Enterprise-grade secure real-time chat platform
Features • Quick Start • Deployment • Security • API
- End-to-End Encryption — Signal Protocol-inspired encryption with X3DH and Double Ratchet
- Zero-Knowledge Architecture — Server cannot read your messages
- Perfect Forward Secrecy — Automatic key rotation protects past messages
- JWT Authentication — RS256 tokens with device fingerprinting
- Two-Factor Authentication — TOTP-based 2FA with backup codes
- Enterprise Password Policy — 12+ character requirements with complexity rules
- Instant Messaging — WebSocket-powered real-time messaging
- Typing Indicators — See when others are typing
- Read Receipts — Message delivery and read status
- Reactions — Emoji reactions on messages
- Threading — Reply to specific messages
- Self-Destructing Messages — Disappearing messages with timer
- Advanced Search — Full-text search across messages, users, and files
- Message Pinning — Pin important messages in rooms
- WebRTC Calls — Encrypted peer-to-peer audio/video calls
- Screen Sharing — Share your screen during calls
- Group Calls — Multi-party video conferences
- Call History — Track all past calls and durations
- Smart Notifications — In-app, email, and push notifications
- Presence System — Real-time online/offline/away status
- Custom Status — Set custom status messages
- Activity Tracking — Track user activity and engagement
- Notification Preferences — Granular control over notification types
- Encrypted Uploads — Files encrypted before upload
- Virus Scanning — ClamAV integration for malware detection
- Image Thumbnails — Automatic thumbnail generation
- Storage Options — Local storage or S3-compatible cloud storage
- User Management — Full user lifecycle management
- Room Moderation — Role-based room access control
- Audit Logging — Tamper-proof activity logs
- Real-time Monitoring — Prometheus metrics & Grafana dashboards
- System Analytics — Comprehensive usage statistics and insights
- Automated Backups — Scheduled database backups with S3 support
- Health Monitoring — Continuous health checks for all components
- Performance Analytics — Track message volume, user engagement, and trends
- Redis Caching — Multi-layer caching for frequently accessed data
- Distributed Rate Limiting — Redis-backed rate limiting
- Connection Pooling — Optimized database connections
- Query Optimization — Indexed queries and aggregation pipelines
- Adaptive Rate Limiting — Dynamic rate limits based on user behavior
- Node.js 18+
- MongoDB 7.0+
- Redis 7+
# Clone the repository
git clone https://github.com/v74all/v7chat.git
cd v7chat
# Run the setup wizard
node scripts/setup-wizard.js
# Install dependencies
npm install
# Start the server
npm run dev# One-command installation
sudo bash scripts/install.sh --domain your-domain.com
# Or with Docker Compose manually
cd docker
docker compose up -dAccess V7Chat at https://localhost or your configured domain.
# Production deployment
cd docker
docker compose -f docker-compose.yml up -d
# With monitoring (Prometheus + Grafana)
docker compose --profile monitoring up -d
# View logs
docker compose logs -f v7chat# Install dependencies
npm ci --production
# Set environment variables
cp .env.example .env
# Edit .env with your configuration
# Start with PM2
pm2 start src/server.js --name v7chat| Variable | Description | Default |
|---|---|---|
NODE_ENV |
Environment mode | development |
PORT |
Server port | 3000 |
MONGODB_URI |
MongoDB connection string | mongodb://localhost:27017/v7chat |
REDIS_HOST |
Redis host | localhost |
JWT_SECRET |
JWT signing secret | required |
ENCRYPTION_KEY |
E2E encryption key | required |
See .env.example for full configuration options.
V7Chat implements a Signal Protocol-inspired encryption system:
- X3DH Key Agreement — Extended Triple Diffie-Hellman for session establishment
- Double Ratchet — Forward secrecy with message-level key rotation
- AES-256-GCM — Authenticated symmetric encryption for messages
- Ed25519 — Digital signatures for identity verification
[Client] → Register/Login → [Server]
← JWT Access Token (15min) ←
← Refresh Token (7 days, HttpOnly cookie) ←
[Client] → API Request + Bearer Token → [Server]
← Response ←
[Client] → Refresh Token → [Server]
← New Access Token ←
All responses include:
Strict-Transport-Security— HSTS with preloadContent-Security-Policy— Strict CSPX-Content-Type-Options— nosniffX-Frame-Options— DENYReferrer-Policy— strict-origin-when-cross-origin
# Register
POST /api/auth/register
{
"username": "johndoe",
"email": "john@example.com",
"password": "SecureP@ss123!"
}
# Login
POST /api/auth/login
{
"email": "john@example.com",
"password": "SecureP@ss123!"
}
# Logout
POST /api/auth/logout
# Refresh Token
POST /api/auth/refresh# Get notifications
GET /api/notifications?limit=50&unreadOnly=true
# Mark as read
PUT /api/notifications/:notificationId/read
# Mark all as read
PUT /api/notifications/read-all
# Clear all notifications
DELETE /api/notifications# Universal search
GET /api/search?q=keyword&type=all
# Search messages
GET /api/search/messages?q=keyword&roomId=...&dateFrom=...
# Get search suggestions
GET /api/search/suggestions?q=key
# Clear search history
DELETE /api/search/history# Get user presence
GET /api/presence/:userId
# Update status
PUT /api/presence/status
{
"status": "away",
"customMessage": "In a meeting"
}
# Get bulk presence
GET /api/presence/bulk?userIds=id1,id2,id3# Get user analytics
GET /api/analytics/user?period=30
# Get room analytics
GET /api/analytics/room/:roomId?period=7
# Get system analytics (admin only)
GET /api/analytics/system?period=30
# Get engagement report
GET /api/analytics/engagement?period=7# Get user's rooms
GET /api/rooms
# Create room
POST /api/rooms
{
"name": "Team Chat",
"type": "private",
"encrypted": true
}
# Get messages
GET /api/rooms/:roomId/messages?limit=50// Connect with authentication
const socket = io({
auth: { token: accessToken }
});
// Send message
socket.emit('message:send', {
roomId: '...',
content: 'encrypted content',
encryption: { iv: '...', authTag: '...' }
});
// Receive message
socket.on('message:new', (data) => {
console.log(data.message);
});
// Typing indicator
socket.emit('message:typing', { roomId: '...' });
// Call signaling
socket.emit('call:offer', { targetUserId: '...', offer: rtcOffer });v7chat/
├── src/
│ ├── admin/ # Admin controllers & operations
│ ├── analytics/ # Analytics & reporting
│ ├── auth/ # Authentication & authorization
│ ├── backup/ # Backup & restore services
│ ├── cache/ # Caching layer
│ ├── config/ # Configuration management
│ ├── crypto/ # E2E encryption modules
│ ├── database/ # MongoDB & Redis connections
│ ├── files/ # File upload & management
│ ├── messaging/ # Socket.IO handlers
│ ├── middleware/ # Express middleware & rate limiting
│ ├── models/ # Mongoose models
│ ├── monitoring/ # Logging, metrics & health checks
│ ├── notifications/ # Notification service
│ ├── presence/ # Presence & activity tracking
│ ├── rooms/ # Room management
│ ├── search/ # Search functionality
│ ├── users/ # User management
│ ├── utils/ # Utilities (email, etc.)
│ ├── validators/ # Input validation
│ ├── webrtc/ # WebRTC call management
│ └── server.js # Main entry point
├── public/ # Static files & client JS
├── docker/ # Docker configuration
├── scripts/ # Installation & setup
└── backups/ # Automated backups directory
# Lint code
npm run lint
# Auto-fix issues
npm run lint:fix
# Format with Prettier
npm run formatAvailable at /metrics:
v7chat_http_requests_total— Total HTTP requestsv7chat_active_connections— WebSocket connectionsv7chat_messages_sent_total— Messages sentv7chat_auth_attempts_total— Auth attempts by result
Access Grafana at http://localhost:3001 (default: admin/admin).
Pre-configured dashboards:
- System Overview
- Real-time Connections
- Message Analytics
- Security Events
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing) - Commit changes (
git commit -m 'Add amazing feature') - Push to branch (
git push origin feature/amazing) - Open a Pull Request
MIT License — see LICENSE for details.
V7Chat Enterprise by V7LTHRONYX