backend.im/personaltaskmanagementapi-lh74qi
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
personaltaskmanagementapi-l.../README.md
Automated Action 41bbd8c182 Build comprehensive real-time chat API with advanced features 
Complete rewrite from task management to full-featured chat system:

Core Features:
- Real-time WebSocket messaging with connection management
- Direct messages and group chats with admin controls
- Message types: text, images, videos, audio, documents
- Message status tracking: sent, delivered, read receipts
- Typing indicators and user presence (online/offline)
- Message replies, editing, and deletion

Security & Encryption:
- End-to-end encryption with RSA + AES hybrid approach
- JWT authentication for API and WebSocket connections
- Secure file storage with access control
- Automatic RSA key pair generation per user

Media & File Sharing:
- Multi-format file upload (images, videos, audio, documents)
- Automatic thumbnail generation for images/videos
- File size validation and MIME type checking
- Secure download endpoints with permission checks

Notifications & Alerts:
- Real-time WebSocket notifications
- Push notifications via Firebase integration
- @username mention alerts with notification history
- Unread message and mention counting
- Custom notification types (message, mention, group invite)

Advanced Features:
- Group chat management with roles (member, admin, owner)
- User search and chat member management
- Message pagination and chat history
- Last seen timestamps and activity tracking
- Comprehensive API documentation with WebSocket events

Architecture:
- Clean layered architecture with services, models, schemas
- WebSocket connection manager for real-time features
- Modular notification system with multiple channels
- Comprehensive error handling and validation
- Production-ready with Docker support

Technologies: FastAPI, WebSocket, SQLAlchemy, SQLite, Cryptography, Firebase, Pillow
2025-06-21 16:49:25 +00:00

509 lines
14 KiB
Markdown
Raw Permalink Blame History

# Real-time Chat API
A comprehensive real-time chat API built with FastAPI, WebSocket, and advanced features including media sharing, end-to-end encryption, and push notifications. Perfect for building modern chat applications.
## 🚀 Features
### Core Chat Features
- **Real-time Messaging**: WebSocket-based instant messaging
- **Direct Messages**: Private one-on-one conversations
- **Group Chats**: Multi-user chat rooms with admin controls
- **Message Types**: Text, images, videos, audio, documents
- **Message Status**: Sent, delivered, read receipts
- **Typing Indicators**: Real-time typing status
- **Message Replies**: Reply to specific messages
- **Message Editing**: Edit and delete messages
### Media & File Sharing
- **Image Sharing**: Upload and share images with automatic thumbnail generation
- **Video Support**: Share video files with metadata extraction
- **Document Support**: PDF, Word, Excel, PowerPoint, and more
- **Audio Messages**: Voice recordings and audio file sharing
- **File Validation**: Size limits and type restrictions
- **Secure Storage**: Files stored securely with access control
### Security & Encryption
- **End-to-End Encryption**: RSA + AES hybrid encryption for messages
- **JWT Authentication**: Secure token-based authentication
- **Key Management**: Automatic RSA key pair generation
- **Message Encryption**: Client-side encryption capabilities
- **Secure File Storage**: Protected media file access
### Notifications & Alerts
- **Push Notifications**: Firebase-based mobile notifications
- **Mention Alerts**: @username notifications
- **Real-time Notifications**: WebSocket-based instant alerts
- **Notification History**: Persistent notification storage
- **Custom Notification Types**: Message, mention, group invites
### Advanced Features
- **User Presence**: Online/offline status tracking
- **Last Seen**: User activity timestamps
- **Chat Management**: Admin/owner roles and permissions
- **Member Management**: Add/remove users, role assignment
- **Message Search**: Find messages across chats
- **Unread Counts**: Track unread messages per chat
## Quick Start
### Prerequisites
- Python 3.8+
- pip
### Installation
1. Install dependencies:
```bash
pip install -r requirements.txt
```
2. Run database migrations:
```bash
alembic upgrade head
```
3. Start the application:
```bash
uvicorn main:app --reload
```
The API will be available at `http://localhost:8000`
### API Documentation
- Swagger UI: `http://localhost:8000/docs`
- ReDoc: `http://localhost:8000/redoc`
- OpenAPI JSON: `http://localhost:8000/openapi.json`
### WebSocket Connection
Connect to the WebSocket endpoint for real-time messaging:
```javascript
const ws = new WebSocket('ws://localhost:8000/ws/{access_token}');
// Send a message
ws.send(JSON.stringify({
type: 'send_message',
chat_id: 1,
content: 'Hello, world!',
message_type: 'text'
}));
// Listen for messages
ws.onmessage = (event) => {
const data = JSON.parse(event.data);
console.log('Received:', data);
};
```
## 📡 API Endpoints
### Authentication (`/api/auth`)
- `POST /register` - Register a new user
- `POST /login` - Login with username and password
- `GET /me` - Get current user information
- `PUT /me` - Update user profile
- `POST /device-token` - Update device token for push notifications
### Chats (`/api/chats`)
- `GET /` - Get user's chat list
- `POST /direct` - Create or get direct chat with another user
- `POST /group` - Create a new group chat
- `GET /{chat_id}` - Get chat details and members
- `PUT /{chat_id}` - Update chat information (admin/owner only)
- `POST /{chat_id}/members` - Add member to chat
- `DELETE /{chat_id}/members/{user_id}` - Remove member from chat
### Messages (`/api/messages`)
- `GET /{chat_id}` - Get chat messages with pagination
- `PUT /{message_id}` - Edit a message
- `DELETE /{message_id}` - Delete a message
- `POST /{message_id}/read` - Mark message as read
### Media (`/api/media`)
- `POST /upload/{message_id}` - Upload media files for a message
- `GET /{media_id}` - Download media file
- `GET /{media_id}/thumbnail` - Get media thumbnail
- `GET /{media_id}/info` - Get media file information
- `DELETE /{media_id}` - Delete media file
### Notifications (`/api/notifications`)
- `GET /` - Get user notifications
- `GET /mentions` - Get unread mentions
- `POST /{notification_id}/read` - Mark notification as read
- `POST /mentions/{mention_id}/read` - Mark mention as read
- `POST /read-all` - Mark all notifications as read
- `GET /count` - Get unread notification count
### Encryption (`/api/encryption`)
- `POST /generate-keys` - Generate new RSA key pair
- `GET /public-key` - Get current user's public key
- `GET /public-key/{user_id}` - Get another user's public key
- `POST /encrypt` - Encrypt a message for a user
- `POST /decrypt` - Decrypt a message
- `PUT /public-key` - Update user's public key
### System
- `GET /` - API information and features
- `GET /health` - Health check endpoint
- `GET /api/status` - System status and statistics
## 🏗️ Data Models
### User
- `id`: Unique identifier
- `username`: Username (unique, required)
- `email`: Email address (unique, required)
- `full_name`: Optional full name
- `avatar_url`: Profile picture URL
- `bio`: User biography
- `is_active`: Account status
- `is_online`: Current online status
- `last_seen`: Last activity timestamp
- `public_key`: RSA public key for E2E encryption
- `device_token`: Firebase device token for push notifications
### Chat
- `id`: Unique identifier
- `name`: Chat name (null for direct messages)
- `description`: Chat description
- `chat_type`: "direct" or "group"
- `avatar_url`: Chat avatar image
- `is_active`: Active status
### Message
- `id`: Unique identifier
- `chat_id`: Associated chat
- `sender_id`: Message sender
- `reply_to_id`: Replied message ID (optional)
- `content`: Message content (encrypted)
- `content_type`: "text", "image", "video", "audio", "file", "system"
- `status`: "sent", "delivered", "read", "failed"
- `is_edited`: Edit status
- `is_deleted`: Deletion status
- `created_at`: Send timestamp
### Media
- `id`: Unique identifier
- `message_id`: Associated message
- `filename`: Stored filename
- `original_filename`: Original upload name
- `file_size`: Size in bytes
- `mime_type`: File MIME type
- `media_type`: "image", "video", "audio", "document", "other"
- `width/height`: Image/video dimensions
- `duration`: Audio/video duration
- `thumbnail_path`: Thumbnail file path
### Chat Member
- `id`: Unique identifier
- `chat_id`: Associated chat
- `user_id`: User ID
- `role`: "member", "admin", "owner"
- `nickname`: Chat-specific nickname
- `is_muted`: Mute status
- `joined_at`: Join timestamp
- `last_read_message_id`: Last read message for unread count
### Notification
- `id`: Unique identifier
- `user_id`: Recipient user
- `notification_type`: "message", "mention", "group_invite"
- `title`: Notification title
- `body`: Notification content
- `data`: Additional JSON data
- `is_read`: Read status
- `created_at`: Creation timestamp
## 🔧 Environment Variables
Set the following environment variables for production:
```bash
# Required
SECRET_KEY="your-super-secret-key-change-in-production"
# Optional - Firebase Push Notifications
FIREBASE_CREDENTIALS_PATH="/path/to/firebase-credentials.json"
# OR
FIREBASE_CREDENTIALS_JSON='{"type": "service_account", ...}'
# Optional - Redis for caching (if implemented)
REDIS_URL="redis://localhost:6379"
```
## 💾 Database
The application uses SQLite by default with the database file stored at `/app/storage/db/chat.sqlite`. The database is automatically created when the application starts.
**File Storage Structure:**
```
/app/storage/
├── db/
│ └── chat.sqlite # Main database
├── media/ # Uploaded media files
│ ├── image_file.jpg
│ └── document.pdf
└── thumbnails/ # Generated thumbnails
└── thumb_image_file.jpg
```
## 🔐 Authentication & Security
### JWT Authentication
1. Register a new user or login with existing credentials
2. Include the access token in the Authorization header: `Authorization: Bearer <token>`
3. For WebSocket connections, pass the token in the URL: `/ws/{access_token}`
### End-to-End Encryption
1. **Key Generation**: Each user gets an RSA key pair on registration
2. **Message Encryption**: Messages encrypted with recipient's public key
3. **Hybrid Encryption**: Uses RSA + AES for large messages
4. **Client-Side**: Encryption/decryption can be done client-side
Example encryption workflow:
```python
# Get recipient's public key
GET /api/encryption/public-key/{user_id}
# Encrypt message client-side
POST /api/encryption/encrypt
{
"message": "Hello, this is encrypted!",
"recipient_user_id": 123
}
# Send encrypted message via WebSocket
ws.send({
"type": "send_message",
"chat_id": 1,
"content": "encrypted_content_here"
})
```
## 📱 WebSocket Events
### Client → Server Events
```javascript
// Send message
{
"type": "send_message",
"chat_id": 1,
"content": "Hello!",
"message_type": "text",
"reply_to_id": null
}
// Typing indicators
{
"type": "typing_start",
"chat_id": 1
}
{
"type": "typing_stop",
"chat_id": 1
}
// Mark message as read
{
"type": "message_read",
"message_id": 123,
"chat_id": 1
}
// Join/leave chat room
{
"type": "join_chat",
"chat_id": 1
}
```
### Server → Client Events
```javascript
// New message received
{
"type": "new_message",
"message": {
"id": 123,
"chat_id": 1,
"sender_id": 456,
"sender_username": "john_doe",
"content": "Hello!",
"created_at": "2024-12-20T12:00:00Z"
}
}
// User status updates
{
"type": "user_status",
"user_id": 456,
"username": "john_doe",
"status": "online"
}
// Typing indicators
{
"type": "typing_start",
"chat_id": 1,
"user_id": 456,
"username": "john_doe"
}
// Notifications
{
"type": "mention_notification",
"title": "Mentioned by john_doe",
"body": "You were mentioned in a message",
"chat_id": 1
}
```
## 🔧 Development
### Code Quality
```bash
# Lint and format code
ruff check . --fix
ruff format .
```
### Database Migrations
```bash
# Create new migration
alembic revision --autogenerate -m "Description of changes"
# Apply migrations
alembic upgrade head
# Check current migration
alembic current
```
### Testing WebSocket Connection
```bash
# Install websocat for testing
pip install websockets
# Test WebSocket connection
python -c "
import asyncio
import websockets
import json
async def test():
uri = 'ws://localhost:8000/ws/your_jwt_token_here'
async with websockets.connect(uri) as websocket:
# Send a test message
await websocket.send(json.dumps({
'type': 'send_message',
'chat_id': 1,
'content': 'Test message'
}))
# Listen for response
response = await websocket.recv()
print(json.loads(response))
asyncio.run(test())
"
```
## 🏗️ Architecture
### Technology Stack
- **FastAPI**: Modern, fast web framework with WebSocket support
- **SQLAlchemy**: Python ORM for database operations
- **Alembic**: Database migration management
- **Pydantic**: Data validation using Python type annotations
- **WebSocket**: Real-time bidirectional communication
- **JWT**: JSON Web Tokens for authentication
- **SQLite**: Lightweight database for development
- **Cryptography**: RSA + AES encryption for E2E security
- **Firebase Admin**: Push notification service
- **Pillow**: Image processing and thumbnail generation
### Project Structure
```
app/
├── api/ # API route handlers
│ ├── auth.py # Authentication endpoints
│ ├── chats.py # Chat management
│ ├── messages.py # Message operations
│ ├── media.py # File upload/download
│ ├── notifications.py # Notification management
│ └── encryption.py # E2E encryption utilities
├── core/ # Core utilities
│ ├── deps.py # Dependency injection
│ └── security.py # Security functions
├── db/ # Database configuration
│ ├── base.py # SQLAlchemy base
│ └── session.py # Database session management
├── models/ # SQLAlchemy models
│ ├── user.py # User model
│ ├── chat.py # Chat model
│ ├── message.py # Message model
│ └── ...
├── schemas/ # Pydantic schemas
│ ├── user.py # User schemas
│ ├── chat.py # Chat schemas
│ └── ...
├── services/ # Business logic services
│ ├── media_service.py # File handling
│ ├── encryption_service.py # Encryption logic
│ ├── notification_service.py # Notification management
│ └── push_notification_service.py
├── websocket/ # WebSocket handling
│ ├── connection_manager.py # Connection management
│ └── chat_handler.py # Message handling
└── utils/ # Utility functions
```
### Design Patterns
- **Repository Pattern**: Data access abstraction
- **Service Layer**: Business logic separation
- **Dependency Injection**: Loose coupling
- **Event-Driven**: WebSocket event handling
- **Clean Architecture**: Separation of concerns
## 📊 Performance Considerations
- **Connection Pooling**: SQLAlchemy connection management
- **File Storage**: Local storage with direct file serving
- **Memory Management**: Efficient WebSocket connection tracking
- **Thumbnail Generation**: Automatic image thumbnail creation
- **Message Pagination**: Efficient large chat history loading
- **Real-time Optimization**: WebSocket connection pooling
## 🚀 Deployment
### Production Checklist
- [ ] Set strong `SECRET_KEY` environment variable
- [ ] Configure Firebase credentials for push notifications
- [ ] Set up proper file storage (S3, etc.) for production
- [ ] Configure reverse proxy (nginx) for WebSocket support
- [ ] Set up SSL/TLS certificates
- [ ] Configure database backups
- [ ] Set up monitoring and logging
- [ ] Configure CORS for your frontend domain
### Docker Deployment
```dockerfile
FROM python:3.11-slim
WORKDIR /app
COPY requirements.txt .
RUN pip install -r requirements.txt
COPY . .
EXPOSE 8000
CMD ["uvicorn", "main:app", "--host", "0.0.0.0", "--port", "8000"]
```
This comprehensive chat API provides a solid foundation for building modern messaging applications with real-time communication, security, and scalability in mind.
Reference in New Issue View Git Blame Copy Permalink