I’ve built quectoCMS, a very small content management system in Python using Flask and SQLite.
It stores pages, blocks, and comments in a single database file and uses plain HTML forms without JavaScript.
Everything fits into a few Python files and templates — easy to read, easy to modify.

Code […]

Day 18

Today I debugged an issue with accessing backend endpoints from a Next.js frontend talking to a NestJS API.

The browser was blocking requests due to a CORS error — the Authorization header was not allowed in the preflight response. Even though frontend domains were correctly set, I […]

Day 17
Not just code today.

Prepared a full-stack presentation (pitch → details → tech) to showcase company setup, platform progress, and team readiness. Also refined our internal documentation and SDLC overview.

Bonus: set up a self-hosted NextCloud for chat, tasks, calendars, forms, and […]

Day 16
Just published a deep dive into building a secure login page with Next.js, NestJS, JWT, and PostgreSQL.

- Email verification
- Role-based access control
- Subscription enforcement
- Token decoding in frontend
- SQL-level inserts for system roles

Includes full code snippets and […]

Day 15

Today I implemented full user registration with email verification.
Registration creates an inactive account and sends a verification link with a JWT token.
Verification activates the account if the token is valid and not expired,
and assigns the user to the default trial subscription […]

Got banned from write.as for triggering an anti-SEO alert — apparently too many links to http://localhost (yes, really). I emailed support right away, assuming it would be resolved quickly. Two weeks later: still banned.

So I took it personally.

According to their rules, I need to delete all […]

Day 13 (oh, really? ;))

Registration Form Implementation
I've just finished implementing a registration form with validation and language switching using Next.js and React Hook Form. Now users can register with dynamic language support (English/Polish) and data validation (email, password […]

Day 12
version 0.6.0 released
Scoped access is now enforced across all core modules. Each repository operation is tenant-aware via a shared ScopedRepository base class.

Key facts:

12 modules refactored
96 updated tests
1 shared base class (ScopedRepository) used across the board

subscriberId […]

Implemented password reset functionality using JWT:

/auth/remind-password generates a short-lived token and sends it via email

/auth/reset-password verifies the token and updates the password using bcrypt

Validation handled with class-validator.
Endpoints documented with Swagger.
Token secret […]

Day 10
Well, technically it’s been a few days.

I just finished populating the entire partner-contracts layer in our system. That means hundreds of users, each linked to the correct unit, with the proper supervisor, job title, and contract type. All of it reflected in a single, consistent data […]

TL;DR:🧵

Today I lost 2 hours because TypeORM + ESM + NestJS is a fragile combo when it comes to migrations.

No migration:status.
No ESM-compatible CLI.
No schema awareness.
Class name must match filename (with timestamp!).

So I wrote my own migration-status.ts script to compare database state […]

Day 9
TL;DR: Forgejo

Installed Forgejo and configured its native runner from scratch on Debian. Started with Woodpecker, but it turned out unnecessary. Everything now works locally with Docker integration and a working CI workflow.

https://is.gd/JiF5mX

#forgejo #selfhosted #CI #devops […]

TL;DR: Yesterday I took a break. Today I’m back – and permissions are under control :)

Spent the day designing a fine-grained permission model.
I now support 96 distinct permissions across 8 modules, 4 CRUD operations, and 3 scopes: self, group, global.

Three system roles bind these into […]

Day 7
✅ 24 test suites, 153 tests passing.

Solid coverage across service and controller layers in our modular monorepo. Strict typing (TypeScript), full DTO validation, and realistic mocks across complex relations (TypeORM).

Next: fine-tuning error handling & exploring e2e strategies […]

Day 6
TL;DR: Groups, memberships, hierarchy — all dynamic now.

Released backend v0.3.0 🎉

✅ Users can belong to multiple groups with typed roles
✅ Groups can form hierarchical or overlapping structures
✅ Roles are normalized via reference types

Built with NestJS + TypeORM. Documented via […]

Day 5
TL;DR: Continued work on backend security — role-based access is now fully wired up.

✅ Got fine-grained role-based access control fully working today.

• Roles loaded from PostgreSQL
• Injected into JWT during login
• Validated via custom `@Roles()` + `RolesGuard`
• Authenticated via […]