DeveloperGitHub: Adriasu09
LinkedIn: Adriana Suárez
Made with ❤️ for the Los Inmaduros Rollers Madrid skating community 🛼