A modern, secure, real-time voice and text chat application built with Socket.IO, Express, and WebRTC.
- Token-based authentication with JWT
- Message encryption using AES-256-CBC
- Rate limiting to prevent abuse
- Secure headers with Helmet.js
- Username uniqueness enforcement
- Real-time voice communication using WebRTC
- Echo cancellation and noise suppression
- Microphone toggle (mute/unmute)
- Speaker controls (mute/unmute speakers)
- Visual indicators for users in voice chat
- Automatic cleanup of voice connections
- Real-time messaging with Socket.IO
- Message encryption before storage
- Message history persistence in MongoDB
- System notifications for user events
- Responsive message UI with timestamps
- Live user list showing online users
- User presence tracking
- Room-based communication
- MongoDB storage for user data
- Automatic cleanup on disconnect
- Dark theme with beautiful gradients
- Responsive design for all devices
- Real-time animations and transitions
- Connection status indicators
- Toast notifications for user feedback
- Modern typography with Inter font
- Node.js (v16 or higher)
- MongoDB (local or cloud instance)
- Modern web browser with WebRTC support
-
Clone or download the repository
-
Install dependencies:
npm install
-
Start MongoDB (if using local instance):
mongod
-
Set environment variables (optional):
# Create .env file MONGODB_URI=mongodb://localhost:27017/voicechat JWT_SECRET=your-secret-key PORT=3000 -
Start the application:
npm start # or for development npm run dev -
Open your browser and navigate to:
http://localhost:3000
- Enter a username (3-20 characters, letters, numbers, underscores only)
- Enter a room name (3-30 characters, letters, numbers, hyphens, underscores)
- Click "Join Voice Chat" to enter the room
- Type messages in the input field at the bottom
- Press Enter to send messages
- Messages are encrypted before storage
- View message history and timestamps
- Enable microphone by clicking the "Enable Mic" button
- Grant microphone permission when prompted by browser
- Start talking - other users will hear you automatically
- Toggle microphone on/off as needed
- Control speakers (mute/unmute incoming audio)
- See all online users in the sidebar
- View users in voice chat with special indicators
- Real-time notifications for user events
- Connection status displayed in top-right corner
- Express.js - Web framework
- Socket.IO - Real-time communication
- MongoDB + Mongoose - Database and ODM
- JWT - Authentication tokens
- Crypto - Message encryption
- Helmet - Security headers
- CORS - Cross-origin resource sharing
- Vanilla JavaScript - No frameworks for simplicity
- WebRTC - Peer-to-peer voice communication
- Socket.IO Client - Real-time events
- CSS Grid & Flexbox - Responsive layouts
- Web Audio API - Audio processing
- Input validation and sanitization
- Rate limiting (100 requests per 15 minutes per IP)
- Message encryption with AES-256-CBC
- JWT token authentication
- XSS protection through HTML escaping
- CSRF protection with secure headers
# Database
MONGODB_URI=mongodb://localhost:27017/voicechat
# Security
JWT_SECRET=your-super-secret-jwt-key-here
# Server
PORT=3000
NODE_ENV=productionThe application uses Google's public STUN servers by default:
stun:stun.l.google.com:19302stun:stun1.l.google.com:19302
For production, consider using your own TURN servers for better connectivity.
- Chrome 80+
- Firefox 75+
- Safari 13+
- Edge 80+
- WebRTC support
- getUserMedia API
- Web Audio API
- WebSocket support
- localStorage support
# Start production server
npm start
# Start development server (with nodemon)
npm run dev
# Run tests
npm testβββ app.js # Main server file
βββ package.json # Dependencies and scripts
βββ views/ # EJS templates
β βββ index.ejs # Landing page
β βββ chat.ejs # Chat room
βββ public/ # Static assets
β βββ css/
β β βββ style.css # Modern CSS styling
β βββ js/
β βββ landing.js # Landing page logic
β βββ chat.js # Chat functionality
βββ README.md # This file
- Set strong JWT_SECRET environment variable
- Use HTTPS for secure communication
- Configure proper CORS settings
- Set up rate limiting (already implemented)
- Use environment variables for sensitive data
- Regular security updates for dependencies
- Messages encrypted before database storage
- No message logging to console in production
- Automatic token expiration (24 hours)
- Secure session management
Edit public/css/style.css to customize:
- Color scheme (CSS variables in
:root) - Typography (font families and sizes)
- Layout (grid and flexbox properties)
- Animations (keyframes and transitions)
The modular architecture allows easy addition of:
- File sharing
- Video chat
- Screen sharing
- Chat commands
- User roles and permissions
"Microphone permission denied"
- Check browser microphone permissions
- Ensure HTTPS in production
- Try refreshing the page
"Connection failed"
- Check MongoDB is running
- Verify network connectivity
- Check firewall settings
"Username already exists"
- Choose a different username
- Wait a few minutes and try again
- Clear browser localStorage
"Voice chat not working"
- Check microphone permissions
- Ensure WebRTC support in browser
- Test with different browsers
Enable verbose logging by adding to browser console:
localStorage.setItem('debug', 'socket.io-client:*');MIT License - feel free to use this project for personal or commercial purposes.
- Fork the repository
- Create a feature branch
- Make your changes
- Test thoroughly
- Submit a pull request
For issues or questions:
- Check the troubleshooting section
- Review browser console for errors
- Verify all dependencies are installed
- Test with different browsers/devices
Enjoy your modern voice chat experience! π