A modern real-time chat application built with NestJS backend and simple HTML frontend, featuring user authentication, WebSocket-based messaging, and persistent message storage.
- Real-time Messaging: Instant message delivery using WebSockets with Socket.IO
- User Authentication: Secure JWT-based authentication with Passport
- User Management: Registration and login system
- Persistent Messages: All messages stored in MongoDB database with Prisma ORM
- Simple UI: Clean, responsive HTML interface
- Cross-platform: Works on desktop and mobile browsers
- Framework: NestJS (Node.js)
- Language: TypeScript
- Database: MongoDB
- ORM: Prisma
- Authentication: JWT + Passport
- Real-time: Socket.IO
- Validation: class-validator + class-transformer
- Password Hashing: bcrypt
- HTML5: Semantic markup
- CSS3: Custom styling
- JavaScript: ES6+ features
- WebSockets: Socket.IO client
- Linting: ESLint
- Code Formatting: Prettier
- Testing: Jest
- Build Tool: NestJS CLI
Before running this application, make sure you have the following installed:
- Node.js (v16 or higher)
- npm or yarn
- MongoDB database
- Git
-
Clone the repository
git clone https://github.com/a-3isa/chatty cd chatty -
Install dependencies
npm install
-
Environment Setup Create a
.envfile in the root directory:DATABASE_URL="DATABASE_URL" JWT_SECRET="your-super-secret-jwt-key" PORT=3000
-
Database Setup
# Generate Prisma client npx prisma generate # Run database migrations npx prisma migrate dev # (Optional) Seed the database npx prisma db seed
# Start the backend server
npm run start:dev
# The server will be running at http://localhost:3000# Build the application
npm run build
# Start the production server
npm run start:prodOpen your browser and navigate to:
- Login Page:
http://localhost:3000/client/login.html - Register Page:
http://localhost:3000/client/register.html - Chat Interface:
http://localhost:3000/client/chat.html
POST /auth/register
Content-Type: application/json
{
"username": "johndoe",
"password": "securepassword"
}POST /auth/login
Content-Type: application/json
{
"username": "johndoe",
"password": "securepassword"
}Response:
{
"accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"userId": 1
}GET /chat/messages?userId=2
Authorization: Bearer <access_token>Response:
[
{
"id": 1,
"content": "Hello!",
"senderId": 1,
"receiverId": 2,
"createdAt": "2024-01-01T10:00:00.000Z",
"sender": {
"username": "johndoe"
}
}
]GET /users
Authorization: Bearer <access_token>const socket = io('http://localhost:3000', {
auth: { token: accessToken },
extraHeaders: { authorization: 'Bearer ' + accessToken },
});socket.emit('join', userId);socket.emit('sendMessage', {
senderId: 1,
receiverId: 2,
content: 'Hello, World!',
});socket.on('receiveMessage', (message) => {
console.log('New message:', message);
});chatty/
βββ src/
β βββ app.controller.ts # Main application controller
β βββ app.module.ts # Root application module
β βββ app.service.ts # Main application service
β βββ main.ts # Application entry point
β βββ auth/ # Authentication module
β β βββ auth.controller.ts
β β βββ auth.module.ts
β β βββ auth.service.ts
β β βββ jwt.strategy.ts
β β βββ dto/
β βββ chat/ # Chat module
β β βββ chat.controller.ts
β β βββ chat.gateway.ts # WebSocket gateway
β β βββ chat.module.ts
β β βββ chat.service.ts
β βββ messages/ # Messages module
β βββ users/ # Users module
β βββ prisma.service.ts # Prisma database service
βββ client/ # Frontend files
β βββ login.html
β βββ register.html
β βββ chat.html
βββ prisma/
β βββ schema.prisma # Database schema
β βββ migrations/ # Database migrations
βββ test/ # Test files
βββ package.json
βββ tsconfig.json
βββ README.md
# Run unit tests
npm run test
# Run tests in watch mode
npm run test:watch
# Run test coverage
npm run test:cov
# Run e2e tests
npm run test:e2enpm run build- Build the applicationnpm run format- Format code with Prettiernpm run start- Start production servernpm run start:dev- Start development server with hot reloadnpm run start:debug- Start debug modenpm run start:prod- Start production servernpm run lint- Run ESLintnpm run test- Run Jest tests
For comprehensive security documentation, see SECURITY.md
- JWT Authentication: Secure token-based authentication with refresh tokens
- Password Security: bcrypt hashing with strength validation
- Account Lockout: Automatic lockout after failed login attempts
- Input Sanitization: Global middleware preventing XSS and injection attacks
- CSRF Protection: JWT-based CSRF protection for HTML clients
- Security Headers: Helmet middleware with comprehensive HTTP security headers
- CORS Configuration: Environment-specific CORS policies
- Rate Limiting: Global throttling to prevent abuse
- Password Reset: Secure token-based password reset flow
- Input Validation: class-validator with comprehensive DTO validation
- WebSocket Security: Authentication middleware for real-time connections
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add some amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
This project is licensed under the UNLICENSED License.
If you have any questions or need help, please open an issue in the repository.
- Add user profile pictures
- Implement group chat functionality
- Add message encryption
- Mobile app development
- File sharing capabilities
- Message reactions and replies
- Online/offline status indicators