Recently, I struggled with API inconsistencies in a large-scale project—missing fields, unexpected data types, and validation gaps that caused production issues. This frustration led me to explore how Fastify, Zod, and Prisma could create truly type-safe REST APIs in TypeScript. What if you could catch data errors at compile time rather than runtime? Let’s build a solution together.
First, we set up our environment. I prefer a clean workspace with clear dependencies:
npm init -y
npm install fastify @fastify/type-provider-typebox prisma zod
npm install -D typescript @types/node tsxOur tsconfig.json establishes strict TypeScript rules. Notice strict: true—it’s non-negotiable for type safety:
{
"compilerOptions": {
"strict": true,
"target": "ES2022",
"outDir": "./dist"
}
}For database modeling, Prisma’s schema language shines. Here’s how we define a User model with relations. Did you notice how @relation links models explicitly?
model User {
id String @id @default(cuid())
email String @unique
posts Post[]
}
model Post {
id String @id @default(cuid())
title String
author User @relation(fields: [authorId], references: [id])
authorId String
}Run npx prisma generate to create the TypeScript client. This gives us auto-completion for database queries.
Validation is where Zod excels. Instead of loose interfaces, we define strict schemas:
import { z } from 'zod';
const UserSchema = z.object({
email: z.string().email(),
password: z.string().min(8)
});When combined with Fastify’s type provider, we get end-to-end type inference:
import { TypeBoxTypeProvider } from '@fastify/type-provider-typebox';
const app = fastify().withTypeProvider<TypeBoxTypeProvider>();
app.post('/users', {
schema: {
body: UserSchema
},
handler: async (req) => {
// req.body is fully typed!
return prisma.user.create({ data: req.body });
}
});For pagination, consider this reusable pattern. How might we extend this for complex filters?
const PaginationSchema = z.object({
page: z.number().int().positive().default(1),
limit: z.number().min(1).max(100).default(20)
});
app.get('/posts', {
schema: { querystring: PaginationSchema },
handler: async (req) => {
const { page, limit } = req.query;
return prisma.post.findMany({
skip: (page - 1) * limit,
take: limit
});
}
});Error handling needs special attention. We use Fastify hooks:
app.setErrorHandler((error, request, reply) => {
if (error instanceof z.ZodError) {
reply.code(400).send({
error: 'Validation failed',
details: error.issues
});
}
});Testing becomes straightforward with Vitest:
import { test } from 'vitest';
import app from './app';
test('POST /users rejects invalid emails', async () => {
const response = await app.inject({
method: 'POST',
path: '/users',
payload: { email: 'not-an-email' }
});
expect(response.statusCode).toBe(400);
});In production, remember these essentials:
# Enable compression and logging
npm install @fastify/compress @fastify/helmet pino-pretty
# In server.ts
app.register(require('@fastify/compress'));
app.register(require('@fastify/helmet'));This approach caught 90% of our data-related bugs during development. The synergy between Zod’s validation, Prisma’s type-safe queries, and Fastify’s performance creates a robust foundation. Have you considered how type safety could reduce your debugging time?
What challenges have you faced in API development? Share your experiences below—I’d love to hear your solutions. If this resonates with you, please like or share this with others who might benefit.
