Request Lifecycle
Understand how an HTTP request flows through the Ever Gauzy API from entry to response.
Overviewβ
Phase 1: Middlewareβ
Express middleware processes the raw request:
| Middleware | Purpose |
|---|---|
helmet | Security headers |
cors | CORS handling |
compression | Response compression |
body-parser | JSON body parsing |
cookie-parser | Cookie parsing |
Phase 2: Guardsβ
Guards determine if the request is authorized:
| Guard | Order | Purpose |
|---|---|---|
TenantPermissionGuard | 1st | Extract and validate tenant |
PermissionGuard | 2nd | Check user permissions |
RoleGuard | 3rd | Check user role (optional) |
FeatureFlagGuard | 4th | Check feature availability |
Phase 3: Interceptorsβ
Interceptors transform request/response:
| Interceptor | Purpose |
|---|---|
TransformInterceptor | Standardize response format |
TimeoutInterceptor | Request timeout handling |
LazyLoadInterceptor | Lazy-load relations |
Phase 4: Pipesβ
Pipes validate and transform input:
| Pipe | Purpose |
|---|---|
ValidationPipe | DTO class-validator |
UUIDValidationPipe | UUID parameter validation |
ParseJsonPipe | JSON query param parsing |
Phase 5: Controller β Service β Repositoryβ
The actual business logic execution:
- Controller β route handler, delegates to service
- Service β business logic, tenant filtering
- Repository β database operations (TypeORM/MikroORM)
Phase 6: Responseβ
The response flows back through interceptors for transformation before being sent to the client.
Error Handlingβ
Errors at any phase are caught by the global exception filter:
Related Pagesβ
- Guard & Interceptor Chain β detailed guard docs
- Error Handling Architecture β error patterns
- Backend Architecture β system overview