laurent/PrivateChat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 5 Wiki Activity
5 Commits 1 Branch 5 Tags
506a82440117f574ea6a1a3bb8bf10a3c918867f
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Laurent Dubertrand 506a824401 minor fixes and improvments
2026-03-10 03:27:11 +01:00
apple-client
Initial commit
2026-03-09 19:35:08 +01:00
client
minor fixes and improvments
2026-03-10 03:27:11 +01:00
server
Many new functionalities
2026-03-10 02:49:27 +01:00
.gitignore
Many new functionalities
2026-03-10 02:49:27 +01:00
package-lock.json
Initial commit
2026-03-09 19:35:08 +01:00
package.json
Initial commit
2026-03-09 19:35:08 +01:00
README.md
Many new functionalities
2026-03-10 02:49:27 +01:00

README.md

PrivateChat

PrivateChat is a two-part application:

  • An Angular 21 + Bootstrap frontend for authentication, peer discovery, and direct chat.
  • A Fastify + WebSocket backend for JWT-based authentication, Redis-backed sessions, and initial WebRTC signaling.

Once two clients discover each other through the backend, text, JSON payloads, and file transfers move over a direct WebRTC data channel. Signaling is only allowed for clients with an active authenticated backend session.

Features

  • Register and log in with JWTs that are bound to active Redis sessions.
  • Sign in with either a password or a registered WebAuthn access key.
  • Persist users in a local SQLite database with encrypted credential storage.
  • Persist the JWT signing secret in the SQLite database, encrypted at rest.
  • Allow authenticated users to register multiple WebAuthn access keys.
  • Discover online peers through a signaling WebSocket.
  • Establish direct WebRTC peer connections.
  • Exchange plain text messages, structured JSON payloads, and files.
  • Keep signaling on the backend and user content on the peer-to-peer data channel.

Run locally

Requirements:

  • Node.js 20+ recommended.
  • npm 10+.
  • A local Redis instance reachable at redis://127.0.0.1:6379/0 by default.

Install the root runner dependency:

npm install

Start both apps:

npm run dev

Configuration defaults now live in the repo root .env. The backend loads that file with dotenv at startup, and the frontend generates client/public/env.js from the same file before ng serve and ng build.

To serve the prebuilt Angular app from Fastify and run only one server:

npm run build
npm run start --prefix server

The backend serves client/dist/client/browser on the same origin as the API and WebSocket endpoints.

Default endpoints:

  • Frontend: http://localhost:4200
  • Backend: http://localhost:3000

The backend automatically creates:

  • server/data/privatechat.sqlite for users and encrypted secret material.
  • server/data/master.key if PRIVATECHAT_MASTER_KEY is not supplied.

The frontend lets you override the backend URL from the login screen if you need a different host or port.

Apple client

The repo also includes a multiplatform SwiftUI client in apple-client/ for macOS and iOS/iPadOS.

  • The native Settings UI manages backend URL, password auth, passkey auth, and access-key registration.
  • The main chat surface embeds the Angular client bundle in a WKWebView, so the WebRTC chat workspace stays aligned with the web app.
  • Generate the Xcode project with xcodegen generate --spec apple-client/project.yml --project-root apple-client.
  • A build of the Apple app automatically rebuilds the Angular client into apple-client/WebApp/ before bundling it.

Backend environment

The backend accepts these environment variables:

  • PORT: HTTP and WebSocket port. Default 3000.
  • REDIS_URL: Local Redis connection string. Default redis://127.0.0.1:6379/0.
  • SESSION_TTL_SECONDS: Redis session TTL. Default 43200.
  • SQLITE_PATH: Optional SQLite database path.
  • PRIVATECHAT_DATA_DIR: Base directory for generated local storage.
  • PRIVATECHAT_MASTER_KEY: Optional master key for encrypting SQLite secret material and user credentials.
  • PRIVATECHAT_MASTER_KEY_PATH: Optional file path for the generated master key.
  • PRIVATECHAT_WEB_DIST_DIR: Directory containing the prebuilt Angular browser bundle. Default client/dist/client/browser.
  • CORS_ORIGIN: Optional comma-separated browser-origin allowlist. If omitted, the server accepts request origins. The special null origin from embedded file:// webviews is accepted.
  • WEBAUTHN_ORIGIN: Browser origin allowed to register access keys. Default http://localhost:4200.
  • WEBAUTHN_RP_ID: WebAuthn RP ID. Default hostname of WEBAUTHN_ORIGIN.
  • WEBAUTHN_RP_NAME: Friendly RP name for browser access-key prompts. Default PrivateChat.
  • WEBAUTHN_USER_VERIFICATION: WebAuthn user-verification policy for access-key registration. Supported values: discouraged, preferred, required. Default preferred.
  • WEBAUTHN_CHALLENGE_TTL_SECONDS: Pending access-key registration challenge TTL in Redis. Default 300.

Frontend environment

  • PRIVATECHAT_CLIENT_SERVER_URL: Default backend URL preloaded into the Angular app before local storage overrides apply.

Production note

This project uses the Fastify server only for auth and signaling. The chat payload itself stays peer-to-peer over WebRTC. For production deployment, replace the local master key strategy with your preferred secret-management system, keep Redis durable enough for your session policy, and configure TURN infrastructure if peers cannot connect with STUN alone.

Reference in New Issue View Git Blame Copy Permalink
Description
No description provided
Readme 2.2 MiB
Releases 5
Version 3.6 Latest
2026-03-11 18:13:32 +01:00
Languages
TypeScript 66.7%
HTML 13.8%
SCSS 11.4%
Swift 7.2%
JavaScript 0.9%