Car Rental API | Clean Architecture & TypeScript

Building a robust car rental management system required handling complex business logic while maintaining clean separation of concerns and enterprise-grade reliability.

The system needed to support:

User authentication with JWT tokens and refresh token mechanism

Role-based access control (Users/Admins) with secure middleware

Car inventory management with categories and specifications

Rental lifecycle management with availability tracking

Automated rental calculations with daily rates and fine penalties

File upload handling with cloud storage (AWS S3) and local fallback

Email notifications for password recovery with template engine

API documentation with Swagger/OpenAPI

Rate limiting and security best practices

Comprehensive test coverage for critical business rules

I designed and implemented a car rental REST API using Express.js with TypeScript, following Clean Architecture principles and Domain-Driven Design patterns.

The solution maintains clear separation between domain logic, application use cases, and infrastructure concerns, ensuring maintainability and testability.

The application architecture leverages Express.js with TypeScript, running in a containerized environment with Docker Compose. PostgreSQL serves as the primary database with TypeORM for data persistence, while Redis handles rate limiting and caching.

Architecture Layers: The application follows Clean Architecture with three main modules (Accounts, Cars, Rentals), each containing its own domain entities, use cases, repositories, and DTOs. Dependency Injection using TSyringe ensures loose coupling and enables easy testing with in-memory repositories.

Advanced Patterns: The Repository Pattern abstracts data access, allowing seamless switching between TypeORM implementations and in-memory test doubles. The Strategy Pattern powers provider abstractions for Storage (Local/S3), Mail (Ethereal/SES), and Date operations, enabling environment-specific configurations. DTOs and Mappers ensure type safety and proper data transformation between layers.

Business Logic: Complex rental rules are encapsulated in use cases: minimum 24-hour rental periods, concurrent rental prevention, automatic availability management, and dynamic pricing calculations including daily rates and late return fines. User authentication implements secure password hashing with bcrypt, JWT token generation, and refresh token rotation.

Infrastructure: Docker Compose orchestrates PostgreSQL and Redis containers for local development. TypeORM migrations version the database schema. The application supports multiple storage backends (local filesystem or AWS S3) and email providers (Ethereal for development, AWS SES for production) through environment configuration.

Testing Strategy: Unit tests cover critical use cases including authentication flows, rental creation with business rule validation, and car management operations. In-memory repositories enable isolated testing without database dependencies. Test coverage includes edge cases like duplicate license plates, concurrent rentals, and unauthorized access attempts.

Security & Performance: Rate limiting middleware using Redis prevents API abuse. JWT-based authentication with refresh tokens ensures secure session management. Centralized error handling provides consistent API responses. CORS configuration enables cross-origin requests while maintaining security.

The car rental API delivers a production-ready solution with enterprise-grade architecture:

✓ Scalable architecture with clean separation of concerns and modular design ✓ Maintainable codebase following SOLID principles and Clean Architecture patterns ✓ Reliable system with comprehensive test coverage for critical business logic ✓ Secure authentication and authorization with JWT and role-based access control ✓ Flexible infrastructure supporting multiple storage and email providers ✓ Complete API documentation with Swagger/OpenAPI integration ✓ Advanced business rule enforcement for rental management ✓ Type-safe codebase with TypeScript, ensuring compile-time error detection ✓ Containerized development environment with Docker Compose ✓ Production-ready features including rate limiting, error handling, and logging