Enterprise-grade, multi-tenant project and task management REST API.
NestJS · TypeScript · Prisma 6 · PostgreSQL + pgvector · Redis · RabbitMQ · WebSocket · JWT · Docker · AWS · Grafana Cloud + Loki · Claude API
Client
↓
AWS VPC
↓
NestJS API (EC2)
↓ ↓ ↓
RDS ElastiCache RabbitMQ (EC2)
PG Redis ↓
+pgv Cache + Mail Service
(RAG) Rate Limit ↓
Claude API
↓
Grafana Cloud
Multi-tenancy: Shared DB, Shared Schema — her tabloda workspaceId. TenantGuard her request'te workspace üyeliğini kontrol eder, request.workspaceMember'a yazar. Controller'lar @CurrentMember() ile okur.
User
└── WorkspaceMember → Workspace
├── ProjectStatus (custom + sistem)
├── TaskStatus (custom + sistem)
├── Project
│ └── Board
│ └── Task
│ ├── Comment
│ ├── TaskLabel
│ └── ActivityLog
├── WorkspaceInvite
└── AuditLog
Task
├── searchVector (tsvector — full-text search)
└── embedding (vector(1536) — RAG/pgvector)
Workspace Rolleri: OWNER · ADMIN · MANAGER · MEMBER
Status Sistemi: Enum yerine tablo — her workspace kendi project ve task status setini özelleştirebilir. isSystem=true olanlar silinemez.
src/
common/
decorators/ → @CurrentUser, @CurrentMember, @Public, @Roles
exceptions/ → BaseException, ErrorCode enum
filters/ → GlobalExceptionFilter
guards/ → JwtAuthGuard, TenantGuard
interceptors/ → LoggingInterceptor
logger/ → Winston (console + file + Grafana Loki)
types/ → TaskflowRequest, AuthenticatedUser
modules/
auth/ → JWT, refresh token, httpOnly cookie, 2FA
workspaces/ → CRUD, davet sistemi, üye yönetimi, roller
projects/ → CRUD + custom status yönetimi
boards/ → CRUD, sıralama, reorder
tasks/ → CRUD, atama, öncelik, deadline, sub-task, move, reorder + custom status
comments/ → yorum, mention
notifications/ → in-app + WebSocket real-time
ai/ → Claude API, RAG, task asistanı
analytics/ → big data pipeline, sprint istatistikleri
prisma/
prisma.service.ts
prisma.module.ts
app.module.ts
main.ts
prisma/
_config.prisma
_enums.prisma → TaskPriority (WorkspaceRole buradan kaldırıldı — DB'de enum)
user.prisma → User, RefreshToken
workspace.prisma → Workspace, WorkspaceMember, WorkspaceInvite
project.prisma → Project, ProjectStatus
board.prisma → Board
task.prisma → Task, TaskLabel, TaskStatus
label.prisma → Label
comment.prisma → Comment
activity.prisma → ActivityLog
notification.prisma → Notification
audit.prisma → AuditLog
migrations/
Method
Endpoint
Açıklama
POST
/auth/register
Kayıt
POST
/auth/login
Giriş
POST
/auth/logout
Çıkış
POST
/auth/refresh
Token yenile
GET
/auth/me
Mevcut kullanıcı
POST
/auth/2fa/enable
2FA aktifleştir
POST
/auth/2fa/verify
2FA doğrula
Method
Endpoint
Açıklama
POST
/workspaces
Workspace oluştur
GET
/workspaces
Üye olduğum workspace'ler
GET
/workspaces/:id
Workspace detayı
PATCH
/workspaces/:id
Güncelle
DELETE
/workspaces/:id
Sil (OWNER)
POST
/workspaces/:id/invite
Üye davet et
POST
/workspaces/invite/accept/:token
Daveti kabul et
DELETE
/workspaces/:id/members/:userId
Üyeyi çıkar
PATCH
/workspaces/:id/members/:userId/role
Rol değiştir
Method
Endpoint
Açıklama
POST
/workspaces/:wId/projects
Proje oluştur
GET
/workspaces/:wId/projects
Projeleri listele
GET
/workspaces/:wId/projects/:id
Proje detayı
PATCH
/workspaces/:wId/projects/:id
Güncelle
DELETE
/workspaces/:wId/projects/:id
Sil
GET
/workspaces/:wId/projects/statuses
Status listele
POST
/workspaces/:wId/projects/statuses
Status ekle
PATCH
/workspaces/:wId/projects/statuses/:id
Status güncelle
DELETE
/workspaces/:wId/projects/statuses/:id
Status sil
Method
Endpoint
Açıklama
POST
/workspaces/:wId/projects/:pId/boards
Board oluştur
GET
/workspaces/:wId/projects/:pId/boards
Board listele
PATCH
/workspaces/:wId/projects/:pId/boards/:id
Güncelle
PATCH
/workspaces/:wId/projects/:pId/boards/reorder
Sırala
DELETE
/workspaces/:wId/projects/:pId/boards/:id
Sil
Method
Endpoint
Açıklama
POST
/workspaces/:wId/boards/:bId/tasks
Task oluştur
GET
/workspaces/:wId/boards/:bId/tasks
Task listele
GET
/workspaces/:wId/tasks/:id
Task detayı
PATCH
/workspaces/:wId/tasks/:id
Güncelle
PATCH
/workspaces/:wId/tasks/:id/move
Board'a taşı
PATCH
/workspaces/:wId/boards/:bId/tasks/reorder
Sırala
DELETE
/workspaces/:wId/tasks/:id
Sil
GET
/workspaces/:wId/tasks/statuses
Status listele
POST
/workspaces/:wId/tasks/statuses
Status ekle
PATCH
/workspaces/:wId/tasks/statuses/:id
Status güncelle
DELETE
/workspaces/:wId/tasks/statuses/:id
Status sil
{
"statusCode" : 409 ,
"errorCode" : " AUTH_002" "message" : " Email address is already in use" "path" : " /api/v1/auth/register" "method" : " POST" "timestamp" : " 2026-06-17T..."
Code
Constant
Açıklama
AUTH_001
AUTH_INVALID_CREDENTIALS
Hatalı email/şifre
AUTH_002
AUTH_EMAIL_ALREADY_EXISTS
Email zaten kayıtlı
AUTH_003
AUTH_TOKEN_EXPIRED
JWT süresi dolmuş
AUTH_004
AUTH_TOKEN_INVALID
Geçersiz token
AUTH_005
AUTH_NO_REFRESH_TOKEN
Refresh token yok
AUTH_006
AUTH_2FA_REQUIRED
2FA kodu gerekli
AUTH_007
AUTH_2FA_INVALID_CODE
Hatalı 2FA kodu
WS_001
WORKSPACE_NOT_FOUND
Workspace bulunamadı
WS_002
WORKSPACE_FORBIDDEN
Yetkisiz erişim
WS_003
WORKSPACE_SLUG_TAKEN
Slug kullanımda
WS_004
WORKSPACE_INVITE_INVALID
Geçersiz davet
WS_005
WORKSPACE_INVITE_EXPIRED
Süresi dolmuş davet
PRJ_001
PROJECT_NOT_FOUND
Proje bulunamadı
PRJ_002
PROJECT_FORBIDDEN
Yetkisiz erişim
BOARD_001
BOARD_NOT_FOUND
Board bulunamadı
BOARD_002
BOARD_FORBIDDEN
Yetkisiz erişim
TASK_001
TASK_NOT_FOUND
Task bulunamadı
TASK_002
TASK_FORBIDDEN
Yetkisiz erişim
USER_001
USER_NOT_FOUND
Kullanıcı bulunamadı
# AppNODE_ENV = development
PORT = 8000
# DatabaseDATABASE_URL = postgresql://taskflow:taskflow_pass@localhost:5432/taskflow_db
# RedisREDIS_HOST = localhost
REDIS_PORT = 6379
# RabbitMQRABBITMQ_URL = amqp://taskflow:taskflow_pass@localhost:5672
# JWTJWT_SECRET = ...
JWT_EXPIRES_IN = 15m
REFRESH_TOKEN_SECRET = ...
REFRESH_TOKEN_EXPIRES_IN = 7d
# FrontendFRONTEND_URL = http://localhost:3000
# AnthropicANTHROPIC_API_KEY = ...
ANTHROPIC_MODEL = claude-sonnet-4-6 # Docker servislerini başlat# Migrate# Dev server# SwaggerWorkspace Oluşturulunca Otomatik Eklenenler Yeni workspace oluşturulduğunda şunlar otomatik eklenir:
Project Statuses:
Active #22C55E
Completed #6366F1
Archived #6B7280
Task Statuses:
Todo #6B7280
In Progress #3B82F6
In Review #F59E0B
Done #22C55E
#
Özellik
Durum
1.1
Proje setup — NestJS + Prisma + Docker Compose
✅
1.2
Prisma multi-file schema — tüm modeller + migration
✅
1.3
GlobalExceptionFilter + ErrorCode enum
✅
1.4
LoggingInterceptor
✅
1.5
Custom decorators (@CurrentUser, @CurrentMember, @Public, @Roles)
✅
1.6
Auth — register, login, logout
✅
1.7
Auth — JWT + httpOnly cookie
✅
1.8
Auth — refresh token rotasyonu
✅
1.9
Auth — 2FA (TOTP / Google Authenticator)
✅
1.10
JwtAuthGuard — global guard
✅
1.11
TenantGuard — workspace izolasyonu
✅
1.12
Workspace CRUD
✅
1.13
Workspace davet sistemi (email token)
✅
1.14
Project CRUD + custom status
✅
1.15
Board CRUD + sıralama
✅
1.16
Task CRUD + atama + öncelik + deadline
✅
1.17
Task — sub-task desteği
✅
1.18
Label CRUD + task'a etiket ekleme
⬜
1.19
Rate limiting — Redis ile (throttler)
⬜
1.20
Audit log — her kritik işlemde kayıt
⬜
1.21
Full-text search — task + yorum (PostgreSQL tsvector)
⬜
1.22
Winston logger kurulumu
⬜
1.23
Unit testler — AuthService, WorkspaceService, TaskService
⬜
1.24
E2E testler — auth, workspaces, tasks (izole test DB)
⬜
#
Özellik
Durum
2.1
Yorum sistemi — task'a yorum ekle/düzenle/sil
⬜
2.2
Mention sistemi — @kullanıcı
⬜
2.3
Aktivite akışı — task geçmişi
⬜
2.4
RabbitMQ kurulum + exchange/queue yapısı
⬜
2.5
Email servisi — ayrı mikroservis (RabbitMQ consumer)
⬜
2.6
Email bildirimi — task atandığında
⬜
2.7
Email bildirimi — workspace daveti
⬜
2.8
WebSocket gateway — NestJS
⬜
2.9
Real-time bildirim — task atama, yorum, mention
⬜
2.10
In-app bildirim — okundu/okunmadı
⬜
2.11
Webhook sistemi — Slack entegrasyonu
⬜
2.12
Webhook sistemi — Teams entegrasyonu
⬜
2.13
Redis cache — workspace/project/task hot data
⬜
2.14
Cache invalidation stratejisi
⬜
Faz 3 — AI + RAG + Big Data ⬜
#
Özellik
Durum
3.1
pgvector kurulum + embedding pipeline
⬜
3.2
RAG — döküman yükle + chunk + index
⬜
3.3
RAG — semantic search + bağlam alma
⬜
3.4
Claude API entegrasyonu
⬜
3.5
Task asistanı — başlık ver, AI açıklama + alt görev önersin
⬜
3.6
Sprint planlama asistanı — AI kapasite bazlı öneri
⬜
3.7
Otomatik önceliklendirme — AI task önceliği atasın
⬜
3.8
RabbitMQ + AI event pipeline — task oluşunca AI analiz
⬜
3.9
Faker.js seed script — 1 milyon activity log
⬜
3.10
Workspace Analytics Pipeline — gece cron job
⬜
3.11
Batch processing — 1000'erlik gruplar
⬜
3.12
Worker concurrency (concurrency: 10)
⬜
3.13
Dead letter queue — başarısız job'lar
⬜
3.14
Idempotency — aynı job 2x çalışırsa sorun olmasın
⬜
3.15
Cursor-based pagination — büyük veri setleri
⬜
3.16
Anomali tespiti — "Bu sprint %40 yavaş"
⬜
3.17
Sprint istatistikleri dashboard
⬜
3.18
PDF/CSV export
⬜
Faz 4 — AWS Deploy + Production ⬜
#
Özellik
Durum
4.1
AWS VPC kurulumu — private network
⬜
4.2
EC2 (t2.micro) — NestJS backend deploy
⬜
4.3
RDS (t3.micro) — PostgreSQL
⬜
4.4
ElastiCache — Redis
⬜
4.5
S3 — dosya ve avatar storage
⬜
4.6
ECS/ECR — Docker container yönetimi
⬜
4.7
RabbitMQ — EC2'da self-hosted
⬜
4.8
GitHub Actions CI/CD — AWS'ye otomatik deploy
⬜
4.9
Grafana Cloud + Loki — log monitoring
⬜
4.10
Production migration stratejisi
⬜
4.11
Health check endpoint
⬜
4.12
E2E test coverage artırma
⬜
4.13
Performance optimizasyonu + load testing
⬜
#
Özellik
Durum
B.1
Generic Repository Pattern — Taskflow'da implement et
⬜
B.2
@fffset/nestjs-repository — npm'e publish et⬜