Potential improvements

Improvements that could be implemented in the future.

Before finishing this module, I would just like to discuss a bit about two possible improvements we could apply, but won't do so now due to technical restraints.

The first improvement we could make is to enforce that all non-public routes should receive the @ApiUnauthorizedResponse() decorator, which indicates that a route may return a response with the UNAUTHORIZED status. The same could be thought about the routes that require roles, and the @ApiForbiddenResponse() decorator. However, at least to my knowledge, it is currently still not possible to implement this, as custom plugins for the Nest CLI are still experimental (see discussion).

And second, notice that the response schemas generated by Swagger are not always accurate. For instance, in the findOne() route in the UsersController, it simply understands that a User is returned, but not with which relations, for example. This results in almost the entire database schema being shown in the sample response. This could be improved by manually describing entities' schemas, but this would be very laborious and won't be done here. Of course, the reader is welcome to try if they want to.