Send MMS with NestJS and Twilio: A Production-Ready Guide

Multimedia Messaging Service (MMS) allows you to enrich your user communication by sending images, GIFs, and other media alongside text. Integrating MMS capabilities into your applications can significantly enhance user engagement and provide richer context than SMS alone.

This guide provides a step-by-step walkthrough for building a robust NestJS application capable of sending MMS messages via the Twilio Programmable Messaging API. We'll cover everything from initial project setup and configuration to error handling, security considerations, and deployment best practices, ensuring you have a production-ready solution.

Project Overview and Goals

What We'll Build:

We will create a NestJS backend application featuring a dedicated API endpoint (/mms) that accepts requests to send MMS messages. This endpoint will securely interact with the Twilio API to deliver messages containing text and media (specified by publicly accessible URLs) to designated recipients.

Problem Solved:

This project provides a structured, scalable, and maintainable way to integrate Twilio MMS functionality into any NestJS-based system. It abstracts the complexities of direct Twilio API interaction behind a clean NestJS service and controller layer, incorporating best practices for configuration, validation, and error handling.

Technologies Used:

Node.js: The underlying JavaScript runtime environment. (v18 or later recommended)
NestJS: A progressive Node.js framework for building efficient, reliable, and scalable server-side applications using TypeScript.
TypeScript: Superset of JavaScript adding static types.
Twilio: A cloud communications platform providing APIs for SMS, MMS, voice, video, and more. We'll use their Node.js helper library.
dotenv: Module for loading environment variables from a .env file.
(Optional) Prisma: A modern database toolkit for TypeScript and Node.js (if message logging is desired).
(Optional) Docker: For containerizing the application for deployment.

System Architecture:

The basic flow involves a client (like a frontend app, Postman, or another service) making an HTTP POST request to our NestJS API. The NestJS application validates the request, uses the Twilio SDK (configured with credentials from environment variables) to call the Twilio Messaging API, which then handles the delivery of the MMS message to the end user's mobile device.

sequenceDiagram
    participant Client
    participant NestJS API
    participant Twilio API
    participant Mobile Device

    Client->&gt;+NestJS API: POST /mms (to, body, mediaUrls)
    NestJS API->&gt;NestJS API: Validate Request (DTO)
    NestJS API->&gt;NestJS API: Load Twilio Credentials (.env / Env Vars)
    NestJS API->&gt;+Twilio API: client.messages.create({to, from, body, mediaUrl: [...]})
    Twilio API->&gt;Twilio API: Process & Send MMS
    Twilio API-->&gt;-NestJS API: Return Message SID / Status
    Twilio API->&gt;+Mobile Device: Deliver MMS
    Mobile Device-->&gt;-Twilio API: Delivery Confirmation (async)
    NestJS API-->&gt;-Client: Return Success/Error Response (e.g., { messageSid: 'SM...' })

Prerequisites:

Node.js: Version 18.x or later installed. Verify with node -v.
npm or yarn: Package manager installed. Verify with npm -v or yarn -v.
NestJS CLI: Installed globally (npm install -g @nestjs/cli).
Twilio Account:
- Sign up for a free Twilio account here.
- Obtain your Account SID and Auth Token from the Twilio Console dashboard.
- Purchase or use an existing Twilio Phone Number with MMS capabilities. Note that MMS via Twilio numbers is primarily supported in the US and Canada. You can buy a number via the Phone Numbers section in the Console.
Code Editor: Such as VS Code.
Terminal/Command Prompt: For running commands.
(Optional) Git: For version control.
(Optional) Postman or curl: For testing the API endpoint.

1. Setting Up the NestJS Project

Let's initialize our NestJS project and install the necessary dependencies.

Create a New NestJS Project: Open your terminal and run the NestJS CLI command to scaffold a new project. Replace nestjs-twilio-mms with your preferred project name.
```
nest new nestjs-twilio-mms
```
Choose your preferred package manager (npm or yarn) when prompted.
Navigate into Project Directory:
```
cd nestjs-twilio-mms
```
Install Dependencies: We need the official Twilio Node.js helper library and dotenv for managing environment variables. We also need NestJS configuration and validation packages.
```
# Using npm
npm install twilio dotenv @nestjs/config class-validator class-transformer

# Using yarn
yarn add twilio dotenv @nestjs/config class-validator class-transformer
```
- twilio: The official SDK for interacting with the Twilio API.
- dotenv: Loads environment variables from a .env file into process.env.
- @nestjs/config: Provides configuration management for NestJS applications.
- class-validator & class-transformer: Used for request data validation via Data Transfer Objects (DTOs).

Configure Environment Variables: Create a file named .env in the root directory of your project. This file will store sensitive credentials and configuration details securely. Never commit this file to version control.

Add a .gitignore entry if it doesn't exist:
```
# .gitignore
node_modules
dist
.env
```

Populate the .env file with your Twilio credentials and phone number:

# .env

# Twilio Credentials - Find these in your Twilio Console: https://console.twilio.com/
TWILIO_ACCOUNT_SID=ACxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
TWILIO_AUTH_TOKEN=your_auth_token_xxxxxxxxxxxxxxx

# Twilio Phone Number - Must be an MMS-enabled number from your Twilio account
# Use E.164 format (e.g., +15551234567)
TWILIO_PHONE_NUMBER=+1xxxxxxxxxx

# Application Port (Optional)
PORT=3000

Replace the placeholder values (ACxxx..., your_auth_token..., +1xxx...) with your actual credentials and phone number.

Load Configuration in AppModule: Modify src/app.module.ts to load the environment variables using @nestjs/config.

// src/app.module.ts
import { Module } from '@nestjs/common';
import { ConfigModule } from '@nestjs/config'; // Import ConfigModule
import { AppController } from './app.controller';
import { AppService } from './app.service';
import { MmsModule } from './mms/mms.module'; // We will create this soon

@Module({
  imports: [
    ConfigModule.forRoot({
      isGlobal: true, // Makes ConfigModule available globally
      envFilePath: '.env', // Specify the env file path (useful for local dev)
      // In production, environment variables are typically set directly
    }),
    MmsModule, // Import our MMS module
  ],
  controllers: [AppController],
  providers: [AppService],
})
export class AppModule {}

Setting isGlobal: true makes the ConfigService available throughout the application without needing to import ConfigModule in other modules.

2. Implementing Core MMS Functionality (NestJS Service)

We'll encapsulate the Twilio interaction logic within a dedicated NestJS service.

Generate the MMS Module and Service: Use the NestJS CLI to generate a new module and service for MMS handling.
```
nest generate module mms
nest generate service mms --no-spec # Use --no-spec to skip generating test file for now
```
This creates src/mms/mms.module.ts and src/mms/mms.service.ts. The MmsModule is automatically imported into AppModule if you generated it after setting up the AppModule imports.

Implement the MmsService: Open src/mms/mms.service.ts and implement the logic to send MMS messages using the Twilio client.

// src/mms/mms.service.ts
import { Injectable, Logger, InternalServerErrorException, BadRequestException } from '@nestjs/common';
import { ConfigService } from '@nestjs/config';
import * as Twilio from 'twilio'; // Use wildcard import for Twilio namespace
import { MessageInstance } from 'twilio/lib/rest/api/v2010/account/message';

@Injectable()
export class MmsService {
  private readonly logger = new Logger(MmsService.name);
  private twilioClient: Twilio.Twilio; // Type the client correctly
  private twilioPhoneNumber: string;

  constructor(private configService: ConfigService) {
    const accountSid = this.configService.get<string&gt;('TWILIO_ACCOUNT_SID');
    const authToken = this.configService.get<string&gt;('TWILIO_AUTH_TOKEN');
    this.twilioPhoneNumber = this.configService.get<string&gt;('TWILIO_PHONE_NUMBER');

    if (!accountSid || !authToken || !this.twilioPhoneNumber) {
      this.logger.error('Twilio configuration (Account SID, Auth Token, Phone Number) is missing or invalid.');
      // Throw InternalServerErrorException because this is a server configuration issue
      throw new InternalServerErrorException('Twilio configuration is missing or invalid.');
    }

    try {
        this.twilioClient = Twilio(accountSid, authToken); // Initialize Twilio client
        this.logger.log('Twilio client initialized successfully.');
    } catch (error) {
        const errorMessage = error instanceof Error ? error.message : String(error);
        this.logger.error(`Failed to initialize Twilio client: ${errorMessage}`, error instanceof Error ? error.stack : undefined);
        throw new InternalServerErrorException(`Failed to initialize Twilio client: ${errorMessage}`);
    }
  }

  /**
   * Sends an MMS message using Twilio.
   * @param to The recipient's phone number in E.164 format (e.g., +15551234567).
   * @param body The text body of the message.
   * @param mediaUrls An array of publicly accessible URLs for the media attachments (up to 10).
   * @returns A Promise resolving to the Twilio MessageInstance.
   */
  async sendMms(to: string, body: string, mediaUrls: string[]): Promise<MessageInstance&gt; {
    this.logger.log(`Attempting to send MMS to ${to} with ${mediaUrls.length} media items.`);

    if (mediaUrls.length === 0) {
        this.logger.warn('No media URLs provided. Sending as SMS instead.');
        // Note: Twilio automatically sends as SMS if mediaUrl is empty/omitted,
        // but the DTO currently requires mediaUrls. Modify DTO if SMS fallback is desired.
    }
    if (mediaUrls.length &gt; 10) {
        this.logger.error(`Cannot send more than 10 media items. Provided: ${mediaUrls.length}`);
        // Use BadRequestException as this is a client-provided data issue
        throw new BadRequestException('Exceeded maximum number of media attachments (10).');
    }

    try {
      const message = await this.twilioClient.messages.create({
        to: to,
        from: this.twilioPhoneNumber,
        body: body,
        mediaUrl: mediaUrls, // Pass the array directly
      });

      this.logger.log(`MMS sent successfully! Message SID: ${message.sid}`);
      return message;
    } catch (error) {
      const errorMessage = error instanceof Error ? error.message : String(error);
      this.logger.error(`Failed to send MMS to ${to}: ${errorMessage}`, error instanceof Error ? error.stack : undefined);
      // Consider mapping specific Twilio errors (e.g., 21211 invalid 'to' number)
      // to different NestJS exceptions (e.g., BadRequestException) if needed.
      // For now, rethrow as InternalServerErrorException for simplicity.
      throw new InternalServerErrorException(`Failed to send MMS via Twilio: ${errorMessage}`);
    }
  }
}

Dependency Injection: We inject ConfigService to safely access our environment variables.
Twilio Client Initialization: The Twilio client is initialized in the constructor using credentials from ConfigService. Checks ensure variables are present, throwing InternalServerErrorException on failure. The error message is more general now.
sendMms Method: This asynchronous method takes the recipient (to), message body (body), and an array of mediaUrls.
Media Limit Check: Uses BadRequestException if more than 10 media URLs are provided.
mediaUrl Parameter: The Twilio Node.js library accepts an array of strings for the mediaUrl parameter.
Error Handling: Basic logging uses NestJS's Logger. Errors during message sending are caught, logged, and rethrown as InternalServerErrorException. Specific Twilio errors could be handled more granularly. Improved error message extraction.
Logging: Key events like initialization, sending attempts, success, and failures are logged.

Provide ConfigService in MmsModule: Ensure ConfigService is available within the MmsModule. Since we made ConfigModule global in AppModule, no extra import is needed here.

3. Building the API Layer (NestJS Controller)

Now, let's create an API endpoint to trigger the MmsService.

Generate the MMS Controller:
```
nest generate controller mms --no-spec
```
This creates src/mms/mms.controller.ts.

Create a Data Transfer Object (DTO) for Validation: DTOs define the expected shape of request data and enable automatic validation using class-validator. Create a file src/mms/dto/send-mms.dto.ts.

// src/mms/dto/send-mms.dto.ts
import { IsString, IsNotEmpty, IsPhoneNumber, IsArray, ArrayMaxSize, ArrayNotEmpty, IsUrl, MaxLength } from 'class-validator';

export class SendMmsDto {
  @IsPhoneNumber(null, { message: 'Recipient phone number must be a valid E.164 format string (e.g., +15551234567).' }) // Validates E.164 format
  @IsNotEmpty({ message: 'Recipient phone number (to) cannot be empty.' })
  to: string;

  @IsString()
  @IsNotEmpty({ message: 'Message body cannot be empty.' })
  @MaxLength(1600, { message: 'Message body cannot exceed 1600 characters.'}) // Standard MMS character limit (generous)
  body: string;

  @IsArray()
  @ArrayNotEmpty({ message: 'At least one media URL must be provided for MMS.' })
  @ArrayMaxSize(10, { message: 'Cannot attach more than 10 media items.' })
  @IsUrl({}, { each: true, message: 'Each media URL must be a valid, publicly accessible URL.' }) // Validate each item in the array is a URL
  mediaUrls: string[];
}

We use decorators like @IsPhoneNumber, @IsString, @IsArray, @IsUrl, @ArrayMaxSize, etc., to define validation rules.
Messages provide user-friendly error feedback.

Implement the MmsController: Open src/mms/mms.controller.ts and define the POST endpoint.

// src/mms/mms.controller.ts
import { Controller, Post, Body, HttpCode, HttpStatus, Logger } from '@nestjs/common';
import { MmsService } from './mms.service';
import { SendMmsDto } from './dto/send-mms.dto';

@Controller('mms') // Route prefix for this controller
export class MmsController {
  private readonly logger = new Logger(MmsController.name);

  constructor(private readonly mmsService: MmsService) {}

  @Post() // Handles POST requests to /mms
  @HttpCode(HttpStatus.ACCEPTED) // Return 202 Accepted as sending is async
  // ValidationPipe is applied globally in main.ts
  async sendMms(@Body() sendMmsDto: SendMmsDto): Promise&lt;{ messageSid: string; status: string }&gt; {
    this.logger.log(`Received request to send MMS to: ${sendMmsDto.to}`);

    const { to, body, mediaUrls } = sendMmsDto;

    // No try-catch needed here if we let exceptions propagate
    // NestJS global exception filters (or default handler) will catch errors
    // from the service or validation pipe.
    const message = await this.mmsService.sendMms(to, body, mediaUrls);

    this.logger.log(`MMS queued successfully for SID: ${message.sid}`);
    // Return the SID and initial status (usually 'queued' or 'sending')
    return { messageSid: message.sid, status: message.status };
  }
}

@Controller('mms'): Sets the base route path to /mms.
@Post(): Decorator for handling HTTP POST requests.
@Body(): Extracts the request body and implicitly validates/transforms it if a global pipe is enabled.
@HttpCode(HttpStatus.ACCEPTED): Sets the default response status code to 202 Accepted.
Dependency Injection: MmsService is injected.
Response: Returns the messageSid and initial status from Twilio.
Removed @UsePipes: We will enable the ValidationPipe globally.

Enable Global Validation Pipe (Recommended): Modify src/main.ts to enable the validation pipe for all incoming requests.

// src/main.ts
import { NestFactory } from '@nestjs/core';
import { AppModule } from './app.module';
import { ValidationPipe, Logger } from '@nestjs/common'; // Import Logger
import { ConfigService } from '@nestjs/config'; // Import ConfigService

async function bootstrap() {
  const app = await NestFactory.create(AppModule);
  const logger = new Logger('Bootstrap'); // Create logger instance

  // Enable CORS
  app.enableCors({
      // WARNING: Allow all origins in dev. Use env variables for specific origins in production!
      origin: process.env.CORS_ORIGIN || '*',
      methods: 'GET,HEAD,PUT,PATCH,POST,DELETE',
      allowedHeaders: 'Content-Type, Accept, Authorization',
  });
  // Example: Add CORS_ORIGIN=https://yourfrontend.com to .env for production

  // Apply global validation pipe
  app.useGlobalPipes(
    new ValidationPipe({
      whitelist: true, // Strip properties not in DTO
      transform: true, // Transform payloads to DTO instances
      forbidNonWhitelisted: true, // Throw error if extra properties are sent
      transformOptions: {
        enableImplicitConversion: true, // Allow basic type conversions
      },
    }),
  );

  const configService = app.get(ConfigService); // Get ConfigService instance
  const port = configService.get<number&gt;('PORT') || 3000; // Get port from .env or default

  await app.listen(port);
  logger.log(`Application is running on: ${await app.getUrl()}`);
}
bootstrap();

Now the ValidationPipe configured here will automatically apply to the @Body() in MmsController.

4. Integrating with Twilio (Recap and Details)

Credentials: TWILIO_ACCOUNT_SID and TWILIO_AUTH_TOKEN are fetched from environment variables using @nestjs/config and ConfigService.
- Obtaining: Twilio Console.
- Security: Use .env locally; use platform secret management in production.
Twilio Phone Number: TWILIO_PHONE_NUMBER fetched from environment variables.
- Obtaining: Twilio Console Phone Numbers. Ensure MMS capability (US/Canada primarily). Use E.164 format (+1...).
Twilio Client Initialization: Twilio(accountSid, authToken) in MmsService constructor.
API Call: this.twilioClient.messages.create(...) makes the authenticated request.

5. Error Handling, Logging, and Retries

Error Handling Strategy:
- Validation Errors: Handled by the global ValidationPipe, returning 400 Bad Request.
- Configuration Errors: Checked in MmsService constructor, throws 500 Internal Server Error.
- Twilio API Errors: Caught in MmsService, logged, and rethrown (currently as 500 Internal Server Error). Consider mapping specific Twilio error codes (e.g., 21211) to more specific NestJS exceptions (BadRequestException, NotFoundException) in the service if needed.
- Global Exception Filter (Optional): Implement a custom filter for centralized error formatting and handling. See NestJS Documentation - Exception Filters.
Logging:
- NestJS Logger used in service and controller.
- Logs cover initialization, requests, sending attempts, success (with SID), and failures.
- Levels/Formats: Consider adjusting levels and using structured JSON logging (e.g., with Pino) in production.
Retry Mechanisms:
- Consider libraries like async-retry or queue systems (Bull) for retrying transient Twilio API errors.
- Caution: Only retry potentially recoverable errors (network issues, temporary Twilio outages), not permanent ones (invalid number, auth failure). Check Twilio error codes. Avoid creating duplicate messages.

6. Database Schema and Data Layer (Optional)

Track message status and details using Prisma.

Install Prisma: npm install prisma @prisma/client --save-dev
Initialize Prisma: npx prisma init --datasource-provider postgresql (adjust provider). Update DATABASE_URL in .env.

Define Schema (prisma/schema.prisma):

// prisma/schema.prisma
generator client {
  provider = ""prisma-client-js""
}

datasource db {
  provider = ""postgresql"" // Match your chosen provider
  url      = env(""DATABASE_URL"")
}

model SentMms {
  id           String    @id @default(cuid())
  // twilioSid is nullable because we might log before getting a SID (e.g., pre-send failure)
  // It should be unique for messages successfully accepted by Twilio.
  twilioSid    String?   @unique @map(""twilio_sid"")
  to           String
  from         String
  body         String?
  mediaUrls    String[]  @map(""media_urls"")
  status       String    // e.g., queued, sending, sent, delivered, failed, undelivered
  errorCode    Int?      @map(""error_code"")
  errorMessage String?   @map(""error_message"")
  createdAt    DateTime  @default(now()) @map(""created_at"")
  updatedAt    DateTime  @updatedAt @map(""updated_at"")

  @@map(""sent_mms"")
}

Note: twilioSid is now String? (nullable) but still @unique (allowing multiple nulls but only one entry per actual SID). Corrected provider strings.

Apply Migrations: npx prisma migrate dev --name init-mms-table
Generate Prisma Client: npx prisma generate
Create Prisma Service (src/prisma/prisma.service.ts): (Generate with nest g service prisma --no-spec and implement standard Prisma service setup). Ensure it's provided and exported in a PrismaModule.

Inject and Use PrismaService in MmsService:

// src/mms/mms.service.ts
// ... other imports ...
import { PrismaService } from '../prisma/prisma.service'; // Adjust path if needed
import { Prisma } from '@prisma/client'; // Import Prisma namespace for types
import { MessageInstance } from 'twilio/lib/rest/api/v2010/account/message'; // Ensure MessageInstance is imported

@Injectable()
export class MmsService {
  private readonly logger = new Logger(MmsService.name);
  private twilioClient: Twilio.Twilio;
  private twilioPhoneNumber: string;

  constructor(
    private configService: ConfigService,
    private prisma: PrismaService // Inject PrismaService
  ) {
    // ... Twilio client init (as before) ...
    const accountSid = this.configService.get<string&gt;('TWILIO_ACCOUNT_SID');
    const authToken = this.configService.get<string&gt;('TWILIO_AUTH_TOKEN');
    this.twilioPhoneNumber = this.configService.get<string&gt;('TWILIO_PHONE_NUMBER');

    if (!accountSid || !authToken || !this.twilioPhoneNumber) {
      this.logger.error('Twilio configuration (Account SID, Auth Token, Phone Number) is missing or invalid.');
      throw new InternalServerErrorException('Twilio configuration is missing or invalid.');
    }

    try {
        this.twilioClient = Twilio(accountSid, authToken);
        this.logger.log('Twilio client initialized successfully.');
    } catch (error) {
        const errorMessage = error instanceof Error ? error.message : String(error);
        this.logger.error(`Failed to initialize Twilio client: ${errorMessage}`, error instanceof Error ? error.stack : undefined);
        throw new InternalServerErrorException(`Failed to initialize Twilio client: ${errorMessage}`);
    }
  }

  async sendMms(to: string, body: string, mediaUrls: string[]): Promise<MessageInstance&gt; {
    this.logger.log(`Attempting to send MMS to ${to} with ${mediaUrls.length} media items.`);

    if (mediaUrls.length &gt; 10) {
        this.logger.error(`Cannot send more than 10 media items. Provided: ${mediaUrls.length}`);
        throw new BadRequestException('Exceeded maximum number of media attachments (10).');
    }

    // Prepare record data before sending
    let messageRecordData: Prisma.SentMmsCreateInput = {
        twilioSid: null, // Will be updated on success
        to: to,
        from: this.twilioPhoneNumber,
        body: body,
        mediaUrls: mediaUrls,
        status: 'pending', // Initial status before sending
        errorCode: null,
        errorMessage: null,
    };

    try {
      const message = await this.twilioClient.messages.create({
        to: to,
        from: this.twilioPhoneNumber,
        body: body,
        mediaUrl: mediaUrls,
      });

      this.logger.log(`MMS sent successfully! Message SID: ${message.sid}`);

      // Update record with SID and status from Twilio
      messageRecordData.twilioSid = message.sid;
      messageRecordData.status = message.status;
      messageRecordData.errorCode = message.errorCode;
      messageRecordData.errorMessage = message.errorMessage;

      // Save successful attempt to database (fire-and-forget or await)
      this.saveMmsRecord(messageRecordData);

      return message;

    } catch (error) {
      const errorMessage = error instanceof Error ? error.message : String(error);
      // Attempt to get Twilio error code if available (structure might vary)
      const errorCode = typeof error === 'object' && error !== null && 'code' in error ? Number(error.code) : null;

      this.logger.error(`Failed to send MMS to ${to}: ${errorMessage}`, error instanceof Error ? error.stack : undefined);

      // Update the prepared record with failure details
      messageRecordData.status = 'failed';
      messageRecordData.errorCode = isNaN(errorCode) ? null : errorCode;
      messageRecordData.errorMessage = errorMessage.substring(0, 255); // Limit error message length if needed

      // Save failed attempt record (twilioSid remains null)
      this.saveMmsRecord(messageRecordData);

      // Rethrow original error for controller/global handler
      throw new InternalServerErrorException(`Failed to send MMS via Twilio: ${errorMessage}`);
    }
  }

  // Helper method to save record and handle potential DB errors
  private async saveMmsRecord(data: Prisma.SentMmsCreateInput): Promise<void&gt; {
      try {
          await this.prisma.sentMms.create({ data });
          this.logger.log(`MMS record saved/updated for SID: ${data.twilioSid ?? 'N/A (failed pre-send)'}`);
      } catch (dbError) {
          const errorMessage = dbError instanceof Error ? dbError.message : String(dbError);
          this.logger.error(`Failed to save MMS record to DB: ${errorMessage}`, dbError instanceof Error ? dbError.stack : undefined);
          // Decide how to handle DB errors - log, alert, add to retry queue?
      }
  }
}

We now prepare the record data before the Twilio call.
On success, we update the record with the SID and status, then save.
On failure, we update the status/error fields in the prepared record (leaving twilioSid as null) and save the failure record.
A helper function handles the actual save and logs DB errors. Added constructor back for clarity.

7. Adding Security Features

Input Validation: Handled by class-validator and the global ValidationPipe.
Environment Variable Security: Use .env locally, platform secrets in production.

Rate Limiting: Use nestjs-throttler.

Install: npm install @nestjs/throttler

Setup (in src/app.module.ts):

// src/app.module.ts
import { Module } from '@nestjs/common';
import { ConfigModule } from '@nestjs/config';
import { ThrottlerModule, ThrottlerGuard } from '@nestjs/throttler';
import { APP_GUARD } from '@nestjs/core';
import { AppController } from './app.controller';
import { AppService } from './app.service';
import { MmsModule } from './mms/mms.module';
// Import PrismaModule if using Prisma
// import { PrismaModule } from './prisma/prisma.module';

@Module({
  imports: [
    ConfigModule.forRoot({ isGlobal: true, envFilePath: '.env' }),
    ThrottlerModule.forRoot([{
      ttl: 60000, // 60 seconds
      limit: 10,  // Max 10 requests per IP per ttl
    }]),
    MmsModule,
    // PrismaModule, // Include if using Prisma
  ],
  controllers: [AppController],
  providers: [
    AppService,
    // Apply ThrottlerGuard globally
    { provide: APP_GUARD, useClass: ThrottlerGuard },
    // PrismaService should be provided within PrismaModule if used
  ],
})
export class AppModule {}

Authentication/Authorization: Protect the /mms endpoint using NestJS auth strategies (JWT, API Keys via Guards) if needed.
HTTPS: Ensure deployment uses HTTPS (usually handled by load balancer/reverse proxy).
Public Media URLs: Emphasize that mediaUrls must be publicly accessible for Twilio.

8. Handling Special Cases

Multiple Media Files: Handled via string[] for mediaUrls (max 10).
No Media Files: Current DTO requires media (@ArrayNotEmpty). To allow SMS via this endpoint, remove @ArrayNotEmpty from SendMmsDto and handle empty mediaUrls array in the service (Twilio handles it automatically if mediaUrl is empty/omitted).
Media URL Accessibility: URLs must be public. Twilio fetch failures (Error 12300) indicate issues here.
Character Limits: DTO has @MaxLength(1600).
File Types/Sizes: Refer to Twilio MMS documentation. Handle potential Twilio errors for invalid/large media.
International MMS: Primarily US/Canada for long codes. Check Twilio docs for other regions/sender types.
Idempotency: Consider adding a client-provided idempotency key if duplicate sends are a concern.

9. Implementing Performance Optimizations

Twilio Client Instantiation: Singleton instance in MmsService is efficient.
Asynchronous Operations: async/await used for I/O.
Database Connection Pooling: Handled by Prisma.
Payload Size: Keep request/response small.
Load Testing: Use tools like k6, Artillery to test under load.
Node.js Performance: Use recent LTS Node.js version. Profile if needed.

10. Adding Monitoring, Observability, and Analytics

Health Checks: Implement /health endpoint using @nestjs/terminus.
Performance Metrics: Monitor request latency, rate, error rate using APM tools (Datadog, New Relic) or Prometheus/Grafana (nestjs-prometheus).
Error Tracking: Integrate with Sentry, Bugsnag, etc.
Logging Aggregation: Ship structured logs to a central platform (Datadog Logs, Splunk, ELK, Loki).
Twilio Usage Monitoring: Use the Twilio Console Usage section and set up alerts.
Dashboards: Visualize key metrics (API performance, MMS volume/failures, Twilio API latency).

11. Troubleshooting and Caveats

Invalid Credentials (Twilio Error 20003): Check TWILIO_ACCOUNT_SID/TWILIO_AUTH_TOKEN in environment.
Invalid 'To' Number (Twilio Error 21211): Ensure E.164 format. DTO validator helps.
Invalid 'From' Number (Twilio Error 21606): Check TWILIO_PHONE_NUMBER in environment; verify number in Twilio Console (belongs to SID, MMS capable).
Media URL Inaccessible (Twilio Error 12300): Verify URLs are public and correct.
Max Media Exceeded (Twilio Error 21623): DTO validation (@ArrayMaxSize(10)) should prevent this.
MMS Not Supported (Various Codes): Carrier/region limitation. Log error.
Rate Limits Exceeded (429 Too Many Requests): Adjust nestjs-throttler config or investigate client behavior.
Environment Variables Not Loaded: Check ConfigModule setup, .env file location/presence (for local dev), platform variable configuration (for prod).
Missing Dependencies: Run npm install / yarn install.

12. Deployment and CI/CD

Build for Production: npm run build (generates dist folder).
Running in Production: NODE_ENV=production node dist/main.js. Use pm2 for process management: pm2 start dist/main.js --name nestjs-mms-api -i max.
Environment Configuration: Use platform's environment variable/secret management (AWS Secrets Manager, K8s Secrets, Heroku Config Vars, etc.). Do not deploy .env files.

Dockerization (Example Dockerfile):

# Dockerfile

# ---- Base Node ----
FROM node:18-alpine AS base
WORKDIR /usr/src/app
COPY package*.json ./

# ---- Dependencies ----
FROM base AS dependencies
# Install production dependencies only
RUN npm install --omit=dev
# If using Prisma, copy schema and generate client
# COPY prisma ./prisma
# RUN npx prisma generate

# ---- Build ----
FROM base AS build
# Install ALL dependencies (including dev for build process)
RUN npm install
# Copy all source files
COPY . .
# Build the application
RUN npm run build
# If using Prisma, copy schema again for runtime
# COPY prisma ./dist/prisma

# ---- Production ----
FROM node:18-alpine AS production
WORKDIR /usr/src/app
# Copy production node_modules from dependencies stage
COPY --from=dependencies /usr/src/app/node_modules ./node_modules
# Copy built application from build stage
COPY --from=build /usr/src/app/dist ./dist
# Copy package.json for runtime identification (optional but good practice)
COPY package*.json ./
# If using Prisma, copy the generated client from dependencies stage
# COPY --from=dependencies /usr/src/app/node_modules/.prisma ./node_modules/.prisma
# COPY --from=build /usr/src/app/dist/prisma ./dist/prisma

# Expose the application port
EXPOSE 3000

# Set NODE_ENV to production
ENV NODE_ENV=production

# Command to run the application
# Ensure your PORT env variable is set correctly in your deployment environment
CMD [""node"", ""dist/main.js""]

Improved multi-stage Dockerfile for better caching and smaller final image. Added Prisma steps (commented out).