{"id":23228975,"url":"https://github.com/barcodehub/shipconnect","last_synced_at":"2026-02-14T07:31:57.558Z","repository":{"id":254217905,"uuid":"839429457","full_name":"Barcodehub/ShipConnect","owner":"Barcodehub","description":"A social network with secure authentication, content sharing, community management, real-time messaging, and privacy controls. Built with Node.js and MongoDB.","archived":false,"fork":false,"pushed_at":"2025-04-01T20:49:32.000Z","size":19644,"stargazers_count":1,"open_issues_count":0,"forks_count":1,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-07-29T18:40:39.347Z","etag":null,"topics":["cloudinary","comments","community-management","csrf-protection","email-sender","event-management","jwt-authentication","likes","post-management","real-time-chat","reels","request-handler","social-media","social-network","stories"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Barcodehub.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2024-08-07T15:34:53.000Z","updated_at":"2024-12-11T17:56:33.000Z","dependencies_parsed_at":"2024-08-22T04:46:08.955Z","dependency_job_id":"badfdf78-151f-42b0-bdbc-5ed1084c9730","html_url":"https://github.com/Barcodehub/ShipConnect","commit_stats":null,"previous_names":["barcodehub/shipconnect"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/Barcodehub/ShipConnect","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Barcodehub%2FShipConnect","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Barcodehub%2FShipConnect/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Barcodehub%2FShipConnect/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Barcodehub%2FShipConnect/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Barcodehub","download_url":"https://codeload.github.com/Barcodehub/ShipConnect/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Barcodehub%2FShipConnect/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29439501,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-14T07:24:13.446Z","status":"ssl_error","status_checked_at":"2026-02-14T07:23:58.969Z","response_time":53,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cloudinary","comments","community-management","csrf-protection","email-sender","event-management","jwt-authentication","likes","post-management","real-time-chat","reels","request-handler","social-media","social-network","stories"],"created_at":"2024-12-19T01:15:48.285Z","updated_at":"2026-02-14T07:31:57.543Z","avatar_url":"https://github.com/Barcodehub.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# ShipConnect: Social Network Application\n\n## Table of Contents\n- [Project Overview](#project-overview)\n- [Technologies Used](#technologies-used)\n- [API Endpoints](#api-endpoints)\n  - [Authentication Routes](#authentication-routes)\n  - [Post Routes](#post-routes)\n  - [User Routes](#user-routes)\n  - [Comment Routes](#comment-routes)\n  - [Like Routes](#like-routes)\n  - [Friend Routes](#friend-routes)\n  - [Story Routes](#story-routes)\n  - [Reel Routes](#reel-routes)\n  - [Community Routes](#community-routes)\n  - [Event Routes](#event-routes)\n  - [Chat Routes](#chat-routes)\n  - [Admin Routes](#admin-routes)\n- [Security Measures](#security-measures)\n- [Environment Variables](#environment-variables)\n- [Installation and Setup](#installation-and-setup)\n- [Contributing](#contributing)\n- [License](#license)\n\n## Project Overview\n\nShipConnect is a social networking platform developed using Node.js and MongoDB. It features user authentication with diverse roles, multimedia content sharing, community and event management, social interactions (comments, likes, friend requests), real-time instant messaging, and a personalized news feed. The application emphasizes security, implementing two-factor authentication, protection against common web vulnerabilities, and privacy controls for user content.\n\n## Technologies Used\n\n  - Express: A Node.js framework for building web applications.\n  - Mongoose: A library for modeling MongoDB objects in Node.js.\n  - bcrypt: For hashing passwords.\n  - jsonwebtoken: For JWT-based authentication.\n  - passport and passport-google-oauth20: For Google authentication.\n  - dotenv: For loading environment variables from a .env file.\n  - express-session and connect-mongo: For handling sessions and storing them in MongoDB.\n  - csurf: For CSRF protection.\n  - cookie-parser: For handling cookies.\n  - helmet: For enhancing HTTP header security.\n  - express-rate-limit: For limiting the number of requests to prevent brute force attacks.\n  - express-mongo-sanitize: For sanitizing MongoDB data and preventing injections.\n  - xss-clean: For preventing XSS attacks by cleaning user inputs.\n  - multer: For handling file uploads.\n  - nodemailer: For sending emails.\n  - qrcode: For generating QR codes.\n  - socket.io and socket.io-client: For real-time functionalities like chat.\n  - cloudinary: For handling multimedia file uploads and storage.\n  - speakeasy: For two-factor authentication (2FA).\n\n## API Endpoints\n\n### Authentication Routes\n\n  - GET /api/auth/csrf-token: Retrieve the CSRF token.  \n  - POST /api/auth/signup: Register a new user.  \n  - POST /api/auth/login: Login a user.  \n  - POST /api/auth/logout: Logout a user.  \n  - POST /api/auth/generateTwoFactor: Generate a two-factor authentication code. \n  - POST /api/auth/verifyTwoFactor: Verify a two-factor authentication code.  \n  - GET /api/auth/google: Initiate Google OAuth login.  \n  - GET /api/auth/google/callback: Handle Google OAuth callback.  \n  - POST /api/auth/forgotpassword: Initiate password reset.  \n  - PUT /api/auth/resetpassword/:resettoken -Reset a password.  \n  - GET /api/auth/me: Retrieve the authenticated user's details.  \n\n\n### Post Routes\n\n- POST /api/posts/: Create a new post.\n- GET /api/posts/: Retrieve all posts.\n- POST /api/posts/:postId/share  -Share a specific post.\n- GET /api/posts/news-feed: Retrieve a personalized news feed.\n- PATCH /api/posts/:postId/privacy: -Update the privacy settings of a post.\n- DELETE /api/posts/:postId -Delete a post.\n- PUT /api/posts/:postId  -Update a post.\n\n### User Routes\n\n- GET /api/users/profile: Retrieve user profile information.\n- POST /api/users/profile: Update user profile information.\n- GET /api/users/search: Search for users.\n- DELETE /api/users/account: Delete a user account.\n\n\n### Comment Routes\n\n- POST /api/comments/: Add a comment to a post.\n- POST /api/comments/reel: Add a comment to a reel.\n- GET /api/comments/:postId  -Retrieve all comments on a specific post.\n- PUT /api/comments/:commentId  -Update a specific comment.\n- DELETE /api/comments/:commentId  -Delete a specific comment.\n\n\n### Like Routes\n- POST /api/likes/post/:postId -Like a specific post.\n- POST /api/likes/reel/:reelId -Like a specific reel.\n- POST /api/likes/story/:storyId -Like a specific story.\n- POST /api/likes/comment/:commentId -Like a specific comment.\n- DELETE /api/likes/:type/:id Remove a like from a specific item\n\n### Friend Routes\n- POST /api/friends/request: Send a friend request.\n- POST /api/friends/respond: Respond to a friend request.\n- GET /api/friends/requests: Retrieve all friend requests.\n- DELETE /api/friends/:friendId -Remove a friend.\n\n### Story Routes\n\n- POST /api/stories/: Create a new story.\n- GET /api/stories/: Retrieve all stories.\n- PUT /api/stories/:storyId -Update a story.\n- DELETE /api/stories/:storyId -Delete a story.\n- PUT /api/stories/:storyId/privacy  -Update the privacy settings of a story.\n\n\n### Reel Routes\n\n- POST /api/reels/: Create a new reel.\n- GET /api/reels/: Retrieve all reels.\n- PUT /api/reels/:reelId -Update a reel.\n- DELETE /api/reels/:reelId -Delete a reel.\n- PUT /api/reels/:reelId/privacy -Update the privacy settings of a reel.\n\n### Community Routes\n\n- POST /api/communities/: Create a new community.\n- GET /api/communities/public: Retrieve all public communities.\n- POST /api/communities/join/:id  -Join a community.\n- POST /api/communities/approve/:id/:userId  -Approve a user to join a community.\n- POST /api/communities/:id/moderators  -Add a moderator to a community.\n- PUT /api/communities/:id -Update community details.\n- DELETE /api/communities/:id -Delete a community.\n\n### Event Routes\n\n- POST /api/events/:communityId -Create a new event within a community.\n- GET /api/events/:communityId -Retrieve all events within a community.\n- PUT /api/events/:id -Update an event.\n- DELETE /api/events/:id -Delete an event.\n- GET /api/events/feed/:communityId  -Retrieve a community's event feed.\n\n### Chat Routes\n\n- GET /api/chat/messages: Retrieve all messages with a friend.\n- POST /api/chat/messages/:friendId Send a message to a friend.\n\n### Admin Routes\n\n- PUT /api/admin/roles: Update user roles.\n\n  To test the API endpoints, you can use Postman or any other API testing tool. Make sure to include the JWT token-login in the header for protected routes, and csrf-token.\n\n  Example:\n\n  Authorization: `\u003cyour_login_token\u003e`\n  X-CSRF-Token: `\u003cyour_csrf_token\u003e`\n\n### Security Measures\n\n  ShipConnect incorporates several security measures to protect user data and ensure safe interactions:\n\n  - Two-Factor Authentication (2FA): Users can enable 2FA for an added layer of security.\n  - CSRF Protection: The application uses CSRF tokens to protect against cross-site request forgery.\n  - XSS Protection: User inputs are sanitized to prevent cross-site scripting (XSS) attacks.\n  - Password Hashing: User passwords are securely hashed using bcrypt before being stored.\n  - Rate Limiting: The application limits the number of requests to protect against brute force attacks.\n  - Data Sanitization: MongoDB data is sanitized to prevent injection attacks.\n\n### Environment Variables\n\n    The following environment variables are required to run ShipConnect:\n    \n    NODE_ENV: Application environment (development, production).\n    PORT: Port number the application will run on.\n    MONGO_URI: MongoDB connection string.\n    JWT_SECRET: Secret key for JWT.\n    GOOGLE_CLIENT_ID: Google OAuth client ID.\n    GOOGLE_CLIENT_SECRET: Google OAuth client secret.\n    EMAIL_SERVICE: Email service provider.\n    EMAIL_USERNAME: Email service username.\n    EMAIL_PASSWORD: Email service password.\n    CLOUDINARY_CLOUD_NAME: Cloudinary cloud name.\n    CLOUDINARY_API_KEY: Cloudinary API key.\n    CLOUDINARY_API_SECRET: Cloudinary API secret.\n    QR_CODE_SECRET: Secret key for generating QR codes.\n    RATE_LIMIT_MAX: Maximum number of requests allowed within the defined time window\n    RATE_LIMIT_WINDOW_MS: Time window in milliseconds for rate limiting (3600000 ms = 1 hour)\n    BODY_LIMIT: Size limit for JSON and URL-encoded request bodies\n    SESSION_MAX_AGE: Maximum session lifetime in milliseconds (604800000 ms = 7 days)\n\n## Installation and Setup\n\n1. Clone the repository:\n\n   git clone https://github.com/Barcodehub/ShipConnect.git\n\n3. Install dependencies:\n\n   `npm install`\n\n4. Create a .env file in the root directory.\n\n    Add the environment variables as listed above.\n\n5. Start the server:\n\n    `npm start`\n\n\n## Contributing\n\nContributions are welcome! Please feel free to submit a Pull Request.\n\n## License\n\nThis project is licensed under the MIT License with an Attribution Clause. See the [LICENSE](./LICENSE.txt) file for details.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbarcodehub%2Fshipconnect","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbarcodehub%2Fshipconnect","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbarcodehub%2Fshipconnect/lists"}