The latest articles on Forem by Dark | Backend Developer (@dark_353). https://forem.com/dark_353 https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3704563%2F9ab322f0-ec64-47b7-813d-54e8910195a1.png https://forem.com/dark_353 en Dark | Backend Developer Wed, 14 Jan 2026 19:43:08 +0000 https://forem.com/dark_353/from-spaghetti-code-to-clean-architecture-organizing-a-professional-nodejs-backend-4ijo https://forem.com/dark_353/from-spaghetti-code-to-clean-architecture-organizing-a-professional-nodejs-backend-4ijo <div class="ltag__link"> <a href="/dark_353" class="ltag__link__link"> <div class="ltag__link__pic"> <img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3704563%2F9ab322f0-ec64-47b7-813d-54e8910195a1.png" alt="dark_353"> </div> </a> <a href="https://dev.to/dark_353/from-spaghetti-code-to-clean-architecture-organizing-a-professional-nodejs-backend-2dca" class="ltag__link__link"> <div class="ltag__link__content"> <h2>From Spaghetti Code to Clean Architecture: Organizing a Professional Node.js Backend 🏗️</h2> <h3>Dark | Backend Developer ・ Jan 14</h3> <div class="ltag__link__taglist"> <span class="ltag__link__tag">#node</span> <span class="ltag__link__tag">#architecture</span> <span class="ltag__link__tag">#webdev</span> <span class="ltag__link__tag">#javascript</span> </div> </div> </a> </div> node architecture webdev javascript Dark | Backend Developer Wed, 14 Jan 2026 19:42:11 +0000 https://forem.com/dark_353/from-spaghetti-code-to-clean-architecture-organizing-a-professional-nodejs-backend-2dca https://forem.com/dark_353/from-spaghetti-code-to-clean-architecture-organizing-a-professional-nodejs-backend-2dca <p>Many developers start their Express apps with everything inside a single app.js or index.js. It works for a "Hello World" project, but as soon as you add Authentication, Database Models, and Business Logic, things get messy. Fast.</p> <p>After refactoring several production apps, I realized that the secret to a scalable backend isn't just the code you write, but how you organize it.</p> <p>Here is the "Layered Architecture" I use to keep my sanity:</p> <ol> <li>The Controller Layer (The Messenger) Controllers should only handle requests and responses. They don't know how the database works; they just pass data to the next layer.</li> </ol> <p>Mistake: Putting SQL queries inside a route handler.</p> <p>Fix: Keep them thin. If it's more than 10-15 lines, move the logic.</p> <ol> <li>The Service Layer (The Brain) This is where your business logic lives. If a user registers, the Service Layer handles hashing the password, checking if the email exists, and sending the welcome email.</li> </ol> <p>Why? This makes your logic reusable and much easier to test.</p> <ol> <li><p>The Model Layer (The Foundation)<br> Using an ORM like Sequelize helps, but you need a strict structure. Define your associations (One-to-Many, etc.) in a way that doesn't create circular dependencies.</p></li> <li><p>The Middleware Layer (The Guard)<br> Security headers, rate limiting, and JWT validation should be global or route-specific guards. They shouldn't clutter your main logic.</p></li> </ol> <p>Why This Matters<br> Building this structure from scratch for every project takes hours of boilerplate work—setting up folders, configuring Sequelize, mapping JWT flows, and testing Docker containers.</p> <p>I’ve spent a lot of time perfecting this exact folder structure and flow so that it's both secure and modular. I wanted a system where I could just focus on building features instead of configuring middleware for the 100th time.</p> <p>If you're looking for a reference on how to implement this layered architecture with a fully functional Auth system, I've shared my implementation on GitHub. It includes:</p> <p>Clear Controller/Service/Model separation.</p> <p>Automated Docker setup.</p> <p>Ready-to-use Auth flows (JWT Rotation).</p> <p>Check out the architecture here: 👉 <a href="https://github.com/Dark353/node-express-mysql-auth-boilerplate" rel="noopener noreferrer">https://github.com/Dark353/node-express-mysql-auth-boilerplate</a></p> <p>How do you structure your Node.js apps? Do you prefer a flat structure or do you go all-in on clean architecture? Let's discuss in the comments!</p> node architecture webdev javascript Dark | Backend Developer Sat, 10 Jan 2026 21:37:06 +0000 https://forem.com/dark_353/-435d https://forem.com/dark_353/-435d <div class="ltag__link"> <a href="/dark_353" class="ltag__link__link"> <div class="ltag__link__pic"> <img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3704563%2F9ab322f0-ec64-47b7-813d-54e8910195a1.png" alt="dark_353"> </div> </a> <a href="https://dev.to/dark_353/stop-rewriting-auth-logic-my-production-ready-nodejs-mysql-boilerplate-42nl" class="ltag__link__link"> <div class="ltag__link__content"> <h2>Stop Rewriting Auth Logic: My Production-Ready Node.js + MySQL Boilerplate 🚀</h2> <h3>Dark | Backend Developer ・ Jan 10</h3> <div class="ltag__link__taglist"> <span class="ltag__link__tag">#node</span> <span class="ltag__link__tag">#javascript</span> <span class="ltag__link__tag">#webdev</span> <span class="ltag__link__tag">#security</span> </div> </div> </a> </div> node javascript webdev security Dark | Backend Developer Sat, 10 Jan 2026 21:36:33 +0000 https://forem.com/dark_353/stop-rewriting-auth-logic-my-production-ready-nodejs-mysql-boilerplate-42nl https://forem.com/dark_353/stop-rewriting-auth-logic-my-production-ready-nodejs-mysql-boilerplate-42nl <p>Every time I start a new Node.js project, I find myself wasting hours setting up the same authentication patterns: JWT handling, secure password hashing, database models, and Docker configs. It’s tedious, and if you miss one security step, the whole app is at risk.</p> <p>To solve this, I built a comprehensive, enterprise-grade boilerplate that focuses on security and clean architecture, so you can just clone it and start building your actual business logic.</p> <p>🛠 What’s Under the Hood?<br> I focused on a professional architecture that goes beyond simple tutorials:</p> <p>JWT Rotation Strategy: Implemented secure Access and Refresh token rotation with database-level revocation for extra security.</p> <p>Security First: Out-of-the-box protection with Bcrypt hashing, rate limiting, and security headers (Helmet).</p> <p>Clean Architecture: A layered structure (Controllers / Services / Models) using Sequelize for easy maintenance and scalability.</p> <p>DevOps Ready: Fully containerized with Docker for a "plug and play" experience.</p> <p>Professional Emails: Includes HTML email templates for authentication flows (welcome, reset password, etc.).</p> <p>📖 Fully Documented<br> I believe code is only as good as its documentation. I’ve included a full API reference and architectural map in the README to make it transparent and easy to use for developers of all levels.</p> <p>🔗 Open Source &amp; Feedback<br> I’m sharing the core of this architecture on GitHub. I’d love to get your feedback on the implementation or answer any technical questions you might have!</p> <p>Check it out here: 👉<a href="https://github.com/Dark353/node-express-mysql-auth-boilerplate" rel="noopener noreferrer">https://github.com/Dark353/node-express-mysql-auth-boilerplate</a></p> <p>If you find this project helpful, please consider leaving a ⭐ on GitHub! It helps me stay motivated to keep it updated.</p> node javascript webdev security