A social network where users can register, make friends and chat with each other. I built the network in an intense three-week project while attending a full-time coding bootcamp with SPICED Academy, Berlin, from Sept 2021 to Dec 2021.
The social network allows users to
- register and log in,
- create a personal profile and change it,
- view the profiles of other users,
- befriend other users,
- chat with other users,
- find other users via a username search.
The client-side is built as a sigle-page application (SAP) with React. I use Redux to manage the application's state information, as well as Webpack and Babel to bundle and compile the code. The Socket.IO library allows for a smooth and instantaneous chat experience by enabling real-time, two-way communication between client and server.
The server-side is built with Express and Node. I use Express Router to create sub-routers and channel requests. I use AWS S3 as a reliable, centralised and permanent storage solution for users' profile pics. Uid-safe allows me to generate unique names for uploading profile pics and thus avoid mixups. Other user information is stored in a local database managed with PostgreSQL. This database is populated with 200+ fake users.
Key security measures are put in place. The Bcrypt library allows for salted password hashing and validation of user input. I use AWS SES to authenticate users in case they forgot their passwords. Users are send a random single-use verification code generated with Crypto-Random-String via email that expires after 15 min. To prevent SQL-injection attacks I employ the Node-Postgres-Module to escape user input. Denial-of-Service (DOS) attacks are averted by setting an upload-limit of 2MB for profile pics. I added a X-Frame-Options HTTP response header to prevent attempts at clickjacking; setting the same-site attribute to true is an easy proteccion against cross-site request forgeries (CSRF). I use Cookie-Session middleware to encode the data stored in cookies and prevent tampering.
The application boasts end-to-end (E2E) and unit testing. I use Cypress to build an E2E test mocking all aspects of real user interaction with the application. To warrant that changes to the code don't break any of the existing functionality I use the husky library to implement git hooks. This makes sure that the E2E test runs every time new code is pushed to GitHub. In addition I provide unit tests written with React Testing Library and Jest for key components of the application.
- Clone repository:
git clone git@github.com:rubyrazor/inner-join.git - Navigate into directory:
cd inner-join - Install dependencies:
npm install - Run development server:
npm run dev