Skip to content

sh3ll-trm/Genvil

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
public
public
 
 
scripts
scripts
 
 
README.md
README.md
 
 
package.json
package.json
 
 
server.js
server.js
 
 

Repository files navigation

Genvil

A dependency-free fullstack messenger built with Node.js, WebSockets, and a custom vanilla frontend.

Genvil is a portfolio project for novic.space and lxzd.site. It demonstrates a complete realtime chat product without external runtime dependencies: authentication, friend requests, direct chats, groups, channels, media attachments, profile settings, realtime presence, and a responsive interface.

Highlights

  • Realtime messaging over native WebSockets
  • Register and login with salted PBKDF2 password hashes
  • Friend requests, blocking, friends-only direct chats, groups, and channels
  • Typing indicators, presence, read receipts, reactions, replies, edits, deletes, forwards, pins, drafts, and scheduled messages
  • Polls and quizzes inside conversations
  • Profile settings with avatar/photo support, theme, accent color, privacy, and composer preferences
  • Local attachments with client and server-side validation
  • JSON persistence in data/db.json
  • Responsive custom UI for desktop and mobile
  • No Express, React, database server, or build step required

Portfolio Links

Tech Stack

  • Runtime: Node.js
  • Backend: native http, fs, crypto, and WebSocket frame handling
  • Frontend: HTML, CSS, and vanilla JavaScript
  • Storage: local JSON file database
  • Tests/checks: Node syntax checks, UI handler audit, API smoke test, WebSocket smoke test

Getting Started

Requirements:

  • Node.js 18 or newer
  • npm

Run the app:

npm start

Open:

http://127.0.0.1:4173

Create two accounts in separate browser windows, add one user as a friend by handle, accept the request, and start a realtime chat.

Scripts

npm run check

Runs syntax checks for the server, frontend, and scripts, then audits static UI buttons for missing handlers.

npm run smoke:api

Runs an end-to-end API smoke test covering auth, settings, profile photos, friends, conversations, invites, messages, reactions, polls, forwarding, pins, preferences, drafts, and deletion.

npm run smoke:ws

Runs a WebSocket smoke test for realtime message creation and protocol hardening.

Project Structure

.
|-- data/
|   `-- db.json
|-- public/
|   |-- app.js
|   |-- index.html
|   `-- styles.css
|-- scripts/
|   |-- audit-ui.js
|   |-- smoke-api.js
|   `-- smoke-ws.js
|-- package.json
`-- server.js

Security Notes

Genvil includes several defensive checks suitable for a portfolio-grade local/fullstack demo:

  • Passwords are stored as salted PBKDF2 hashes.
  • Direct chats require an accepted friendship.
  • Profile photos and attachments are validated by MIME type and data URL format.
  • Stored colors and user-controlled text are sanitized before rendering.
  • Static responses include browser security headers and a Content Security Policy.
  • WebSocket clients must authenticate and send masked frames within size limits.

This project uses JSON file persistence, so there is no SQL layer or SQL injection surface.

Configuration

The server defaults to 127.0.0.1:4173.

Optional environment variables:

HOST=127.0.0.1
PORT=4173

License

MIT

About

Genvil is a portfolio project for https://novic.space and https://lxzd.site. It demonstrates a complete realtime chat product without external runtime dependencies: authentication, friend requests, direct chats, groups, channels, media attachments, profile settings, realtime presence, and a responsive interface.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages