50 AI Prompts for NestJS and TypeScript Backend Development

How to Use These Prompts Effectively

• Paste in your existing module or service file before running a prompt that modifies it
• Specify your NestJS version and whether you are using TypeORM or Prisma
• For complex prompts, split them: one for the service, one for the controller
• Run setup prompts first if starting a new project; later prompts reference earlier files

Project Setup and Structure (Prompts 1-6)

• Prompt 4: Write the TypeORM configuration for a NestJS app connecting to PostgreSQL using ConfigService to read DATABASE_URL, entity auto-discovery, synchronize only in development, and connection pool settings for production.
• Prompt 5: Create a NestJS global exception filter that catches all HttpExceptions and unknown errors, logs the full error context, and returns a consistent JSON error response with statusCode, message, and timestamp. Register it globally using APP_FILTER.
• Prompt 6: Write a NestJS LoggingInterceptor that logs the HTTP method, route, response status code, and response time in milliseconds for every incoming request. Use NestJS Logger and register it globally as APP_INTERCEPTOR.

Controllers and Routes (Prompts 7-14)

• Prompt 10: Create a custom NestJS @CurrentUser() parameter decorator that extracts the authenticated user from the request object. Show the decorator implementation, how to type the returned user with a UserPayload interface, and an example controller using it alongside a JwtAuthGuard.
• Prompt 11: Write a NestJS rate limiting setup using @nestjs/throttler. Configure a global limit of 60 requests per minute, a stricter limit on auth routes, and show how to skip rate limiting for health check endpoints using @SkipThrottle.
• Prompt 12: Create a NestJS controller that handles short link redirection. Look up the short code in the database, increment the click count asynchronously, redirect to the destination URL with 302 status, and return 404 Not Found or 410 Gone for invalid or expired codes.
• Prompt 13: Write a NestJS endpoint that streams a large CSV file from disk to the HTTP response without loading the entire file into memory. Use Node.js createReadStream, set Content-Disposition headers for download, and handle stream errors gracefully.
• Prompt 14: Create a NestJS endpoint that accepts a batch of up to 100 user IDs and returns their data. Validate with @IsArray and @IsUUID, query with TypeORM findByIds, and return results in the same order as the input with null for any IDs not found.

Services and Business Logic (Prompts 15-22)

• Prompt 18: Write a NestJS service that caches expensive database queries using @nestjs/cache-manager with a Redis store. Cache a getUserById query with a 5-minute TTL, invalidate the cache on user update, and use a key pattern that covers all cached entries for a specific user.
• Prompt 19: Create a NestJS event-driven pattern using @nestjs/event-emitter. When an order is created emit an OrderCreatedEvent. Write three async listeners: one sends a confirmation email, one updates inventory, one creates a Stripe invoice. Isolate failures so one listener does not block the others.
• Prompt 20: Write a NestJS service that calls an external REST API using @nestjs/axios. Include retry logic with exponential backoff (max 3 retries), a 5-second timeout, error transformation mapping HTTP errors to NestJS HttpExceptions, GET request caching, and a health check method.
• Prompt 21: Create a NestJS scheduled task using @nestjs/schedule that runs every day at 2am UTC. Find all users with expired trial accounts, mark them inactive, send them an email via a queue, log the count processed, and update a LastRunStats record with the run time and count.
• Prompt 22: Write a NestJS Stripe webhook handler. Accept raw body for signature verification, verify the webhook signature, handle payment_intent.succeeded and customer.subscription.deleted events in background jobs, and return 200 immediately to avoid Stripe retries.

Database: TypeORM and Prisma (Prompts 23-30)

• Prompt 26: Implement soft delete in a TypeORM NestJS entity using @DeleteDateColumn. Write service methods for softDelete, restore, findAll (excludes deleted), findAllIncludingDeleted, and hardDelete. Include a subscriber that logs both events to an audit_log table.
• Prompt 27: Write a complete Prisma integration for a NestJS app. Include a PrismaService extending PrismaClient that connects on init, disconnects on destroy, and implements soft-delete middleware. Show the PrismaModule setup and how to inject PrismaService into feature services.
• Prompt 28: Write a NestJS service method using Prisma interactive transactions that creates an organisation, creates an admin user, creates a billing record, and sends a welcome event. Distinguish Prisma constraint violations (P2002 duplicate email) from unexpected errors.
• Prompt 29: Write a NestJS database seed script using TypeORM that creates admin users with hashed passwords, 10 test users with faker, 5 organisations each with 2 users, and 50 sample products. Make it idempotent by skipping records that already exist.
• Prompt 30: Implement full-text search for blog posts using PostgreSQL in a NestJS service. Use TypeORM query builder with to_tsvector, create a GIN index in a migration, rank results with ts_rank, and return paginated results with match snippets using ts_headline.

Authentication and Guards (Prompts 31-36)

• Prompt 33: Write a NestJS API key authentication strategy using Passport. Read the X-API-Key header, look up the hashed key in the database, verify the hash, update last_used_at, and return the user payload. Include the ApiKey entity and the service method to generate a new API key.
• Prompt 34: Implement Google OAuth2 login in NestJS using passport-google-oauth20. Write the GoogleStrategy with profile mapping, the AuthService method that finds or creates a user, handles email conflicts with existing password accounts, and the callback controller that creates a JWT, sets it in a secure HttpOnly cookie, and redirects to the frontend.
• Prompt 35: Write a NestJS resource ownership guard that checks whether the authenticated user owns the requested resource before allowing the operation. Read the resource ID from route params, query the database, and throw NotFoundException (not ForbiddenException) if the check fails to avoid leaking resource existence.
• Prompt 36: Implement TOTP-based two-factor authentication in a NestJS AuthService. Include generateTwoFactorSecret with a QR code URI using otplib, enableTwoFactor that verifies the first code before saving, verifyTwoFactor that validates a submitted code, and the login flow changes needed to add the 2FA verification step.

Pipes, Interceptors, and Filters (Prompts 37-42)

• Prompt 40: Create a NestJS AuditInterceptor that logs every state-changing request (POST, PUT, PATCH, DELETE) to an audit_logs table. Capture userId, HTTP method, endpoint, request body with sensitive fields redacted, response status, and timestamp. Use async database writes via rxjs tap operator.
• Prompt 41: Write a NestJS exception filter for Prisma errors. Map P2002 (unique constraint) to 409 Conflict with the duplicate field name, P2025 (record not found) to 404, P2003 (foreign key constraint) to 400 Bad Request, and fall through to 500 for unknown Prisma errors.
• Prompt 42: Write a NestJS TimeoutInterceptor that cancels requests taking longer than a configurable timeout (default 30 seconds). Use rxjs timeout and catchError, log a warning with the endpoint and elapsed time, and throw a 408 RequestTimeoutException. Make the timeout configurable per-route with a @Timeout(ms) decorator.

Testing (Prompts 43-47)

• Prompt 46: Write a NestJS integration test for the UsersModule using an in-memory SQLite database with TypeORM. Create the test module with the real UsersService and UsersController, seed a test user before each test, test the full create and findOne flow without mocking the database, and clean up after each test.
• Prompt 47: Write an end-to-end test for a NestJS authentication flow using Supertest. Test the full sequence: register a new user, attempt to register the same email (expect 409), login with correct credentials (expect JWT), access a protected endpoint with the JWT, access the same endpoint without a JWT (expect 401), and call the logout endpoint.

Docker and Deployment (Prompts 48-50)