Back to Projects

Ecovest API

2025

Investment Platform Backend with AI Recommendations

View LiveView Code
E
Node.jsTypeScriptExpressMongoDBJWTAICron

The Challenge

Investment platforms need to handle sensitive user data securely, simulate live portfolio performance in real time, and surface intelligent recommendations that help users make better decisions. Building this as a clean, extensible backend — one that could serve as a real product foundation rather than a throwaway demo — required careful architecture decisions around auth, data modelling, background processing, and the AI layer.

The Solution

Built the Ecovest API as a structured Express/Mongoose skeleton with production-ready patterns throughout. JWT authentication with cookie-based sessions handles secure user access. A cron-based investment simulation engine runs on a configurable schedule, updating portfolio values in the background to mimic live market behaviour. The dashboard endpoint aggregates portfolio data efficiently. The AI recommendations module is architected as a clean placeholder — structured to accept real OpenAI calls without touching the rest of the system.

Impact

  • Delivered a production-ready MVP skeleton that can be extended into a real product
  • Implemented secure JWT authentication with cookie-based session management
  • Built a background investment simulation engine using configurable cron scheduling
  • Designed a dashboard aggregation endpoint that scales with portfolio complexity
  • Architected the AI layer for seamless integration with real LLM providers
  • Provided a clean, documented codebase that other developers can build on immediately

Key Features

JWT authentication with bcrypt password hashing and cookie-based sessions

User registration and login with secure credential handling

Investment model with demo balance and portfolio tracking

Cron-based simulation engine for live investment value updates

Protected dashboard route with portfolio aggregation

AI recommendations module — structured for OpenAI integration

Background updater logic for continuous portfolio simulation

Modular file structure: models, controllers, routes, middleware, utils

Tech Stack

Node.js with TypeScript (tsx/ts-node)
Express.js for routing and middleware
MongoDB with Mongoose for data modelling
bcryptjs for password hashing
jsonwebtoken for JWT auth
cookie-parser for session management
node-cron for background job scheduling
dotenv for environment configuration

Lessons Learned

  • A well-structured skeleton is worth more than a feature-complete mess
  • Cron-based simulation is a practical way to demo live data without a real market feed
  • Architecting the AI layer as a clean interface makes swapping providers trivial
  • JWT with cookies is more secure than localStorage for financial applications
  • Background jobs need explicit lifecycle management to avoid memory leaks
  • Clear separation between auth, business logic, and data layers makes testing straightforward

Interested in working together?

Let's build something amazing.

Get in Touch