
- Complete NestJS TypeScript implementation with WebSocket support - Direct messaging (DM) and group chat functionality - End-to-end encryption with AES encryption and key pairs - Media file support (images, videos, audio, documents) up to 100MB - Push notifications with Firebase Cloud Messaging integration - Mention alerts and real-time typing indicators - User authentication with JWT and Passport - SQLite database with TypeORM entities and relationships - Comprehensive API documentation with Swagger/OpenAPI - File upload handling with secure access control - Online/offline status tracking and presence management - Message editing, deletion, and reply functionality - Notification management with automatic cleanup - Health check endpoint for monitoring - CORS configuration for cross-origin requests - Environment-based configuration management - Structured for Flutter SDK integration Features implemented: ✅ Real-time messaging with Socket.IO ✅ User registration and authentication ✅ Direct messages and group chats ✅ Media file uploads and management ✅ End-to-end encryption ✅ Push notifications ✅ Mention alerts ✅ Typing indicators ✅ Message read receipts ✅ Online status tracking ✅ File access control ✅ Comprehensive API documentation Ready for Flutter SDK development and production deployment.
2.3 KiB
2.3 KiB
Changelog
All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
Unreleased
0.6.0 - 2022-05-20
Security
- Improved robustness against session fixation attacks in cases where there is physical access to the same system or the application is susceptible to cross-site scripting (XSS).
0.5.3 - 2022-05-16
Fixed
initialize()
middleware extends request withlogin()
,logIn()
,logout()
,logOut()
,isAuthenticated()
, andisUnauthenticated()
functions again, reverting change from 0.5.1.
0.5.2 - 2021-12-16
Fixed
- Introduced a compatibility layer for strategies that depend directly on
passport@0.4.x
or earlier (such aspassport-azure-ad
), which were broken by the removal of private variables inpassport@0.5.1
.
0.5.1 - 2021-12-15
Added
- Informative error message in session strategy if session support is not available.
Changed
authenticate()
middleware, rather thaninitialize()
middleware, extends request withlogin()
,logIn()
,logout()
,logOut()
,isAuthenticated()
, andisUnauthenticated()
functions.
[0.5.0] - 2021-09-23
Changed
initialize()
middleware extends request withlogin()
,logIn()
,logout()
,logOut()
,isAuthenticated()
, andisUnauthenticated()
functions.
Removed
login()
,logIn()
,logout()
,logOut()
,isAuthenticated()
, andisUnauthenticated()
functions no longer added tohttp.IncomingMessage.prototype
.
Fixed
userProperty
option toinitialize()
middleware only affects the current request, rather than all requests processed via singleton Passport instance, eliminating a race condition in situations whereinitialize()
middleware is used multiple times in an application withuserProperty
set to different values.