Mariusz Balewski
@bmariusz.bsky.social
25+ years in IT: architecture, code, automation, integration
Built a DevHub from scratch, now building something big in TypeScript
Open Source user since 1998 • In Fediverse since 2017
https://techhub.social/@bmariusz
Built a DevHub from scratch, now building something big in TypeScript
Open Source user since 1998 • In Fediverse since 2017
https://techhub.social/@bmariusz
I just built a full **password reset flow** in my Next.js app — from scratch.
It includes:
- Email-based reset links
- Custom API endpoints
- i18n support
- Validations
- Tailwind components
Curious about the details?
write.tyolabs.com/2025/07/31/t...
It includes:
- Email-based reset links
- Custom API endpoints
- i18n support
- Validations
- Tailwind components
Curious about the details?
write.tyolabs.com/2025/07/31/t...
Day#19 Create Password Reset Form in Next.js Using Custom API - Ideas. Engineered.
Full password reset flow implemented in Next.js with a custom API. Includes code samples and UX tips.
write.tyolabs.com
July 31, 2025 at 11:48 AM
I just built a full **password reset flow** in my Next.js app — from scratch.
It includes:
- Email-based reset links
- Custom API endpoints
- i18n support
- Validations
- Tailwind components
Curious about the details?
write.tyolabs.com/2025/07/31/t...
It includes:
- Email-based reset links
- Custom API endpoints
- i18n support
- Validations
- Tailwind components
Curious about the details?
write.tyolabs.com/2025/07/31/t...
Fixed a CORS issue in my Next.js + NestJS setup. The missing Authorization in allowedHeaders blocked frontend API calls.
write.tyolabs.com/2025/07/18/t...
write.tyolabs.com/2025/07/18/t...
Day#18 Solving the "CORS error with Authorization header" in Next.js and NestJS - Ideas. Engineered.
Learn how to solve CORS issues with Authorization headers in a full-stack TypeScript app using Next.js and NestJS. Includes working code examples.
write.tyolabs.com
July 18, 2025 at 5:42 PM
Fixed a CORS issue in my Next.js + NestJS setup. The missing Authorization in allowedHeaders blocked frontend API calls.
write.tyolabs.com/2025/07/18/t...
write.tyolabs.com/2025/07/18/t...
Not all progress is measured in lines of code.
Today: structured presentation for founders, full internal docs review, and setup of self-hosted collaboration tools (NextCloud) for real teamwork.
write.tyolabs.com/2025/07/15/t...
Today: structured presentation for founders, full internal docs review, and setup of self-hosted collaboration tools (NextCloud) for real teamwork.
write.tyolabs.com/2025/07/15/t...
Day#17 Self-Hosted Collaboration Tools: More Than Just Code - Ideas. Engineered.
Structured workday recap: presentations, documentation, and deploying self-hosted collaboration tools with NextCloud to support team workflows.
write.tyolabs.com
July 15, 2025 at 3:06 PM
Not all progress is measured in lines of code.
Today: structured presentation for founders, full internal docs review, and setup of self-hosted collaboration tools (NextCloud) for real teamwork.
write.tyolabs.com/2025/07/15/t...
Today: structured presentation for founders, full internal docs review, and setup of self-hosted collaboration tools (NextCloud) for real teamwork.
write.tyolabs.com/2025/07/15/t...
Just published a guide on building a secure login flow with Next.js, JWT, NestJS & PostgreSQL: email verification, role-based access, subscription checks, and token decoding on frontend.
write.tyolabs.com/2025/07/11/t...
#nextjs #jwt #webdev #programming #sql
write.tyolabs.com/2025/07/11/t...
#nextjs #jwt #webdev #programming #sql
Day#16 Secure User Login Flow in a SaaS App Using NestJS and Next.js - Ideas. Engineered.
Learn how to build a secure Next.js login page with JWT authentication, NestJS backend validation, email verification, and role-based access control using SQL. Perfect for full-stack JavaScript devs.
write.tyolabs.com
July 11, 2025 at 5:11 PM
Just published a guide on building a secure login flow with Next.js, JWT, NestJS & PostgreSQL: email verification, role-based access, subscription checks, and token decoding on frontend.
write.tyolabs.com/2025/07/11/t...
#nextjs #jwt #webdev #programming #sql
write.tyolabs.com/2025/07/11/t...
#nextjs #jwt #webdev #programming #sql
Day 15
Added full account registration with email verification and automatic trial plan assignment.
Custom translation system via JSON files and `x-lang` header.
Refactored subscription logic with proper plan relations.
All tests pass.
write.tyolabs.com/2025/07/10/d...
Added full account registration with email verification and automatic trial plan assignment.
Custom translation system via JSON files and `x-lang` header.
Refactored subscription logic with proper plan relations.
All tests pass.
write.tyolabs.com/2025/07/10/d...
Day#15 Account Registration, Subscription Plans, Email Verification & i18n – Ideas. Engineered.
write.tyolabs.com
July 9, 2025 at 10:38 PM
Day 15
Added full account registration with email verification and automatic trial plan assignment.
Custom translation system via JSON files and `x-lang` header.
Refactored subscription logic with proper plan relations.
All tests pass.
write.tyolabs.com/2025/07/10/d...
Added full account registration with email verification and automatic trial plan assignment.
Custom translation system via JSON files and `x-lang` header.
Refactored subscription logic with proper plan relations.
All tests pass.
write.tyolabs.com/2025/07/10/d...
Finished building a registration form with validation and language switching in Next.js and React Hook Form. My 'write dot as' account is temporarily blocked, so implementation details will come once it's unlocked. Stay tuned! 😊
June 26, 2025 at 6:40 PM
Finished building a registration form with validation and language switching in Next.js and React Hook Form. My 'write dot as' account is temporarily blocked, so implementation details will come once it's unlocked. Stay tuned! 😊
Day 12
Scoped tenant access across 12 modules.
Introduced ScopedRepository for injecting subscriber_id into queries.
Refactored 12 services, added 80+ tests to validate strict isolation.
No manual filtering needed anymore. I like it.
write.as/bmariusz/day...
Scoped tenant access across 12 modules.
Introduced ScopedRepository
Refactored 12 services, added 80+ tests to validate strict isolation.
No manual filtering needed anymore. I like it.
write.as/bmariusz/day...
Day#12 — Scoped Access Done Right (12 modules, 80+ tests)
Today I finalized tenant-aware access across all core modules using a shared ScopedRepository abstraction. This was the largest refactori...
write.as
June 25, 2025 at 9:54 PM
Day 12
Scoped tenant access across 12 modules.
Introduced ScopedRepository for injecting subscriber_id into queries.
Refactored 12 services, added 80+ tests to validate strict isolation.
No manual filtering needed anymore. I like it.
write.as/bmariusz/day...
Scoped tenant access across 12 modules.
Introduced ScopedRepository
Refactored 12 services, added 80+ tests to validate strict isolation.
No manual filtering needed anymore. I like it.
write.as/bmariusz/day...
Day 11
Implemented password reset functionality using JWT:
/auth/remind-password generates token and sends it via email
/auth/reset-password verifies the token and updates the password
Endpoints documented with Swagger.
Token secret and base URL configured via environment variables.
is.gd/LUE83u
Implemented password reset functionality using JWT:
/auth/remind-password generates token and sends it via email
/auth/reset-password verifies the token and updates the password
Endpoints documented with Swagger.
Token secret and base URL configured via environment variables.
is.gd/LUE83u
Day#11 Password Reset Flow with JWT in a NestJS Backend
Today I implemented a complete password reset mechanism in a NestJS backend API. It consists of two public endpoints and uses a stateless...
is.gd
June 24, 2025 at 9:41 PM
Day 11
Implemented password reset functionality using JWT:
/auth/remind-password generates token and sends it via email
/auth/reset-password verifies the token and updates the password
Endpoints documented with Swagger.
Token secret and base URL configured via environment variables.
is.gd/LUE83u
Implemented password reset functionality using JWT:
/auth/remind-password generates token and sends it via email
/auth/reset-password verifies the token and updates the password
Endpoints documented with Swagger.
Token secret and base URL configured via environment variables.
is.gd/LUE83u
Day 10
Finalized hierarchy and contract logic: 1.4k test users, 160 units, 4 roles, supervisor chains, typed contracts with valid dates and amounts. Massive SQL update and 🎯 consistency across structure.
is.gd/r3KPbS
Finalized hierarchy and contract logic: 1.4k test users, 160 units, 4 roles, supervisor chains, typed contracts with valid dates and amounts. Massive SQL update and 🎯 consistency across structure.
is.gd/r3KPbS
Day #10 — Climbing the Hierarchy
I spent the last few days working through one of the most foundational layers in our system — the user–supervisor–contract structure. The...
is.gd
June 23, 2025 at 10:55 PM
Day 10
Finalized hierarchy and contract logic: 1.4k test users, 160 units, 4 roles, supervisor chains, typed contracts with valid dates and amounts. Massive SQL update and 🎯 consistency across structure.
is.gd/r3KPbS
Finalized hierarchy and contract logic: 1.4k test users, 160 units, 4 roles, supervisor chains, typed contracts with valid dates and amounts. Massive SQL update and 🎯 consistency across structure.
is.gd/r3KPbS
Day 9
Installed Forgejo and configured its native runner from scratch on Debian. Everything now works locally. I've added a GitHub backup workflow — every push to main now syncs code and tags to a private mirror repo.
shorturl.at/2gMtC
Installed Forgejo and configured its native runner from scratch on Debian. Everything now works locally. I've added a GitHub backup workflow — every push to main now syncs code and tags to a private mirror repo.
shorturl.at/2gMtC
Day#9 — Installing Forgejo and native Forgejo Runner
Today I installed Forgejo and configured its native runner from scratch. Initially I also installed Woodpecker CI, but it turned out unne...
shorturl.at
June 23, 2025 at 7:16 PM
Day 9
Installed Forgejo and configured its native runner from scratch on Debian. Everything now works locally. I've added a GitHub backup workflow — every push to main now syncs code and tags to a private mirror repo.
shorturl.at/2gMtC
Installed Forgejo and configured its native runner from scratch on Debian. Everything now works locally. I've added a GitHub backup workflow — every push to main now syncs code and tags to a private mirror repo.
shorturl.at/2gMtC
Day 8
The system supports now 96 distinct permissions across 8 modules, 4 CRUD operations, and 3 scopes: self, group, global.
Three system roles bind these into meaningful sets. More come...
is.gd/5rTif0
The system supports now 96 distinct permissions across 8 modules, 4 CRUD operations, and 3 scopes: self, group, global.
Three system roles bind these into meaningful sets. More come...
is.gd/5rTif0
Day#8 📊 Designing a Scalable Permission Model
Yesterday I took a break. Today I’m back – and permissions are under control, I hope. I’ve implemented a structured permission model tha...
is.gd
June 23, 2025 at 7:10 PM
Day 8
The system supports now 96 distinct permissions across 8 modules, 4 CRUD operations, and 3 scopes: self, group, global.
Three system roles bind these into meaningful sets. More come...
is.gd/5rTif0
The system supports now 96 distinct permissions across 8 modules, 4 CRUD operations, and 3 scopes: self, group, global.
Three system roles bind these into meaningful sets. More come...
is.gd/5rTif0
Day 7
✅ 24 test suites, 153 tests passing.
Solid coverage across service and controller layers in my modular monorepo. Strict typing (TypeScript), full DTO validation, and realistic mocks across complex relations (TypeORM).
is.gd/cnBprP
✅ 24 test suites, 153 tests passing.
Solid coverage across service and controller layers in my modular monorepo. Strict typing (TypeScript), full DTO validation, and realistic mocks across complex relations (TypeORM).
is.gd/cnBprP
Day#7: 24 Test Suites, 153 Tests Passing — Scaling Confidence with Every Assertion
After several days of shaping a growing service architecture, I've finally reached a point where 24 test suites and 153 individual tests ...
is.gd
June 18, 2025 at 8:29 AM
Day 7
✅ 24 test suites, 153 tests passing.
Solid coverage across service and controller layers in my modular monorepo. Strict typing (TypeScript), full DTO validation, and realistic mocks across complex relations (TypeORM).
is.gd/cnBprP
✅ 24 test suites, 153 tests passing.
Solid coverage across service and controller layers in my modular monorepo. Strict typing (TypeScript), full DTO validation, and realistic mocks across complex relations (TypeORM).
is.gd/cnBprP
Day 6
Released backend v0.3.0 🎉
✅ Users can belong to multiple groups with typed roles
✅ Groups can form hierarchical or overlapping structures
✅ Roles are normalized via reference types
Built with NestJS + TypeORM. Documented via Swagger.
is.gd/KNqKBH
Released backend v0.3.0 🎉
✅ Users can belong to multiple groups with typed roles
✅ Groups can form hierarchical or overlapping structures
✅ Roles are normalized via reference types
Built with NestJS + TypeORM. Documented via Swagger.
is.gd/KNqKBH
Day#6: Building a Flexible Group Structure with NestJS and TypeORM
TL;DR: I introduced a generic group model into the backend to handle dynamic user-to-organization assignments and relationships. Users ca...
is.gd
June 18, 2025 at 8:28 AM
Day 6
Released backend v0.3.0 🎉
✅ Users can belong to multiple groups with typed roles
✅ Groups can form hierarchical or overlapping structures
✅ Roles are normalized via reference types
Built with NestJS + TypeORM. Documented via Swagger.
is.gd/KNqKBH
Released backend v0.3.0 🎉
✅ Users can belong to multiple groups with typed roles
✅ Groups can form hierarchical or overlapping structures
✅ Roles are normalized via reference types
Built with NestJS + TypeORM. Documented via Swagger.
is.gd/KNqKBH
Day 5
RBAC is live.
Roles load from DB, go into JWT at login, and are checked via @Roles() + RolesGuard.
@UseGuards(JwtAuthGuard) added globally, @Public() bypasses auth.
Swagger supports Bearer auth.
Getting roles into the token took finesse.
is.gd/gspSV1
RBAC is live.
Roles load from DB, go into JWT at login, and are checked via @Roles() + RolesGuard.
@UseGuards(JwtAuthGuard) added globally, @Public() bypasses auth.
Swagger supports Bearer auth.
Getting roles into the token took finesse.
is.gd/gspSV1
Day#5: Continuation: Securing Routes with JWT and Role-Based Access Control
TL;DR: Continuing development on the backend platform — this time focusing on securing routes with JWT, implementing @Roles decorators, h...
is.gd
June 17, 2025 at 6:47 PM
Day 5
RBAC is live.
Roles load from DB, go into JWT at login, and are checked via @Roles() + RolesGuard.
@UseGuards(JwtAuthGuard) added globally, @Public() bypasses auth.
Swagger supports Bearer auth.
Getting roles into the token took finesse.
is.gd/gspSV1
RBAC is live.
Roles load from DB, go into JWT at login, and are checked via @Roles() + RolesGuard.
@UseGuards(JwtAuthGuard) added globally, @Public() bypasses auth.
Swagger supports Bearer auth.
Getting roles into the token took finesse.
is.gd/gspSV1
Day 4
Full Swagger docs and JWT auth are live.
Swagger now covers all DTOs and endpoints with real examples.
User registration + login added, using bcrypt and JWT tokens with roles.
Passport strategies in place. Next: route guards and RBAC.
is.gd/jC5QXE
Full Swagger docs and JWT auth are live.
Swagger now covers all DTOs and endpoints with real examples.
User registration + login added, using bcrypt and JWT tokens with roles.
Passport strategies in place. Next: route guards and RBAC.
is.gd/jC5QXE
Day#4: 🚀 Releasing the First Version — Lessons in Developer-Facing Documentation
After a week or so of bootstrapping a modular backend platform using NestJS, TypeORM, and Turborepo, I finally reached a point where I co...
is.gd
June 17, 2025 at 6:45 PM
Day 4
Full Swagger docs and JWT auth are live.
Swagger now covers all DTOs and endpoints with real examples.
User registration + login added, using bcrypt and JWT tokens with roles.
Passport strategies in place. Next: route guards and RBAC.
is.gd/jC5QXE
Full Swagger docs and JWT auth are live.
Swagger now covers all DTOs and endpoints with real examples.
User registration + login added, using bcrypt and JWT tokens with roles.
Passport strategies in place. Next: route guards and RBAC.
is.gd/jC5QXE
Day 3
Added global `ValidationPipe` and unified `AllExceptionsFilter` in NestJS. API errors now follow a consistent format: `{ statusCode, error, message, code, details }`.
is.gd/4WwbFV
Added global `ValidationPipe` and unified `AllExceptionsFilter` in NestJS. API errors now follow a consistent format: `{ statusCode, error, message, code, details }`.
is.gd/4WwbFV
Day#3: Behind the Scenes: Challenges in Building a Modular, Scalable Platform
Over the past few days, I’ve been developing a backend system from scratch that’s designed to scale with a complex, multi-tenant structur...
is.gd
June 13, 2025 at 9:10 AM
Day 3
Added global `ValidationPipe` and unified `AllExceptionsFilter` in NestJS. API errors now follow a consistent format: `{ statusCode, error, message, code, details }`.
is.gd/4WwbFV
Added global `ValidationPipe` and unified `AllExceptionsFilter` in NestJS. API errors now follow a consistent format: `{ statusCode, error, message, code, details }`.
is.gd/4WwbFV
Day 2:
Wrestled for hours with TS `project references` and `paths` in a Turbo monorepo (NestJS, ESM).
If you want global aliases like `@my-lib/foo` to *just work* across apps — skip `composite: true` and `tsc --build`.
#TypeScript #NestJS #Microservices #codingdays #programming
is.gd/YCXief
Wrestled for hours with TS `project references` and `paths` in a Turbo monorepo (NestJS, ESM).
If you want global aliases like `@my-lib/foo` to *just work* across apps — skip `composite: true` and `tsc --build`.
#TypeScript #NestJS #Microservices #codingdays #programming
is.gd/YCXief
Day#2: Designing a Reliable Backend: Lessons from Early Infrastructure Work
Building new software from scratch means making foundational decisions early — decisions that shape how maintainable, scalable, and consi...
is.gd
June 13, 2025 at 8:59 AM
Day 2:
Wrestled for hours with TS `project references` and `paths` in a Turbo monorepo (NestJS, ESM).
If you want global aliases like `@my-lib/foo` to *just work* across apps — skip `composite: true` and `tsc --build`.
#TypeScript #NestJS #Microservices #codingdays #programming
is.gd/YCXief
Wrestled for hours with TS `project references` and `paths` in a Turbo monorepo (NestJS, ESM).
If you want global aliases like `@my-lib/foo` to *just work* across apps — skip `composite: true` and `tsc --build`.
#TypeScript #NestJS #Microservices #codingdays #programming
is.gd/YCXief
Day 1:
tl;dr: ESM + TS + NestJS + TypeORM is possible, but not recommended for the impatient.
Successfully bootstrapped NestJS + TypeORM + PostgreSQL stack using ESM.
is.gd/7Z269a
#TypeScript #NestJS #Microservices #codingdays #programming
tl;dr: ESM + TS + NestJS + TypeORM is possible, but not recommended for the impatient.
Successfully bootstrapped NestJS + TypeORM + PostgreSQL stack using ESM.
is.gd/7Z269a
#TypeScript #NestJS #Microservices #codingdays #programming
Day#1: Building Clean, Breaking Things: The Unexpected Cost of a Global Exception Filter
The goal seemed trivial: create a global ExceptionFilter to unify error responses across the backend. A quick win. A small boost in DX. W...
is.gd
June 13, 2025 at 8:56 AM
Day 1:
tl;dr: ESM + TS + NestJS + TypeORM is possible, but not recommended for the impatient.
Successfully bootstrapped NestJS + TypeORM + PostgreSQL stack using ESM.
is.gd/7Z269a
#TypeScript #NestJS #Microservices #codingdays #programming
tl;dr: ESM + TS + NestJS + TypeORM is possible, but not recommended for the impatient.
Successfully bootstrapped NestJS + TypeORM + PostgreSQL stack using ESM.
is.gd/7Z269a
#TypeScript #NestJS #Microservices #codingdays #programming
Day 0:
TL;DR: Set up the basic foundations for a new system: database schema finalized, core backend modules scaffolded, and initial API contracts defined.Key points:
Microservices architecture
PostgreSQL
TypeScript with ESM
write.as/bmariusz/test
#TypeScript #NestJS #Nextjs #codingdays #programming
TL;DR: Set up the basic foundations for a new system: database schema finalized, core backend modules scaffolded, and initial API contracts defined.Key points:
Microservices architecture
PostgreSQL
TypeScript with ESM
write.as/bmariusz/test
#TypeScript #NestJS #Nextjs #codingdays #programming
Day#0: Building a Modular System from Scratch
Starting a new software project from the ground up is always an exercise in balancing ambition with reality. Over the past two days, I’ve...
write.as
June 13, 2025 at 8:52 AM
Day 0:
TL;DR: Set up the basic foundations for a new system: database schema finalized, core backend modules scaffolded, and initial API contracts defined.Key points:
Microservices architecture
PostgreSQL
TypeScript with ESM
write.as/bmariusz/test
#TypeScript #NestJS #Nextjs #codingdays #programming
TL;DR: Set up the basic foundations for a new system: database schema finalized, core backend modules scaffolded, and initial API contracts defined.Key points:
Microservices architecture
PostgreSQL
TypeScript with ESM
write.as/bmariusz/test
#TypeScript #NestJS #Nextjs #codingdays #programming
Reposted by Mariusz Balewski
The new completion plugin for #Neovim (blink.cmp) is really coming along! It has dramatically reduced the complexity of my config.
I've also just added support for Blink highlight groups to my theme (tol.nvim). If you're a Neovim user, please check it out:
github.com/dustypomerle...
I've also just added support for Blink highlight groups to my theme (tol.nvim). If you're a Neovim user, please check it out:
github.com/dustypomerle...
June 12, 2025 at 8:11 AM
The new completion plugin for #Neovim (blink.cmp) is really coming along! It has dramatically reduced the complexity of my config.
I've also just added support for Blink highlight groups to my theme (tol.nvim). If you're a Neovim user, please check it out:
github.com/dustypomerle...
I've also just added support for Blink highlight groups to my theme (tol.nvim). If you're a Neovim user, please check it out:
github.com/dustypomerle...