- 1. API with NestJS #1. Controllers, routing and the module structure
- 2. API with NestJS #2. Setting up a PostgreSQL database with TypeORM
- 3. API with NestJS #3. Authenticating users with bcrypt, Passport, JWT, and cookies
- 4. API with NestJS #4. Error handling and data validation
- 5. API with NestJS #5. Serializing the response with interceptors
- 6. API with NestJS #6. Looking into dependency injection and modules
- 7. API with NestJS #7. Creating relationships with Postgres and TypeORM
- 8. API with NestJS #8. Writing unit tests
- 9. API with NestJS #9. Testing services and controllers with integration tests
- 10. API with NestJS #10. Uploading public files to Amazon S3
- 11. API with NestJS #11. Managing private files with Amazon S3
- 12. API with NestJS #12. Introduction to Elasticsearch
- 13. API with NestJS #13. Implementing refresh tokens using JWT
- 14. API with NestJS #14. Improving performance of our Postgres database with indexes
- 15. API with NestJS #15. Defining transactions with PostgreSQL and TypeORM
- 16. API with NestJS #16. Using the array data type with PostgreSQL and TypeORM
- 17. API with NestJS #17. Offset and keyset pagination with PostgreSQL and TypeORM
- 18. API with NestJS #18. Exploring the idea of microservices
- 19. API with NestJS #19. Using RabbitMQ to communicate with microservices
- 20. API with NestJS #20. Communicating with microservices using the gRPC framework
- 21. API with NestJS #21. An introduction to CQRS
- 22. API with NestJS #22. Storing JSON with PostgreSQL and TypeORM
- 23. API with NestJS #23. Implementing in-memory cache to increase the performance
- 24. API with NestJS #24. Cache with Redis. Running the app in a Node.js cluster
- 25. API with NestJS #25. Sending scheduled emails with cron and Nodemailer
- 26. API with NestJS #26. Real-time chat with WebSockets
- 27. API with NestJS #27. Introduction to GraphQL. Queries, mutations, and authentication
- 28. API with NestJS #28. Dealing in the N + 1 problem in GraphQL
- 29. API with NestJS #29. Real-time updates with GraphQL subscriptions
- 30. API with NestJS #30. Scalar types in GraphQL
- 31. API with NestJS #31. Two-factor authentication
- 32. API with NestJS #32. Introduction to Prisma with PostgreSQL
- 33. API with NestJS #33. Managing PostgreSQL relationships with Prisma
- 34. API with NestJS #34. Handling CPU-intensive tasks with queues
- 35. API with NestJS #35. Using server-side sessions instead of JSON Web Tokens
- 36. API with NestJS #36. Introduction to Stripe with React
- 37. API with NestJS #37. Using Stripe to save credit cards for future use
- 38. API with NestJS #38. Setting up recurring payments via subscriptions with Stripe
- 39. API with NestJS #39. Reacting to Stripe events with webhooks
- 40. API with NestJS #40. Confirming the email address
- 41. API with NestJS #41. Verifying phone numbers and sending SMS messages with Twilio
- 42. API with NestJS #42. Authenticating users with Google
- 43. API with NestJS #43. Introduction to MongoDB
- 44. API with NestJS #44. Implementing relationships with MongoDB
- 45. API with NestJS #45. Virtual properties with MongoDB and Mongoose
- 46. API with NestJS #46. Managing transactions with MongoDB and Mongoose
- 47. API with NestJS #47. Implementing pagination with MongoDB and Mongoose
- 48. API with NestJS #48. Definining indexes with MongoDB and Mongoose
- 49. API with NestJS #49. Updating with PUT and PATCH with MongoDB and Mongoose
- 50. API with NestJS #50. Introduction to logging with the built-in logger and TypeORM
- 51. API with NestJS #51. Health checks with Terminus and Datadog
- 52. API with NestJS #52. Generating documentation with Compodoc and JSDoc
- 53. API with NestJS #53. Implementing soft deletes with PostgreSQL and TypeORM
- 54. API with NestJS #54. Storing files inside a PostgreSQL database
- 55. API with NestJS #55. Uploading files to the server
- 56. API with NestJS #56. Authorization with roles and claims
- 57. API with NestJS #57. Composing classes with the mixin pattern
- 58. API with NestJS #58. Using ETag to implement cache and save bandwidth
- 59. API with NestJS #59. Introduction to a monorepo with Lerna and Yarn workspaces
- 60. API with NestJS #60. The OpenAPI specification and Swagger
- 61. API with NestJS #61. Dealing with circular dependencies
- 62. API with NestJS #62. Introduction to MikroORM with PostgreSQL
- 63. API with NestJS #63. Relationships with PostgreSQL and MikroORM
- 64. API with NestJS #64. Transactions with PostgreSQL and MikroORM
- 65. API with NestJS #65. Implementing soft deletes using MikroORM and filters
- 66. API with NestJS #66. Improving PostgreSQL performance with indexes using MikroORM
- 67. API with NestJS #67. Migrating to TypeORM 0.3
- 68. API with NestJS #68. Interacting with the application through REPL
- 69. API with NestJS #69. Database migrations with TypeORM
- 70. API with NestJS #70. Defining dynamic modules
- 71. API with NestJS #71. Introduction to feature flags
- 72. API with NestJS #72. Working with PostgreSQL using raw SQL queries
- 73. API with NestJS #73. One-to-one relationships with raw SQL queries
- 74. API with NestJS #74. Designing many-to-one relationships using raw SQL queries
- 75. API with NestJS #75. Many-to-many relationships using raw SQL queries
- 76. API with NestJS #76. Working with transactions using raw SQL queries
- 77. API with NestJS #77. Offset and keyset pagination with raw SQL queries
- 78. API with NestJS #78. Generating statistics using aggregate functions in raw SQL
- 79. API with NestJS #79. Implementing searching with pattern matching and raw SQL
- 80. API with NestJS #80. Updating entities with PUT and PATCH using raw SQL queries
- 81. API with NestJS #81. Soft deletes with raw SQL queries
- 82. API with NestJS #82. Introduction to indexes with raw SQL queries
- 83. API with NestJS #83. Text search with tsvector and raw SQL
- 84. API with NestJS #84. Implementing filtering using subqueries with raw SQL
- 85. API with NestJS #85. Defining constraints with raw SQL
- 86. API with NestJS #86. Logging with the built-in logger when using raw SQL
- 87. API with NestJS #87. Writing unit tests in a project with raw SQL
- 88. API with NestJS #88. Testing a project with raw SQL using integration tests
- 89. API with NestJS #89. Replacing Express with Fastify
- 90. API with NestJS #90. Using various types of SQL joins
- 91. API with NestJS #91. Dockerizing a NestJS API with Docker Compose
- 92. API with NestJS #92. Increasing the developer experience with Docker Compose
- 93. API with NestJS #93. Deploying a NestJS app with Amazon ECS and RDS
- 94. API with NestJS #94. Deploying multiple instances on AWS with a load balancer
- 95. API with NestJS #95. CI/CD with Amazon ECS and GitHub Actions
- 96. API with NestJS #96. Running unit tests with CI/CD and GitHub Actions
- 97. API with NestJS #97. Introduction to managing logs with Amazon CloudWatch
- 98. API with NestJS #98. Health checks with Terminus and Amazon ECS
- 99. API with NestJS #99. Scaling the number of application instances with Amazon ECS
- 100. API with NestJS #100. The HTTPS protocol with Route 53 and AWS Certificate Manager
- 101. API with NestJS #101. Managing sensitive data using the AWS Secrets Manager
- 102. API with NestJS #102. Writing unit tests with Prisma
- 103. API with NestJS #103. Integration tests with Prisma
- 104. API with NestJS #104. Writing transactions with Prisma
- 105. API with NestJS #105. Implementing soft deletes with Prisma and middleware
- 106. API with NestJS #106. Improving performance through indexes with Prisma
- 107. API with NestJS #107. Offset and keyset pagination with Prisma
- 108. API with NestJS #108. Date and time with Prisma and PostgreSQL
- 109. API with NestJS #109. Arrays with PostgreSQL and Prisma
- 110. API with NestJS #110. Managing JSON data with PostgreSQL and Prisma
- 111. API with NestJS #111. Constraints with PostgreSQL and Prisma
- 112. API with NestJS #112. Serializing the response with Prisma
- 113. API with NestJS #113. Logging with Prisma
- 114. API with NestJS #114. Modifying data using PUT and PATCH methods with Prisma
- 115. API with NestJS #115. Database migrations with Prisma
- 116. API with NestJS #116. REST API versioning
- 117. API with NestJS #117. CORS – Cross-Origin Resource Sharing
- 118. API with NestJS #118. Uploading and streaming videos
- 119. API with NestJS #119. Type-safe SQL queries with Kysely and PostgreSQL
- 120. API with NestJS #120. One-to-one relationships with the Kysely query builder
- 121. API with NestJS #121. Many-to-one relationships with PostgreSQL and Kysely
With feature flags (also referred to as feature toggles), we can modify our application’s behavior without changing the code. In this article, we explain the purpose of feature flags. We also show how to implement them ourselves and discuss the pros and cons.
You can find the code from this article in this repository.
The idea behind feature flags
Thanks to feature flags, we can switch a certain functionality on and off during runtime without the need to deploy any new code.
|
1 2 3 4 5 6 7 8 9 10 |
async register(@Body() registrationData: RegisterDto) { const user = await this.authenticationService.register(registrationData); const isEmailConfirmationEnabled = await this.featureFlagsService.isEnabled('email-confirmation'); if (isEmailConfirmationEnabled) { await this.emailConfirmationService.sendVerificationLink( registrationData.email, ); } return user; } |
A feature flag, at its core, is a boolean value that we can toggle and use in if statements.
Benefits of feature flags
One of the main benefits of feature flags is that merging our changes into the master branch does not necessarily mean delivering the new feature to our users. Therefore, we get a lot of control over our application.
For example, feature flags are part of the Trunk Based Development practice, where we merge our code to the master branch very often. Since merging does not mean exposing the new feature to the users, we can merge features we haven’t finished. Thanks to that, the new feature can undergo the code review process in chunks instead of dumping a lot of code in a single pull request. The above can make it significantly easier for our teammates to review our new code.
Also, feature flags can help us minimize risks associated with deployments. If the QA team notices that the latest changes don’t work as expected in the production environment, reverting them is as easy as switching the toggle. Besides the QA team, we can also notice the issue through a monitoring system we have in place. A good example would be a sudden spike in the response time of some endpoints in our API.
Besides the above, we could build a more sophisticated feature flags system or use a third-party tool with functionalities like A/B testing. With that, we can present two versions of our application to users and determine which one they like the most.
Drawbacks of feature flags
While feature flags can benefit our application, they are not a perfect solution. They add complexity to our code that can make it harder to understand. But, what’s even worse, they create a lot of various versions of our application that, ideally, should be tested separately. For example, if we have five feature flags, it gives us 32 possible combinations.
There are two possible values for each of the five feature flags, and 25 equals 32. This would be even more complicated if we would have feature flags that can have values other than booleans.
Until we test each of them separately, we can’t be entirely sure if not a single one of the combinations has an unexpected side effect. Five feature flags might seem like not a lot, but manually testing 32 separate versions of our application is probably unrealistic. It would be reasonable only to verify the combinations we expect to happen in production, but that requires that we understand the project and the business domain very well. The more flags we have, the more difficult it is to verify.
Because of that, feature flags need to be short-lived. Although it is easy to add a feature flag, it can cause us more and more effort to maintain it the longer we keep it. Therefore, we should retire the feature flag once we know that a particular feature works correctly.
Having feature flags can encourage us to merge features that are not yet finished because they are hidden behind a feature flag. We need to be very careful, though, because there is a chance that a feature might leak out by accident if not encapsulated correctly. Having to test that adds even more complexity to testing.
Implementing feature flags with NestJS
We probably want different values for feature flags in different environments, for example, in staging and production. We would also like to change the feature flags without modifying the codebase and deploying.
The most straightforward way of doing the above is storing our feature flags in a database. First, let’s define an entity for our feature flag.
featureFlag.entity.ts
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 |
import { Column, Entity, PrimaryGeneratedColumn } from 'typeorm'; @Entity() class FeatureFlag { @PrimaryGeneratedColumn('identity', { generatedIdentity: 'ALWAYS', }) id: number; @Column({ unique: true }) name: string; @Column() isEnabled: boolean; } export default FeatureFlag; |
If you want to know more about identity columns, check out Serial type versus identity columns in PostgreSQL and TypeORM
Adding, modifying, and removing feature flags is relatively straightforward. We can fit all of it into a simple service.
featureFlags.service.ts
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 |
import { HttpException, HttpStatus, Injectable, NotFoundException, } from '@nestjs/common'; import FeatureFlag from './featureFlag.entity'; import { InjectRepository } from '@nestjs/typeorm'; import { Repository } from 'typeorm'; import CreateFeatureFlagDto from './dto/createFeatureFlag.dto'; import UpdateFeatureFlagDto from './dto/updateFeatureFlag.dto'; import PostgresErrorCode from '../database/postgresErrorCode.enum'; @Injectable() export default class FeatureFlagsService { constructor( @InjectRepository(FeatureFlag) private featureFlagsRepository: Repository<FeatureFlag>, ) {} getAll() { return this.featureFlagsRepository.find(); } getByName(name: string) { return this.featureFlagsRepository.findOneBy({ name }); } async create(featureFlag: CreateFeatureFlagDto) { try { const newFlag = await this.featureFlagsRepository.create(featureFlag); await this.featureFlagsRepository.save(newFlag); return newFlag; } catch (error) { if (error?.code === PostgresErrorCode.UniqueViolation) { throw new HttpException( 'Feature flag with that name already exists', HttpStatus.BAD_REQUEST, ); } throw new HttpException( 'Something went wrong', HttpStatus.INTERNAL_SERVER_ERROR, ); } } async update(id: number, featureFlag: UpdateFeatureFlagDto) { try { await this.featureFlagsRepository.update(id, featureFlag); } catch (error) { if (error?.code === PostgresErrorCode.UniqueViolation) { throw new HttpException( 'Feature flag with that name already exists', HttpStatus.BAD_REQUEST, ); } throw new HttpException( 'Something went wrong', HttpStatus.INTERNAL_SERVER_ERROR, ); } const updatedFeatureFlag = await this.featureFlagsRepository.findOne({ where: { id, }, }); if (updatedFeatureFlag) { return updatedFeatureFlag; } throw new NotFoundException(); } async delete(id: number) { const deleteResponse = await this.featureFlagsRepository.delete(id); if (!deleteResponse.affected) { throw new NotFoundException(); } } async isEnabled(name: string) { const featureFlag = await this.getByName(name); if (!featureFlag) { return false; } return featureFlag.isEnabled; } } |
The above service is a good candidate for caching. If you want to know how to do it, check out API with NestJS #23. Implementing in-memory cache to increase the performance and API with NestJS #24. Cache with Redis. Running the app in a Node.js cluster
Besides creating a service, we can also define a controller that allows us to manage feature flags through the REST API.
featureFlags.controller.ts
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 |
import { Body, ClassSerializerInterceptor, Controller, Delete, Get, Param, Patch, Post, UseGuards, UseInterceptors, } from '@nestjs/common'; import FeatureFlagsService from './featureFlags.service'; import JwtAuthenticationGuard from '../authentication/jwt-authentication.guard'; import CreateFeatureFlagDto from './dto/createFeatureFlag.dto'; import FindOneParams from '../utils/findOneParams'; import UpdateFeatureFlagDto from './dto/updateFeatureFlag.dto'; @Controller('feature-flags') @UseInterceptors(ClassSerializerInterceptor) export default class FeatureFlagsController { constructor(private readonly featureFlagsService: FeatureFlagsService) {} @Get() getAll() { return this.featureFlagsService.getAll(); } @Post() @UseGuards(JwtAuthenticationGuard) async create(@Body() featureFlag: CreateFeatureFlagDto) { return this.featureFlagsService.create(featureFlag); } @Patch(':id') @UseGuards(JwtAuthenticationGuard) async updateCategory( @Param() { id }: FindOneParams, @Body() category: UpdateFeatureFlagDto, ) { return this.featureFlagsService.update(id, category); } @Delete(':id') @UseGuards(JwtAuthenticationGuard) async deleteCategory(@Param() { id }: FindOneParams) { return this.featureFlagsService.delete(id); } } |
It might be a good idea to develop a designated frontend application that uses the above API so that it is easy to use.
Checking the feature flags
The most straightforward way to check if a feature flag is enabled is using our FeatureFlagsService directly.
authentication.controller.ts
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 |
import { Body, Controller, Post, ClassSerializerInterceptor, UseInterceptors, } from '@nestjs/common'; import { AuthenticationService } from './authentication.service'; import RegisterDto from './dto/register.dto'; import { EmailConfirmationService } from '../emailConfirmation/emailConfirmation.service'; import FeatureFlagsService from '../featureFlags/featureFlags.service'; @Controller('authentication') @UseInterceptors(ClassSerializerInterceptor) export class AuthenticationController { constructor( private readonly authenticationService: AuthenticationService, private readonly emailConfirmationService: EmailConfirmationService, private readonly featureFlagsService: FeatureFlagsService, ) {} @Post('register') async register(@Body() registrationData: RegisterDto) { const user = await this.authenticationService.register(registrationData); const isEmailConfirmationEnabled = await this.featureFlagsService.isEnabled('email-confirmation'); if (isEmailConfirmationEnabled) { await this.emailConfirmationService.sendVerificationLink( registrationData.email, ); } return user; } // ... } |
The above approach might be fine if our feature is small and straightforward. But unfortunately, it could be challenging to track where we’ve used the sendVerificationLink method. So a better approach might be to use the FeatureFlagsService in the EmailConfirmationService.
emailConfirmation.service.ts
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 |
import { Injectable } from '@nestjs/common'; import { JwtService } from '@nestjs/jwt'; import { ConfigService } from '@nestjs/config'; import VerificationTokenPayload from './verificationTokenPayload.interface'; import EmailService from '../email/email.service'; import { UsersService } from '../users/users.service'; import FeatureFlagsService from '../featureFlags/featureFlags.service'; @Injectable() export class EmailConfirmationService { constructor( private readonly jwtService: JwtService, private readonly configService: ConfigService, private readonly emailService: EmailService, private readonly usersService: UsersService, private readonly featureFlagsService: FeatureFlagsService, ) {} private isEnabled() { return this.featureFlagsService.isEnabled('email-confirmation'); } public async sendVerificationLink(email: string) { if (!(await this.isEnabled())) { return; } const payload: VerificationTokenPayload = { email }; const token = this.jwtService.sign(payload, { secret: this.configService.get('JWT_VERIFICATION_TOKEN_SECRET'), expiresIn: `${this.configService.get( 'JWT_VERIFICATION_TOKEN_EXPIRATION_TIME', )}s`, }); const url = `${this.configService.get( 'EMAIL_CONFIRMATION_URL', )}?token=${token}`; const text = `Welcome to the application. To confirm the email address, click here: ${url}`; return this.emailService.sendMail({ to: email, subject: 'Email confirmation', text, }); } // ... } |
Disabling API endpoints
Besides affecting services, we might want to disable an API endpoint defined in a controller.
emailConfirmation.controller.ts
|
1 2 3 4 5 6 7 8 9 10 11 12 13 |
@Post('confirm') async confirm(@Body() confirmationData: ConfirmEmailDto, @Req() request: RequestWithUser) { const isEmailConfirmationEnabled = await this.featureFlagsService.isEnabled( 'email-confirmation', ); if (!isEmailConfirmationEnabled) { throw new NotFoundException(`Cannot ${request.method} ${request.url}`); } const email = await this.emailConfirmationService.decodeConfirmationToken( confirmationData.token, ); await this.emailConfirmationService.confirmEmail(email); } |
Unfortunately, the above logic can get quite repetitive. To deal with this, we can create a guard using the mixin pattern.
featureFlag.guard.ts
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 |
import { CanActivate, ExecutionContext, Injectable, mixin, NotFoundException, Type, } from '@nestjs/common'; import FeatureFlagsService from './featureFlags.service'; function FeatureFlagGuard(featureFlagName: string): Type<CanActivate> { @Injectable() class Guard implements CanActivate { constructor(private readonly featureFlagsService: FeatureFlagsService) {} async canActivate(context: ExecutionContext) { const isEnabled = await this.featureFlagsService.isEnabled( featureFlagName, ); if (!isEnabled) { const httpContext = context.switchToHttp(); const request = httpContext.getRequest(); throw new NotFoundException(`Cannot ${request.method} ${request.url}`); } return true; } } return mixin(Guard); } export default FeatureFlagGuard; |
If you want to know more about mixins, check out API with NestJS #57. Composing classes with the mixin pattern
Now, the above guard is very straightforward and makes our code clean and simple.
emailConfirmation.controller.ts
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 |
import { Controller, ClassSerializerInterceptor, UseInterceptors, Post, Body, UseGuards, Req, } from '@nestjs/common'; import ConfirmEmailDto from './confirmEmail.dto'; import { EmailConfirmationService } from './emailConfirmation.service'; import JwtAuthenticationGuard from '../authentication/jwt-authentication.guard'; import RequestWithUser from '../authentication/requestWithUser.interface'; import FeatureFlagGuard from '../featureFlags/featureFlag.guard'; @Controller('email-confirmation') @UseInterceptors(ClassSerializerInterceptor) export class EmailConfirmationController { constructor( private readonly emailConfirmationService: EmailConfirmationService, ) {} @Post('confirm') @UseGuards(FeatureFlagGuard('email-confirmation')) async confirm(@Body() confirmationData: ConfirmEmailDto) { const email = await this.emailConfirmationService.decodeConfirmationToken( confirmationData.token, ); await this.emailConfirmationService.confirmEmail(email); } @Post('resend-confirmation-link') @UseGuards(JwtAuthenticationGuard) @UseGuards(FeatureFlagGuard('email-confirmation')) async resendConfirmationLink(@Req() request: RequestWithUser) { await this.emailConfirmationService.resendConfirmationLink(request.user.id); } } |
Summary
In this article, we’ve gone through the feature flags and their benefits and drawbacks. While they might help us with the process of reviewing and deploying our code, we need to be aware that they might make testing more complicated. Also, we should remove the flags we don’t need anymore.
Besides the above, we’ve also implemented a mechanism for managing feature flags using a PostgreSQL database. While doing so, we’ve used the feature flags directly through a service and a guard. There is still more to feature flags, such as A/B testing, but this is a topic for a separate article, so stay tuned!
