Backend API Overview
The Tower Defense backend is a NestJS application (apps/api). It handles authentication, account management, and data persistence for the game.
Architecture
Three shared libraries power the API:
@tower-defense/auth— Better Auth integration and profile management@tower-defense/db— Drizzle ORM + MySQL schema@tower-defense/mail— Nodemailer transactional email delivery
Runtime Shape
- Entry point:
apps/api/src/main.ts - Global prefix:
/api - Port: reads from
PORTenv var, defaults to3000 - CORS: enabled for
https://td.traitor.appwith credentials
What Each Library Owns
| Library | Responsibility |
|---|---|
auth | Session management, confirmation-token flows, blocked mutation policy |
db | MySQL schema, connection pool, migration tooling |
mail | SMTP transport, all outgoing email templates |
Documentation Map
| Goal | Page |
|---|---|
| Understand how auth and profile flows work | Authentication |
| Look up endpoint payloads and responses | Endpoints |
| Find required env vars and runtime settings | Configuration |
| Inspect the database schema | Database |
| See which mail is sent and when | Mail Service |
| Understand the complete client-to-API auth flow | Auth Flow End to End |
New to the backend?
Read Getting Started for local setup instructions.