Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/mrquackduck/colirbackend

Fancy messaging platform with client end-to-end encryption and ability to speak in voice channels
https://github.com/mrquackduck/colirbackend

aspnet csharp dotnet signalr

Last synced: 13 days ago
JSON representation

Fancy messaging platform with client end-to-end encryption and ability to speak in voice channels

Awesome Lists containing this project

README 

        


Colir (BackEnd)






  

  

  

  

  

    




Colir — fast & secure messaging platform with end-to-end encryption. 



Web Client can be found here.



## 🌈 The idea

The main goal of **Colir** is to provide an ability to **communicate securely**. 



To implement that, **end-to-end encryption** was chosen. Before using the application, **users should discuss a secret key** that will be **used to encrypt & decrypt** the data.


> [!NOTE]

> The **encryption keys** for rooms are stored **on the client only**. They're **not being sent to the server**.



This **API's role** is **to transfer** and **store** the encrypted data.



## 🌠 Features

Besides that, **Colir** **has** a couple of **features**, which can interest you in:

- **Rooms** are places where the encrypted communication happens. When a user **creates** a room, he/she chooses an **encryption key** (which will be stored at the client) and receives a **room GUID**. **They can share that GUID** with someone else so they **can join** that room. **Anyone** who has **the GUID** of a certain room **can join** it, but it will be **impossible to decrypt** the data **if** the **wrong encryption** key was provided.

- **Expiry date** can be provided for **rooms**. **When** the **expiry date comes**, all **data won't be accessible** and **will be deleted** forever.

- There's only **one voice channel** per room.

- **Passwordless authentication**. There are **three ways to authenticate**: **anonymous** (gives you a one-time JWT), **GitHub** account, and **Google** account.

- Each user has a unique **"Colir ID"**, which is a **6 symbol-length hexadecimal number** to identify a user.

> [!CAUTION]

> If you authenticate as **anonymous**, you **won't be able to login** into that account again.


> **Therefore**, use **3rd party providers** such as **GitHub** and **Google** to be able to login as much as you want.



## 🐳 Deployment

1. Install Docker

2. Clone this repo 


   **>** `git clone https://github.com/MrQuackDuck/ColirBackend.git`

3. Jump into the folder 


   **>** `cd .\ColirBackend\`

4. Run the container 


   **>** `docker compose up`



> [!IMPORTANT]

> When you've cloned the repository, make sure to configure these variables in `appsettings.json`:


> - `Authentication:JwtKey` - a **secret key** used to sign **JWT tokens**

> - `Authentication:RefreshTokenKey` - a **secret key** used to sign **refresh tokens**

> - `OAuth2:GitHubClientId` - **GitHub Client Id** (see Authorizing OAuth apps)

> - `OAuth2:GitHubSecret` - **GitHub Client Secret** (see Authorizing OAuth apps)

> - `OAuth2:GoogleClientId` - **Google Client Id** (see Using OAuth 2.0 to Access Google APIs)

> - `OAuth2:GoogleClientSecret` - **Google Client Secret** (see Using OAuth 2.0 to Access Google APIs)

> - `OAuth2:GoogleRedirectLink` - **Google Redirect Link** (the callback-link after **Google OAuth2** consent you've configured in Google Cloud Console)

> - `DatabaseEncryption:EncryptionPassword` - The **16-char password** that will be used to encrypt some data on writing/reading into/from the database.

> - `DatabaseEncryption:InitializationVector` - The **16-char initialization vector** that will be used to encrypt some data on writing/reading into/from the database.



## 🖥 Development server



1. Install .NET 8

2. Clone this repo

3. Run `dotnet run --project Colir.WebApi` command