Tech Stack
Architecture Overview
Section titled “Architecture Overview”TheTerms is a Turborepo monorepo with a Next.js 14 web application at its core. The backend uses tRPC for type-safe API communication, Prisma for database access, and NextAuth for authentication.
Browser → Next.js App Router → tRPC Router → Prisma ORM → PostgreSQL ↕ NextAuth (JWT) ↕ Redis (cache)Technology Choices
Section titled “Technology Choices”| Layer | Technology | Why |
|---|---|---|
| Monorepo | Turborepo + pnpm workspaces | Shared code between packages without publish cycles |
| Framework | Next.js 14 (App Router) | Server components, streaming, output: "standalone" for Docker |
| API | tRPC v10 + React Query | End-to-end type safety from database to UI, no code generation |
| Auth | NextAuth v5 (beta) | JWT sessions, Google/Microsoft OAuth, credential provider |
| ORM | Prisma 6 | Type-safe queries, automatic migrations, PostgreSQL support |
| Database | PostgreSQL 14+ | ACID transactions, JSON support, mature ecosystem |
| Cache | Redis 6+ | Session caching, job queues (future) |
| Resend | Developer-friendly API, React Email templates | |
| UI | Tailwind CSS + shadcn/ui | Utility-first styling, accessible component primitives |
| Rich Text | TipTap v3 | Extensible ProseMirror-based editor, SSR-compatible |
| Drag & Drop | dnd-kit | Accessible drag-and-drop for clause reordering |
| Testing | Vitest + Testing Library | Fast unit/integration tests with live database |
Key Architectural Decisions
Section titled “Key Architectural Decisions”tRPC over REST
Section titled “tRPC over REST”TheTerms uses tRPC instead of REST for the internal API. This provides compile-time type safety between the server and client — when a router procedure changes its input or output type, TypeScript catches mismatches immediately.
The public REST API (planned) will be built on top of tRPC using a separate layer, generating an OpenAPI spec for external consumers.
JWT Sessions over Database Sessions
Section titled “JWT Sessions over Database Sessions”NextAuth is configured with JWT strategy. Sessions are stored in signed cookies rather than a database table. This avoids a database lookup on every request and simplifies horizontal scaling. The trade-off is that session revocation requires token expiry rather than immediate invalidation.
Standalone Docker Output
Section titled “Standalone Docker Output”The Next.js output: "standalone" setting produces a self-contained Node.js server with only the required dependencies. This dramatically reduces the Docker image size compared to copying the full node_modules.
Prisma Binary Targets
Section titled “Prisma Binary Targets”The Prisma schema includes binaryTargets: ["native", "linux-musl-openssl-3.0.x"] to support both local development (macOS/Linux) and Alpine-based Docker containers.