Car Rental API | Clean Architecture & TypeScript
Wladimir Filho
š§© The Challenge
Building a robust car rental management system required handling complex business logic while maintaining clean separation of concerns and enterprise-grade reliability.
The system needed to support:
User authentication with JWT tokens and refresh token mechanism
Role-based access control (Users/Admins) with secure middleware
Car inventory management with categories and specifications
Rental lifecycle management with availability tracking
Automated rental calculations with daily rates and fine penalties
File upload handling with cloud storage (AWS S3) and local fallback
Email notifications for password recovery with template engine
API documentation with Swagger/OpenAPI
Rate limiting and security best practices
Comprehensive test coverage for critical business rules
āØ The Solution
I designed and implemented a car rental REST API using Express.js with TypeScript, following Clean Architecture principles and Domain-Driven Design patterns.
The solution maintains clear separation between domain logic, application use cases, and infrastructure concerns, ensuring maintainability and testability.
openapi docs
š ļø Deep Dive
The application architecture leverages Express.js with TypeScript, running in a containerized environment with Docker Compose. PostgreSQL serves as the primary database with TypeORM for data persistence, while Redis handles rate limiting and caching.
Architecture Layers: The application follows Clean Architecture with three main modules (Accounts, Cars, Rentals), each containing its own domain entities, use cases, repositories, and DTOs. Dependency Injection using TSyringe ensures loose coupling and enables easy testing with in-memory repositories.
Advanced Patterns: The Repository Pattern abstracts data access, allowing seamless switching between TypeORM implementations and in-memory test doubles. The Strategy Pattern powers provider abstractions for Storage (Local/S3), Mail (Ethereal/SES), and Date operations, enabling environment-specific configurations. DTOs and Mappers ensure type safety and proper data transformation between layers.
Business Logic: Complex rental rules are encapsulated in use cases: minimum 24-hour rental periods, concurrent rental prevention, automatic availability management, and dynamic pricing calculations including daily rates and late return fines. User authentication implements secure password hashing with bcrypt, JWT token generation, and refresh token rotation.
Infrastructure: Docker Compose orchestrates PostgreSQL and Redis containers for local development. TypeORM migrations version the database schema. The application supports multiple storage backends (local filesystem or AWS S3) and email providers (Ethereal for development, AWS SES for production) through environment configuration.
Testing Strategy: Unit tests cover critical use cases including authentication flows, rental creation with business rule validation, and car management operations. In-memory repositories enable isolated testing without database dependencies. Test coverage includes edge cases like duplicate license plates, concurrent rentals, and unauthorized access attempts.
Security & Performance: Rate limiting middleware using Redis prevents API abuse. JWT-based authentication with refresh tokens ensures secure session management. Centralized error handling provides consistent API responses. CORS configuration enables cross-origin requests while maintaining security.
š The Outcome
The car rental API delivers a production-ready solution with enterprise-grade architecture:
ā Scalable architecture with clean separation of concerns and modular design
ā Maintainable codebase following SOLID principles and Clean Architecture patterns
ā Reliable system with comprehensive test coverage for critical business logic
ā Secure authentication and authorization with JWT and role-based access control
ā Flexible infrastructure supporting multiple storage and email providers
ā Complete API documentation with Swagger/OpenAPI integration
ā Advanced business rule enforcement for rental management
ā Type-safe codebase with TypeScript, ensuring compile-time error detection
ā Containerized development environment with Docker Compose
ā Production-ready features including rate limiting, error handling, and logging
Like this project
Posted Nov 20, 2025
A scalable car rental REST API built with Express.js and TypeScript, featuring rental management, JWT authentication, and AWS S3 integration.
