How I structure my next.js applications

00:00

so I think it's been like a week since

00:01

I've published a video on my channel and

00:02

I figured I should probably get

00:03

something published out there before the

00:05

YouTube algorithm thinks I'm no longer

00:07

relevant so I want to talk about the

00:09

structure of my code and how I kind of

00:11

architect the code for my nextjs starter

00:13

kit um you can kind of take what you

00:15

want from this you can in the comments

00:17

you can say that this is dumb you can

00:19

say hey I agree with what you're doing

00:21

maybe we can have a discussion about it

00:22

and just learn from it a lot of the

00:24

stuff I'm going to be showing in this

00:25

video do come from an idea called clean

00:28

architecture there's a book called clean

00:29

AR chitecture written by Uncle Bob we

00:32

apply this or we try to apply this as

00:34

best as possible at work so we have

00:36

something called like controllers use

00:37

cases entities and you kind of structure

00:40

your code in different layers and

00:42

there's certain rules that you follow so

00:44

that you don't have dependencies that

00:46

cause your project to be a little bit

00:48

more unmaintainable there's also like a

00:50

layered architecture approach where you

00:52

basically have like a presentation layer

00:54

a business layer a persistence layer and

00:55

a database layer this is also kind of

00:58

what I'm doing on my starter kit which

01:00

I'll kind of walk you through the

01:02

different layers that I have applied I

01:04

highly recommend that you do something

01:06

like this on your projects like I've

01:07

seen a lot of videos and tutorials where

01:09

people are just like doing uh Prisma

01:11

calls or drizzle calls or SQL calls

01:13

calls directly in their react server

01:15

components when the page loads and

01:17

although that works I just don't think

01:19

it's a very long-term maintainable

01:21

solution uh what you want to do is just

01:24

apply some type of layered architecture

01:26

so that you have more control over like

01:29

who can read the data who can manipulate

01:31

the data and you can kind of test your

01:33

business logic separately from all the

01:36

nextjs code okay so let's just draw a

01:38

little bit so in my project I'm trying

01:40

to do a layered architecture type of

01:42

thing right so we have nextjs and to

01:44

help kind of exemplify what we're doing

01:46

um we are going to follow a use case

01:49

where I'm an admin or an owner of this

01:51

group and I want an admin or owner to be

01:54

able to modify the text on the info page

01:58

like over here if I say hello world

02:00

I save this I want other users who are

02:03

not admins or uh owners to be able to

02:06

see this text when they go and view this

02:08

group directly so in terms of that use

02:11

case what we just did in xjs is what you

02:14

probably know is I'm using server action

02:16

so let's just go ahead and say we have a

02:18

server action I'll make a little box

02:20

here I'll say server action and this is

02:24

one of the layers I'll call this a

02:25

presentational layer you may also call

02:27

this a controller uh it does doesn't

02:30

really matter the point is you want to

02:32

keep all your nextjs specific code to

02:35

the left of this line right you don't

02:37

want react cach methods or unstable cach

02:41

methods bleeding over onto the right

02:43

side of the line you don't want

02:44

revalidate path or revalidate tag

02:47

bleeding over cuz now at this point you

02:50

don't have nice clean uh separations

02:53

between like what's in charge of the

02:54

presenting and the controlling of your

02:57

your code and what's in charge of the

02:59

actual business logic so that leads me

03:00

to my next point is if I consider a

03:03

server action kind of like a controller

03:06

if you were to look at this layer

03:08

architecture the presentational layer

03:10

would probably be like react or your

03:11

react server components that render out

03:13

the page when you invoke an action again

03:17

that's kind of calling a presentational

03:18

layer uh controller again if you were to

03:21

look at the clean architecture Circle

03:23

your controllers in your presenters are

03:24

all in this interface adapters right so

03:27

the user needs to do something they are

03:28

going to invoke some type of controller

03:31

invoke some type of adapter and in our

03:33

case I'm basically going to say that a

03:36

server action is a form of a controller

03:39

again feel free to call me out in the

03:40

comments if anything I'm explaining

03:42

doesn't seem right but this is just how

03:44

I kind of think about it so when a user

03:46

clicks on the save changes that invokes

03:50

a server action which again is still in

03:52

this nextjs layer over here so let's

03:54

kind of look at the code I have a page

03:57

and I click on a button and it calls an

04:00

action let's try to figure out where

04:01

that's happening I have an action here

04:03

called update group info action now

04:06

something that I'm doing in my codebase

04:08

is I want to make sure that everything

04:09

that goes in and out of this action is

04:13

parsed right I want to make sure that

04:15

the stuff that's sent in it matches a

04:17

certain type of structure I want to make

04:19

sure the group ID sent in is a number

04:21

there is an info that's sent in that is

04:23

defined and once I get that information

04:26

I can kind of trust it and start running

04:29

some controller type of code and again

04:32

notice that my actions this is where I

04:34

keep revalidate path or revalidate tag

04:36

or redirect all of the nextjs SL uh

04:41

react specific code I would probably

04:43

keep it inside of This Server action now

04:46

if you're curious how I'm using an

04:48

authenticated action I'm using a library

04:50

called Zsa which allows you to basically

04:53

create middlewares where for example I

04:56

have this authenticated action I create

04:58

a procedure and anytime I want to create

05:01

a action that requires authentication

05:04

all I do is I just run some code make

05:07

sure that the you know the cookie set

05:08

the session is set I also do some rate

05:11

limiting just so that all my

05:13

authenticated endpoints are just rate

05:15

limited by that user ID I don't want

05:16

people trying to maliciously abuse my

05:19

systems and then I return the user right

05:22

so again this is still all in the the

05:24

controller presentational layer if we

05:27

were to go back to this diagram now at

05:29

some point you'll see that after I've

05:31

done the parsing of the input which

05:33

comes from a form or whatever I'm

05:35

calling something called a use case this

05:37

is just my nomac claure of like how I

05:39

like to denote this stuff and this comes

05:41

heavily from the clean architecture book

05:44

so all of my actions invoke use cases

05:46

and these use cases leads us to the next

05:49

point I want to make out and that is the

05:52

business uh business layer a business

05:56

layer and then inside of this business

05:57

layer Theory clean architecture believe

06:00

that he calls them use cases or slash

06:02

interactors okay let's just look at this

06:04

little diagram real quick and you'll see

06:07

he calls the little orange red circle

06:09

use cases and then that points to

06:12

application business rules okay so from

06:15

my perspective what is a business rule

06:17

what are concerns of the business logic

06:20

well the action all it's in charge of is

06:24

basically taking in figuring out what

06:26

the authentication methods are maybe

06:28

you're using JWT Maybe using session

06:30

storage doesn't matter the business

06:32

layer does not care about that all it

06:34

cares about is that you're passing in

06:35

the correct data um that it would expect

06:38

so in our case this update group info

06:40

use case this needs a group ID and an

06:44

info and it also takes in an

06:46

authenticated user again this thing

06:49

doesn't

06:50

know if we're using jts or sessions it's

06:53

just give me a user object and I'm going

06:56

to use that user information to figure

06:57

out if a user should have access to

07:00

update the group info so what this does

07:03

is basically we're going to pass over

07:04

some user information the group ID

07:07

whatever and we're going to invoke a use

07:10

case again that I called um update group

07:13

info use case I might as well go back to

07:15

this one and change this one to have a

07:19

name just call it uh this action here so

07:22

this action is going to invoke this

07:24

business layer use case interactor and

07:27

this is where you want to run some type

07:28

of authorization check so in my group

07:30

finder application I have a lot of role

07:32

base authorization checks in place you

07:34

can be an owner or an admin of a group

07:37

or you can just be a member of a group

07:39

and if you're an owner or an admin an

07:42

owner can actually go and delete the

07:43

entire group an admin just has the

07:45

ability to modify you know some info

07:48

they have the ability to come in here

07:50

and maybe promote other users to an

07:52

admin or demote users Etc but the owner

07:55

has you know very special privileges

07:57

that you have to encode this in business

07:59

logic somewhere and so how this works is

08:02

basically this use case is where you're

08:05

going to run your you know authorization

08:08

checks is this user an

08:11

owner or an

08:13

admin and then if they are you want to

08:16

be able to allow them to update this

08:18

information so let's look at the code

08:19

because it's actually super super simple

08:21

so basically we first we fetch the group

08:23

by group ID if there is no group I throw

08:25

an error and again you should not be

08:27

throwing any type of nextjs specific

08:29

erors here you should not be calling

08:30

redirects or anything keep it simple

08:33

throw errors or return some type of like

08:35

error objects if you need to and then

08:38

finally I do another check that says if

08:40

I'm not the group

08:41

owner go ahead and throw an error that

08:44

has unauthorized and then finally if

08:46

everything passes we just go ahead and

08:48

update that group info using that info

08:51

that was passed in now

08:52

technically there is more to clean

08:54

architecture if you look at this uh

08:56

diagram there's something called

08:57

entities and I'm a voiding entities just

09:00

to keep it simple for my you know oneman

09:02

Team starter kit project but at some

09:04

point you may want to encode business

09:06

rules to say info can only be 1,000

09:11

characters right that is business rules

09:14

that the business people can Define and

09:16

I know when I say business like I'm just

09:17

talking about myself because this is

09:18

like a oneman project but when you work

09:20

on a bigger team like there's people who

09:22

are going to Define how large how much

09:25

data some of the stuff can be what is

09:27

the shape of this data is it a first

09:30

name does it need to be all capitalized

09:31

does it need to be proper case stuff

09:33

like that and so sometimes what you want

09:35

to do is you want to

09:36

encode this information in something

09:39

called business entities and those

09:40

entities can have validation rules

09:42

themselves okay now I'm not going to

09:44

dive into that because again I'm not

09:45

doing that so basically I just call a

09:47

method called update group and this is

09:50

something called a persistence method so

09:52

this is going to lead us to the next

09:55

section of our

09:57

code which is the

10:00

persistence layer okay let's look at the

10:03

layered architecture we are over here we

10:04

just talked about the business layer a

10:06

little bit now we're at the persistence

10:08

layer and the persistence layer's goal

10:11

is to basically give you methods that

10:13

you can invoke for storing and quering

10:16

data from your data store whether that

10:19

be in postgress whatever so we

10:22

have a method over here called update

10:24

group so I'll just go ahead and make a

10:27

little box here that's going to call

10:29

update group going to pass in some

10:32

information such as a group ID some info

10:34

and there's different ways you can do

10:36

this a lot of people use something

10:36

called like a repository pattern where

10:39

they'll have like an object called I

10:41

don't know groups and they'll say update

10:44

and they'll pass it whatever information

10:46

something like this I think is just not

10:47

as friendly to read versus something

10:49

update group that's just a personal

10:50

preference it doesn't really matter but

10:52

the point is is that this layer is

10:54

responsible for knowing how to write to

10:57

your database which in case I'm using

10:59

drizzle but something I want to point

11:01

out is that you don't even know I'm

11:03

using drizzle right the business layer

11:05

has no concept of what omm you're using

11:08

what libraries you're using to actually

11:10

persist the data all it knows is that I

11:12

need to call some method to save this

11:16

group information okay that's been

11:18

abstracted away about how that actually

11:20

happen so let's dive into this code real

11:22

quick and you'll see over here I have a

11:23

data access folder with like all of my

11:25

tables I basically have like a one to

11:27

one mapping of a file maps to a table in

11:29

my SQL database you can structure this

11:31

however you want but the way I typically

11:34

do this is I have a groups file and this

11:37

has an update group function which

11:39

allows you to basically take any group

11:41

ID and just update any parts of it right

11:44

and so now you start seeing some code

11:45

that might look familiar to you which is

11:47

drizzle orm so if you go up to the top

11:49

here you'll see that I am just defining

11:51

like a drizzle orm connection and in

11:54

fact let me uh how do I go to the

11:56

definition here I think just scroll up

11:58

you'll see I'm import reporting this

11:59

from DB which is bringing us some

12:02

drizzle orm stuff okay so this

12:04

persistence method this persistence

12:06

layer knows about how to write and

12:09

persist the data which if you look at a

12:11

layered architecture now we're hitting

12:13

the database layer something that we're

12:15

using a library we're using knows how to

12:16

write data let's just go ahead and put

12:19

another line here and this is going to

12:22

write directly to a database just draw a

12:25

database symbol here here we go I'll

12:28

just say post CR cuz that's what I'm

12:30

using so if we zoom out a little bit

12:32

this is the pattern that I try to follow

12:34

in my applications this is just the way

12:36

I've been brought up when learning how

12:37

to code people smarter than me have

12:39

taught me this pattern I believe them

12:41

and I follow the pattern too not blindly

12:44

but I do try to follow it because I

12:46

personally think it is useful and some

12:48

of the reasons why I think following

12:49

either clean architecture or layered

12:51

architecture or some type of pattern is

12:53

a everyone on the team has a common

12:57

pattern they can follow if you're

12:59

working on a project by yourself I mean

13:00

you could just raw dog SQL right in your

13:03

react server components if you want to I

13:05

probably would not recommend that

13:07

because if your project actually takes

13:08

off and grows you're going to want to

13:10

bring in other engineers and you want a

13:11

Common Language such as an architecture

13:14

that you can all discuss things about

13:17

now some teams and projects like to make

13:19

this even more complex which I'm on the

13:22

fence of a lot of teams will in between

13:23

these two layers they'll do something

13:25

called data transfer objects DT's to

13:28

make sure that that certain things Never

13:30

Bleed over so what I mean by bleeding

13:32

over so for example in the business

13:33

layer let's say you're fetching

13:35

something from a persistence layer an

13:37

update group happens to update the group

13:38

but then return the whole group object

13:40

back you could potentially have a bunch

13:43

of extra fields on this database that

13:45

you haven't actually like cleaned up you

13:47

could have like a group name a group

13:50

display name all this other stuff and

13:52

you may not want that to ever bleed over

13:55

into your business layer right so

13:56

sometimes what you do is you'll create a

13:58

data transfer object so that all the

14:00

data is basically sent through a mapper

14:03

to make sure that you only return the

14:05

things that are necessary from your

14:06

persistence layer back to your business

14:08

layer and again you want to make sure

14:11

that you only return certain things from

14:12

your business layer back to your

14:14

controller or back into your react

14:16

server component so that you don't leak

14:19

sensitive information or information

14:20

that's not a concern of any of these

14:23

layers one good example I've seen is a

14:26

lot of people who use

14:27

mongodb a lot of the times the unique

14:30

identifier for your IDs is underscore ID

14:34

and they'll start bleeding that over

14:35

into every single layer and you can

14:37

actually look at the network request and

14:39

see oh all the entities have an

14:41

underscore ID on them I'm going to

14:42

assume you guys are using mongodb right

14:45

because that wasn't really abstracted

14:47

way too well and using something like a

14:49

dto could potentially help prevent

14:52

leaking information about your you know

14:55

your underlying architecture of your

14:56

system maybe you don't want people to

14:58

know you're using mongus because that

14:59

opens up more security attack vectors of

15:02

how they can abuse your system stuff

15:04

like that so that's kind of how I would

15:06

recommend at least Loosely following a

15:08

project the only dto stuff I end up

15:11

doing is with these actions over here I

15:14

can actually put an output as well and I

15:17

can specify what the output needs to

15:19

look like so over here I can say well I

15:21

just want this to return uh nothing I

15:24

could say void of undefined or something

15:27

and that at least gives me a little bit

15:29

of certainty because Zod is going to

15:31

verify that whatever I'm returning here

15:34

it has to match undefined if I were to

15:36

accidentally take the group that was

15:38

being returned here and let's just say

15:40

like name is Bomb notice that I get some

15:43

typescript errors that says hey you're

15:44

returning some information where you're

15:47

not supposed to be returning that

15:48

because you specified an output of

15:50

undefined something like that can be

15:52

very useful and again this is basically

15:54

a dto it's just that we're using

15:56

libraries that just automatically do it

15:58

for us and I don't want to waste a bunch

16:00

of time writing the mapping code and

16:01

writing the you know the dto objects

16:04

with classes and stuff like that now

16:06

before I wrap up this video I do want to

16:07

kind of touch a little bit about the

16:09

directory structure of my projects I try

16:11

to collocate as much as possible so if

16:14

I'm looking at a page right here for

16:16

example I'm on my group info page

16:19

everything that's on this page should be

16:21

in the same directory as my info route I

16:24

don't like having a separate components

16:26

folder where I put all those and then I

16:27

import them I want all my components

16:30

that are related cooc in this directory

16:33

because I think it makes the project a

16:35

little easier to maintain at work we do

16:38

an approach where we have like every

16:39

folder holds different things and those

16:43

things are separated by type and you end

16:46

up having this folder that has 500

16:47

different files in them and there's like

16:50

no good way to really understand like

16:52

what is using this thing okay so if it's

16:55

not an actual res sharable reusable

16:57

thing then I would just co-locate it for

17:00

example typically server actions have

17:02

stuff like this like revalidate path

17:05

which means they are very tightly

17:06

coupled to the page or the route that

17:08

you're on so it makes sense to just put

17:10

your actions directly in this folder

17:12

also with components this is the only

17:14

place in this entire application I have

17:16

a component that looks like this so I'm

17:18

not going to go and find my components

17:20

directory and put it in there I'm going

17:21

to collocate it so that if I were to

17:23

onboard someone under this project they

17:25

can also have a common Convention of

17:27

like okay I'm looking at the info page I

17:30

have 95% certainty that every component

17:32

that's needed for this info panel is

17:35

probably going to be right in this

17:36

directory now another thing I'm still

17:38

trying to figure out how I want to

17:40

approach this is basically the react

17:42

server components when you hit a page

17:44

you typically need to load some data and

17:47

so the way I've been doing this is I'll

17:49

just call these use cases directly here

17:52

uh before I call the use case I will

17:54

basically get the current user from a

17:56

session and then I'll call the use case

17:58

and pass it the current session and then

18:01

also I'll pass it the um whatever

18:03

arguments I might need and that'll

18:04

return some data for me right and I can

18:06

kind of throw errors inside the react

18:07

server component where I could actually

18:09

have like an errors. TS file handle that

18:12

and display something else uh the kind

18:14

of exemplify what I mean so this is the

18:17

info page it takes in a group ID which

18:19

is loaded from the URL

18:21

here and I basically take that and I

18:24

call a git Group by ID use case let's

18:27

just go ahead and go through the whole

18:28

flow real quick quick so you understand

18:30

uh I call this git Group by ID use case

18:33

in our case I probably should do some

18:35

type of authorization here to make sure

18:37

that there's no like sensitive data

18:39

being leaked but um again you can kind

18:41

of search for a lot of these groups

18:43

publicly and that ends up calling a get

18:45

group by ID method which calls a drizzle

18:47

method to get the first group by an ID

18:50

okay and I don't see any issues with

18:53

doing this as long as you just you know

18:55

make sure you're passing in the user

18:56

sessions again because you're calling

18:58

the user case during your react server

19:00

component and all the business logic is

19:02

kind of encapsulated there now something

19:05

that I might at some point end up

19:07

needing is when you have a complex tree

19:11

and you have to call the same method

19:13

multiple times and your react server

19:15

components typically what you want to do

19:17

is you want to call a cache method which

19:19

is built into next I'm sorry this is

19:21

built into react actually um so you can

19:23

bring in a cache method from react and

19:26

you can wrap your functions with this

19:28

cach uh Factory function

19:31

basically so that as it's traversing

19:34

your react server components if it finds

19:36

the same method it's just going to use

19:38

the cach results for that individual

19:41

request that your user made and then on

19:43

the next request if a new user comes in

19:45

it hits the same page brand new cache

19:47

it's not going to reuse the old stuff

19:49

okay so in some cases you may want to do

19:51

that and I might actually add a new

19:54

folder here or a new file called loaders

19:57

and then I would probably just make a

19:58

new fun function here called like uh get

20:00

group by ID

20:02

loader and then you could basically um

20:05

you want to do this I could just set

20:08

this to

20:09

Cache like this and then I could just

20:12

have this taken a group

20:15

ID like so and then you know call the

20:18

use case in here goad and say return get

20:20

group by ID use case something like that

20:23

and then also in the loader you could

20:24

potentially get the user so get current

20:26

user like this

20:30

so that I can pass it in and then

20:33

obviously we want this to be an

20:34

asynchronous function so we do this if

20:37

for some reason you do end up needing to

20:38

like wrap stuff with the nextjs like try

20:41

to avoid going into your use cases your

20:43

business layer and like trying to add

20:45

cache methods here because again you're

20:47

breaking that Convention of like now

20:48

you're running a react code inside your

20:51

business

20:52

layer okay so technically if I were to

20:55

do that refactoring I could just call

20:56

that loader here and then I can get that

20:58

information information and use it so I

21:00

want to talk on one last Point as to why

21:02

I think this is more maintainable and

21:04

the reason is if you keep all your

21:07

nextjs code out of your business layer

21:11

what you can do is if down the road you

21:13

decide that you know what server actions

21:15

isn't it server actions is just not

21:18

worth doing it's causing more headache I

21:20

rather go back to use form Hooks and go

21:22

back to uh react query and just hit API

21:25

in points well the refactoring involv D

21:28

with doing that is very simple cuz now

21:31

you have this method that it doesn't

21:33

care about anything in nextjs it doesn't

21:35

care about how you're doing you know how

21:38

you're handling your your actions or

21:41

your post requests or mutations it just

21:44

needs some input and so if later on you

21:46

decide you know what I actually want to

21:49

make this an API inpoint well it's super

21:52

easy to just you know have a new API

21:55

inpoint

21:56

directory and invoke this which makes it

21:59

very convenient and a lot more

22:00

maintainable another thing that I've

22:02

seen in some projects is if you don't do

22:04

some type of approach like this you end

22:07

up taking your business layer like your

22:09

your your logic that defines like when a

22:12

user should read something and you end

22:14

up putting it everywhere like you'll

22:16

take this you know there's some certain

22:18

rules that you need to check to see if a

22:19

user has access to get a group and

22:21

you're like oh I'll put it in this react

22:22

server component and then later on

22:24

you'll decide that you need that same

22:26

logic and you'll put it in another place

22:28

maybe you also need in front of the API

22:30

but then you have all this business

22:32

logic that's kind of sprinkled out

22:33

throughout your controller and your

22:34

presentational layer which you'll start

22:37

updating in one place and you'll forget

22:38

to update it somewhere else and then

22:40

it's just a big headache because you've

22:42

basically spread out all of your really

22:44

your core logic throughout your entire

22:47

application it becomes very very hard to

22:48

maintain and understand and also to even

22:51

switch off of in the future if you

22:54

needed to for some reason um anyway I've

22:56

been rambling for a while now so I hope

22:58

you guys enjoyed watching this video

23:00

again I just wanted to get something out

23:01

there for you all and hopefully this

23:03

elevates your knowledge in coding a

23:06

little bit again leave a comment if

23:08

there's a different approach you like to

23:10

make your applications if you're using

23:12

nextjs with server actions let me know

23:14

we can have a discussion about it other

23:16

than that have a good day happy quing