NestJS is a powerful and opinionated framework for building scalable, maintainable, and testable server-side applications using Node.js. Built with TypeScript and heavily inspired by Angular, NestJS combines the best aspects of object-oriented programming, functional programming, and reactive programming.
In this article, we will walk you through the process of setting up a NestJS project from scratch, including:
- Installation
- Setting up an ORM with Prisma
- Adding security layers (JWT, hashing)
- And additional suggestions to boost your development efficiency
Let’s get started!
🧰 1. Prerequisites
Before setting up a NestJS project, ensure you have the following installed:
- Node.js (v16 or higher recommended)
- npm or yarn (we’ll use
npmin this guide, butyarnis also fine) - Text editor (e.g., VS Code)
🛠️ 2. Installation
NestJS comes with a powerful CLI (Command Line Interface) that helps automate many development tasks like scaffolding components, services, modules, and more.
Step 1: Install NestJS CLI
npm install -g @nestjs/cli
Step 2: Create a new project
nest new your-project-name
You’ll be prompted to choose between npm, yarn, or pnpm. Choose your preferred package manager and wait for the installation to complete.
Step 3: Run the application
cd your-project-name
npm run start
Your NestJS app is now running at http://localhost:3000 🎉
🧭 3. Setting Up Prisma as an ORM
One of the most modern and developer-friendly ORMs for TypeScript/Node.js is Prisma. It replaces traditional ORMs like TypeORM with a clean, type-safe, and easy-to-use interface.
Step 1: Install Prisma CLI and dependencies
npm install prisma --save-dev
npm install @prisma/client
Step 2: Initialize Prisma
npx prisma init
This will:
- Create a
prisma/schema.prismafile - Create a
.envfile with a database connection string
Update the .env file with your actual database connection (e.g., PostgreSQL, MySQL, SQLite).
Step 3: Define a model
Open prisma/schema.prisma and define a sample model:
model User {
id Int @id @default(autoincrement())
email String @unique
name String?
}
Step 4: Generate Prisma client
npx prisma generate
This will generate the Prisma Client inside node_modules/.prisma/client.
Step 5: Integrate with NestJS
Create a Prisma service to inject into your application:
nest generate service prisma
Update prisma.service.ts:
import { PrismaClient } from '@prisma/client';
@Injectable()
export class PrismaService extends PrismaClient {
constructor() {
super();
}
}
Now you can inject PrismaService into any controller or service to interact with your database.
🔐 4. Security: JWT Authentication and Password Hashing
Security is a critical part of any backend application. We’ll cover two key aspects:
- Password hashing using
bcrypt - JWT-based authentication using
@nestjs/passportandpassport-jwt
Step 1: Install required packages
npm install bcrypt @nestjs/passport passport passport-jwt
npm install @types/passport-jwt --save-dev
Step 2: Create an Auth module
Generate the necessary files:
nest generate module auth
nest generate service auth
nest generate controller auth
Step 3: Hashing passwords
In your auth.service.ts, use bcrypt to hash passwords:
import * as bcrypt from 'bcrypt';
async hashPassword(password: string): Promise<string> {
const saltOrRounds = 10;
return bcrypt.hash(password, saltOrRounds);
}
Step 4: JWT Setup
Create a JWT strategy:
nest generate service jwt
Then create a strategy file:
// jwt.strategy.ts
import { ExtractJwt, Strategy } from 'passport-jwt';
import { PassportStrategy } from '@nestjs/passport';
import { Injectable } from '@nestjs/common';
@Injectable()
export class JwtStrategy extends PassportStrategy(Strategy) {
constructor() {
super({
jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
ignoreExpiration: false,
secretOrKey: 'YOUR_SECRET_KEY',
});
}
async validate(payload: any) {
return { userId: payload.sub, email: payload.email };
}
}
Register the strategy in your auth.module.ts and protect your routes using @UseGuards(JwtAuthGuard).
💡 5. Additional Suggestions
Here are some extra tools and best practices to improve your NestJS development experience:
🧪 Testing
- Use Jest (already included in NestJS projects) for unit and E2E testing.
- Use
@nestjs/testingpackage to test modules, controllers, and services.
🧩 Logging
- Use
@nestjs/common’sLoggerclass for consistent logging. - For advanced logging, integrate winston or pino.
🛡️ Input Validation
- Use class-validator and class-transformer with pipes for validating incoming payloads.
Install them:
npm install class-validator class-transformer
Then enable validation in main.ts:
async function bootstrap() {
const app = await NestFactory.create(AppModule);
app.useGlobalPipes(new ValidationPipe({ transform: true }));
await app.listen(3000);
}
🧱 Project Structure Tips
- Keep your modules clean and focused.
- Use feature modules to separate concerns (e.g.,
UserModule,AuthModule). - Use DTOs (Data Transfer Objects) for input/output types.
✅ Summary
Here’s a quick recap of what we covered in this guide:
| Step | Description |
|---|---|
| 1 | Installed NestJS CLI and created a new project |
| 2 | Integrated Prisma as the ORM for database operations |
| 3 | Implemented JWT authentication and password hashing |
| 4 | Suggested additional tools like validation, logging, and testing libraries |
By following these steps, you’ll have a solid foundation for your NestJS application — secure, scalable, and ready for production.
🧑💻 Want to Learn More?
- NestJS Official Documentation
- Prisma Official Documentation
- JWT.io – Learn more about JSON Web Tokens
- NestJS GitHub Examples