Full-stack collaborative project workspace with real-time messaging, project/user management, and integrated AI assistance (Groq) for generating development help and code snippets. Built with a MERN-style backend (Express + MongoDB) and a modern React (Vite) frontend. Socket.IO powers real-time project rooms; Google Generative AI (Groq) provides contextual responses when users mention @ai inside a project chat.
- User registration, login, logout with JWT + httpOnly cookie storage
- Password strength validation & secure hashing (bcrypt)
- Project creation, listing, sharing (add users by ID/email)
- Real-time project room messaging via Socket.IO
- Inline AI assistance: prepend messages with
@aito get generated responses - AI endpoint for programmatic prompt/result retrieval
- Modular service/controller architecture and request validation (express-validator)
- Centralized DB connection handling
Backend: Node.js, Express, MongoDB (Mongoose), Socket.IO, JWT, bcrypt, dotenv, express-validator, morgan, cors
Frontend: React (Vite), React Router, Axios, Socket.IO Client, Tailwind (via Vite plugin), Monaco Editor, Markdown rendering, WebContainers API
AI: Groq AI (Groq) via @groq-sdk
- REST API under
/api/*for user, project, and AI operations - Socket.IO server attached to HTTP server for real-time events
- Authorization for Socket.IO connections via JWT (token passed in
authpayload) - AI messages triggered in the room when a chat message contains
@ai
backend/
app.js # Express app setup & route mounting
server.js # HTTP + Socket.IO server bootstrap
db/db.js # Mongo connection helper
controllers/ # Request handlers
services/ # Business & integration logic (AI, project)
models/ # Mongoose schemas
routes/ # Route definitions (user, project, ai)
middlewares/ # Auth & validation middleware
frontend/
src/
App.jsx
main.jsx
config/ # axios, socket, webContainers config
context/ # React context (user)
screens/ # Pages (Home, Login, Register, Project)
components/ # Shared UI (Navbar)
auth/ # Auth-related UI components
# From repo root
cd backend
npm installCreate a .env file in backend/:
PORT=5000
MONGO_URI=mongodb://localhost:27017/coro
JWT_SECRET=replace_with_strong_secret
GROQ_API_KEY=your_google_groq_api_key
NODE_ENV=development
Run the server (nodemon start script):
npm startThe backend will listen on http://localhost:5000.
cd frontend
npm installCreate .env (Vite uses VITE_ prefix):
VITE_API_URL=http://localhost:5000/api
Start dev server:
npm run devFrontend typically runs on http://localhost:5173 (Vite default).
| Variable | Location | Description |
|---|---|---|
| PORT | backend | Port for Express/Socket.IO server |
| MONGO_URI | backend | MongoDB connection string |
| JWT_SECRET | backend | Secret for signing JWT tokens |
| GROQ_API_KEY | backend | API key for Google Groq model |
| NODE_ENV | backend | Environment mode (affects cookie security) |
| VITE_API_URL | frontend | Base URL for Axios & Socket (adjusted for Socket.IO) |
Backend:
npm start– runsnodemon server.js
Frontend:
npm run dev– Vite dev servernpm run build– production buildnpm run preview– preview built assetsnpm run lint– run ESLint
Base URL: http://localhost:5000/api
| Method | Path | Auth | Description |
|---|---|---|---|
| POST | /register |
No | Register new user (name, email, password) |
| POST | /login |
No | Login (email, password) returns JWT + cookie |
| GET | /logout |
Yes (cookie) | Clear auth cookie |
| GET | / |
Yes | Get logged-in user info |
| GET | /all |
Yes | List other users (excluding logged-in user) |
| Method | Path | Auth | Description |
|---|---|---|---|
| POST | /create |
Yes | Create project (name) |
| GET | /all |
Yes | Get all projects for logged-in user |
| PUT | /add-user |
Yes | Add users to a project (projectId, users array) |
| GET | /get-project/:projectId |
Yes | Get single project by ID |
| Method | Path | Auth | Description |
|---|---|---|---|
| GET | /get-result?prompt=... |
Optional* | Generate AI response (returns text). *Currently no explicit auth middleware; secure behind auth if needed. |
- Socket.IO endpoint shares same origin/port as backend.
- Client initializes socket in
frontend/src/config/socket.jsusingVITE_API_URL(the code strips trailing/api). - Connection Auth: JWT token passed in
auth.token. - Query Param:
projectIdrequired and validated server-side. - Emit event:
project-messagewith{ message, sender }object. - To trigger AI assistant: Include
@aianywhere in the message; server replaces with generated result and broadcasts from pseudo-userAI Assistant.
- Register/Login returns a JWT and sets
tokenhttpOnly cookie. - Frontend also stores JWT in
localStoragefor Socket.IO & AxiosAuthorization: Bearer <token>header. - Protected routes use
isAuthmiddleware to validate token and attach user.
express-validatorenforces shape for project creation & modification.- Centralized try/catch blocks in controllers return structured error messages.
- AI service gracefully degrades with overloaded message fallback.
- Keep
VITE_API_URLaligned with backend/apiprefix. - When modifying socket auth, ensure token & projectId logic stays in sync.
- Add rate limiting or caching (Redis dependency already included) for scaling.
- Wrap AI responses with additional metadata if future clients need structured JSON.
Ideas:
- Add role-based project permissions (owner/admin/member)
- Persist chat history in Mongo (currently transient unless stored in project model)
- Integrate Redis for session / pub-sub scaling
- Add unit tests (Jest for backend, React Testing Library for frontend)
- Implement refresh tokens & token rotation
- Use HTTPS + secure cookies in production (
NODE_ENV=productionsetssecurecookie flag) - Sanitize user inputs & consider content filtering for AI prompts
- Store secrets outside source control (never commit
.env)
- Fork & clone
- Create feature branch:
git checkout -b feature/awesome - Commit changes:
git commit -m "feat: add awesome" - Push & open PR
Backend specifies ISC license. Consider adding explicit LICENSE file if needed.
# From project root
# Backend
cd backend; npm install; echo "PORT=5000`nMONGO_URI=mongodb://localhost:27017/coro`nJWT_SECRET=dev_secret`nGROUQ_API_KEY=your_key`nNODE_ENV=development" > .env; npm start
# In a new terminal (frontend)
cd ../frontend; npm install; echo "VITE_API_URL=http://localhost:5000/api" > .env; npm run devFeel free to open issues for bugs or enhancement requests.