Recollab v3 represents a significant leap forward in collaborative document editing, building upon the solid foundation of v2 with cutting-edge AI capabilities, enhanced real-time collaboration, advanced performance optimizations, and enterprise-grade security features. This version combines a Lexical-based editor, Liveblocks real-time presence/storage, and a custom MongoDB-backed authentication system to provide teams with an intelligent, responsive, and secure workspace for ideation and documentation.
- Highlights
- Screens & UX Summary
- Architecture Overview
- Directory Structure
- Tech Stack
- Core Features
- Advanced Feature Backlog
- Getting Started
- Environment Variables
- Custom Authentication Notes
- Liveblocks Integration
- Data Models
- Available Scripts
- Testing & Quality
- Troubleshooting
- Contributing
- License
- Credits
- π€ Advanced AI Integration: Real-time auto-completion, smart formatting suggestions, contextual content assistance, and intelligent title generation powered by OpenAI GPT-3.5 Turbo with confidence scoring.
- οΏ½ Performance Optimizations: Virtual scrolling for large documents, debounced AI requests, memoized components, and comprehensive performance monitoring with metrics collection.
- οΏ½ Enterprise Security: Enhanced session management, CSRF protection, rate limiting, input sanitization, password strength validation, and comprehensive audit logging.
- οΏ½ Enhanced Collaboration: Live presence indicators with user avatars, real-time cursor tracking, advanced user search, and improved mention suggestions.
- π¨ Modern UI/UX: Framer Motion animations, toast notifications, advanced search with filters, responsive design, and accessibility improvements.
- π§ͺ Comprehensive Testing: Jest testing suite with 70% coverage threshold, component testing, and mock implementations for all external services.
- οΏ½ Version History: Complete document version tracking with visual diff viewer, restore functionality, and change analytics (enhanced from v2).
- π Document Templates: Professional templates with variable substitution and smart defaults (enhanced from v2).
| Screen | Description |
|---|---|
| Home | Welcome dashboard with user details, quick document actions, template selection, and activity feed. |
| Document Workspace | Primary collaborative editor with advanced AI assistant, version history, live presence indicators, and enhanced share controls. |
| AI Smart Assistant | Floating panel providing real-time auto-completion, content suggestions, smart formatting, and title generation with confidence scoring. |
| Advanced Search | Powerful document discovery with search, filters, tags, date ranges, and sorting options. |
| Version History | Interactive timeline showing document versions with visual diff viewer and restore functionality. |
| Template Selector | Modal for browsing and selecting from various document templates with variable customization. |
| Authentication | Enhanced sign-in and sign-up pages with improved validation, security features, and progressive form feedback. |
| Layer | Description |
|---|---|
| Next.js App Router | Server components for layouts, routing, and server actions for auth flows. |
| Custom Auth | lib/auth.ts manages hashing, session creation/deletion, and cookie orchestration. |
| MongoDB Models | User, Session, and DocumentVersion schemas provide persistence via a pooled connection helper. |
| AI Service | lib/ai-service.ts handles OpenAI integration for document enhancement features. |
| Version History | lib/version-history.ts manages document snapshots with diff and restore capabilities. |
| Template System | lib/templates.ts provides structured document templates with variable substitution. |
| Liveblocks Provider | /app/Provider.tsx configures auth endpoint, resolveUsers, and mention suggestions. |
| UI Components | ShadCN-based inputs, buttons, modals, and custom UI under components/. |
| Editor | Lexical editor setup with Liveblocks bindings for shared document state. |
recollab/
ββ app/
β ββ (auth)/ # Sign-in & sign-up routes with custom forms
β ββ (root)/ # Home & document routes requiring authentication
β ββ api/
β β ββ liveblocks-auth/ # Liveblocks auth endpoint wired to custom auth
β β ββ versions/ # Version history API endpoints
β ββ layout.tsx # Root layout fetching the current user server-side
β ββ Provider.tsx # Client wrapper configuring LiveblocksProvider
ββ components/
β ββ ai/ # AI-powered features (AIAssistant)
β ββ auth/ # AuthProvider, LoginForm, RegisterForm, LogoutButton, UserMenu
β ββ editor/ # Lexical editor setup and nodes
β ββ templates/ # Document template selection and variable forms
β ββ version/ # Version history UI components
β ββ ui/ # Reusable UI components (Card, Badge, etc.)
β ββ ... # Shared UI (Header, ShareModal, ActiveCollaborators, etc.)
ββ lib/
β ββ actions/ # Server actions (auth, user lookups, rooms)
β ββ models/ # Mongoose schemas (User, Session, DocumentVersion)
β ββ ai-service.ts # OpenAI integration for AI features
β ββ auth.ts # Custom auth utilities
β ββ db.ts # MongoDB connection helper
β ββ templates.ts # Document templates and processing
β ββ utils.ts # Helpers including user color computation
β ββ version-history.ts # Version tracking and diff functionality
ββ public/ # Static assets (icons, logos)
ββ types/ # Shared TypeScript definitions (AuthUser)
ββ middleware.ts # Pass-through middleware placeholder
ββ package.json # Scripts & dependencies (includes OpenAI, date-fns)
ββ tsconfig.json # Path and type configuration
- Framework: Next.js 14 (App Router, Server Components, Route Handlers)
- Language: TypeScript
- Database: MongoDB via Mongoose
- Realtime: Liveblocks (client, node, react, react-lexical bindings)
- Editor: Lexical
- AI: OpenAI GPT-3.5 Turbo for intelligent features
- UI: Tailwind CSS, ShadCN components, Lucide icons
- Auth: Custom email/password with bcryptjs and session cookies
- Date Handling: date-fns for timestamp formatting
- Tooling: ESLint (Next config), TypeScript 5, PostCSS/Tailwind build pipeline
- Real-time Auto-completion: Context-aware text suggestions as you type with keyboard navigation.
- Smart Formatting Assistant: AI-powered document structure improvements with confidence scoring.
- Enhanced Content Suggestions: More intelligent and contextually relevant writing suggestions.
- Interactive AI Panel: Tabbed interface for different AI features with minimize/maximize functionality.
- Confidence Scoring: Visual indicators for AI suggestion confidence levels.
- Virtual Scrolling: Efficient rendering of large documents and lists.
- Debounced AI Requests: Optimized API calls to reduce costs and improve responsiveness.
- Component Memoization: Intelligent re-rendering optimization for better performance.
- Performance Monitoring: Built-in metrics collection and performance tracking.
- Lazy Loading: On-demand loading of components and data.
- Advanced Session Management: Secure token handling with absolute and inactivity timeouts.
- CSRF Protection: Cross-site request forgery prevention with token validation.
- Rate Limiting: Configurable API rate limiting with custom implementation.
- Input Sanitization: Comprehensive input validation and XSS prevention.
- Password Strength Validation: Advanced password requirements with visual feedback.
- Security Audit Logging: Comprehensive security event tracking and monitoring.
- Content Security Policy: Enhanced CSP headers for improved browser security.
- Live Presence Indicators: Real-time user avatars with activity status and editing indicators.
- Advanced User Search: Improved user discovery with search, filtering, and pagination.
- Enhanced Mentions: Better mention suggestions with user avatars and status.
- Real-time Activity Feed: Live updates of user actions and document changes.
- Framer Motion Animations: Smooth, performant animations throughout the application.
- Toast Notifications: Non-intrusive notification system with multiple types and actions.
- Advanced Search Interface: Powerful document discovery with multiple filter options.
- Responsive Design: Optimized for desktop, tablet, and mobile experiences.
- Accessibility Improvements: Better keyboard navigation and screen reader support.
- Comprehensive Test Suite: Jest-based testing with 70% coverage threshold.
- Component Testing: Isolated component testing with mocked dependencies.
- Performance Testing: Built-in performance monitoring and metrics collection.
- Security Testing: Input validation and security feature testing.
- π€ Advanced AI Assistant β Real-time auto-completion, smart formatting, contextual suggestions, and confidence scoring.
- π Performance Suite β Virtual scrolling, debounced requests, memoized components, and performance monitoring.
- π Security Framework β Enhanced session management, CSRF protection, rate limiting, and audit logging.
- π₯ Enhanced Collaboration β Live presence indicators, advanced user search, and real-time activity feeds.
- π¨ Modern UI/UX β Framer Motion animations, toast notifications, and advanced search interface.
- π§ͺ Testing Infrastructure β Comprehensive Jest suite with 70% coverage and component testing.
- π Version History β Complete document version tracking with diff viewer, restore functionality, and change analytics.
- π Document Templates β Professional templates for meeting notes, project specs, SWOT analysis, research papers, and blog posts with variable substitution.
- π Secure Custom Authentication β register, login, logout with hashed passwords and HTTP-only cookies.
- Session Management β MongoDB-backed sessions with automatic expiry and cookie cleanup.
- Collaborative Editing β Lexical editor combined with Liveblocks room storage for co-authoring.
- Presence & Cursors β See who is active, view color-coded cursors, and mention teammates.
- Document Sharing Controls β Invite collaborators, manage edit/view access, and list room members.
- Live Document List β Explore, open, and manage documents tied to the authenticated user.
- Responsive UI β Tailwind-based layout optimized for both desktop and mobile editing experiences.
- Server Actions β Form submissions backed by server actions for auth and room operations.
These are aspirational items the team may tackle next. Prioritize per roadmap needs.
- Real-time cursor selections and text highlighting
- Document analytics and usage insights dashboard
- Rich media support: image uploads, embeds, and file attachments
- Comprehensive search functionality across documents and content
- Dark mode and theme customization
- Export functionality (PDF, Markdown, Word)
- Workflow webhooks for Zapier/Make integrations
- Infrastructure-as-Code support (Terraform modules) for one-click deployments
- Advanced permission system with role-based access control
- Expiring and password-protected share links
- Playwright end-to-end regression suite
- Storybook catalog for UI documentation and visual regression
- Mobile app development (React Native)
- Advanced AI features (document translation, sentiment analysis)
- Integration with popular third-party services (Google Docs, Notion, etc.)
-
Clone the repository
git clone https://github.com/devmonixtechnologies/recollab.git cd recollab -
Install dependencies
pnpm install
-
Configure environment β create
.env(see Environment Variables). -
Start the development server
npm run dev
-
Open http://localhost:3000 and sign up for a new account.
Create .env in the project root:
# Database
MONGODB_URI=mongodb://127.0.0.1:27017/recollab
MONGODB_DB=recollab
# Liveblocks
NEXT_PUBLIC_LIVEBLOCKS_PUBLIC_KEY=
LIVEBLOCKS_SECRET_KEY=
# OpenAI (for AI features)
OPENAI_API_KEY=Note: The Mongo URI should include your database name as shown. For Atlas clusters, use the
mongodb+srv://variant and ensure IP allowlists/credentials are configured. OpenAI API key is required for AI-powered features.
- Password Hashing: Implemented with
bcryptjsat a cost factor of 12. - Session Tokens: Random 32-byte tokens hashed via SHA-256 and stored in MongoDB.
- HTTP-Only Cookies:
recollab_sessioncookie is set server-side with a 7-day expiry. - Server Actions:
registerAction,loginAction,logoutActionencapsulate all auth flows. - Guards:
requireUserredirects unauthenticated users to/sign-in. - User Shape: Shared
AuthUsertype keeps frontend context and server utilities in sync.
- Auth Endpoint:
/app/api/liveblocks-auth/route.tscallsgetCurrentUser()and identifies users with Liveblocks using email as the room identifier. - Provider Setup:
/app/Provider.tsxwraps client routes, providingresolveUsersandresolveMentionSuggestionscallbacks that query MongoDB. - Client Features: Presence avatars, mention suggestions, and shared storage map seamlessly onto Liveblocks APIs.
{
email: string;
password: string; // bcrypt hash
name?: string;
avatarUrl?: string;
color?: string; // generated via getUserColor
createdAt: Date;
updatedAt: Date;
}{
tokenHash: string; // sha256 hashed session token
user: ObjectId<User>;
expiresAt: Date;
createdAt: Date;
updatedAt: Date;
}Managed by Liveblocks storage; metadata (title, creator, access map) is stored in the Liveblocks dashboard or associated backend actions.
{
roomId: string;
title: string;
content: string;
version: number;
author: string;
authorName?: string;
authorAvatar?: string;
changeDescription?: string;
createdAt: Date;
contentHash: string; // For detecting actual content changes
}| Script | Description |
|---|---|
npm run dev |
Start Next.js in development mode with hot reloading. |
npm run build |
Create an optimized production build. |
npm run start |
Run the production build locally. |
npm run lint |
Execute ESLint using Next.js config. |
npm run test |
Run Jest test suite. |
npm run test:watch |
Run Jest tests in watch mode. |
npm run test:coverage |
Run Jest tests with coverage report. |
- Unit/Integration Testing: Jest-based testing suite with 70% coverage threshold.
- Component Testing: Isolated component testing with mocked dependencies using React Testing Library.
- Performance Testing: Built-in performance monitoring and metrics collection.
- Security Testing: Input validation, CSRF protection, and security feature testing.
- E2E Testing: (Planned) Use Playwright for multi-user collaboration scenarios.
- Type Safety: TypeScript enforces contracts across server actions, components, and models.
- Linting: Run
npm run lintto catch common pitfalls and maintain standards. - Coverage Reports: Run
npm run test:coverageto generate detailed coverage reports.
| Symptom | Likely Cause | Fix |
|---|---|---|
Missing MONGODB_URI environment variable |
.env not configured or server not restarted |
Add variable and restart npm run dev. |
MongoParseError: Invalid scheme |
URI missing mongodb:// or mongodb+srv:// |
Correct connection string. |
TypeError [ERR_INVALID_ARG_TYPE] during auth |
Session token retrieval returning a Promise | Ensure getSessionTokenFromCookie is awaited everywhere (already addressed). |
| Liveblocks auth 401/403 | Incorrect Liveblocks keys or user lookup returns null | Double-check .env keys and user data. |
| Cookies missing in production | Missing secure flag |
Ensure NODE_ENV=production and HTTPS is used. |
- Fork the repository and create a feature branch.
- Follow the coding standards (TypeScript, ESLint, Tailwind conventions).
- Add or update tests when introducing new features.
- Submit a pull request describing the change, testing performed, and screenshots if applicable.
- Expand the advanced feature backlog (RBAC, version history, notifications).
- Add integration tests for auth and room access controls.
- Improve accessibility (ARIA attributes, keyboard navigation, focus states).
- Translate UI strings for internationalization readiness.
This project is for free to use and modify. You can use it for personal and commercial use.