The Zuri Core is an open-source API that serves as the backend and backbone of Zuri Chat

Overview

ZC_CORE Go Reference

Zuri Chat Core Api

See the docs for everything: Zuri Chat Documentation

GitHub repo size

Description

The Zuri Chat Core (ZC_Core) is an open source API that serves as the backend and backbone of Zuri Chat - an open source slack clone developed during the HNG8 internship program

Zuri Chat implements a plug-in system that allows for much more functionality because different plugins can be developed by different creators. These plugins can then rest on the Zuri Chat Core backbone (ZC_Core) which is written in Golang

Language

ZC_Core was written in Go because it is a fast, compiled language and it is easily scaled. Concurrency in Go is also ideal for implementing a plugin structure. This makes it easy to build on the project and allows for future expansion.

API Documentation

A list of the endpoints and the functions they implement can be found here detailing information about the all API resources.

Getting Started

This is an example of how you can setup your project locally. To get a local copy up and running follow these simple example steps.

Prerequisites

  1. Go 1.16 or lastest version already installed on your local machine.
  2. MongoDB

Installation

  1. Run an instance of MongoDB
$ mongod
  1. Create and populate a .env file with its keys corresponding values as listed in example.env
  2. Run zc_core from project root directory
$ cd /path/to/zc_core
$ go run main.go

Testing

  1. Lint checks are done with golangci-lint - an aggregator of linters
$ cd /path/to/zc_core
$ golangci-lint run --timeout 2m
  1. Automated unit and integration tests done with golang's builtin testing package.
$ go test -v ./...  -cover

Features

  • Blog: Content management package for the CRUD of blog posts and associated services
  • Contact: Service to process all user-related inquiries, complaints, and service-related suggestions
  • Data: Data management for plugins
  • Docs: OpenAPI specification for all resources
  • External: Desktop application download, email subscriptions, etc...
  • Marketplace: Plugins marketplace
  • Messaging: Realtime messaging service with SocketIO
  • Organizations: Organization management system
  • Plugin: Plugin management system
  • Realtime Communication (RTC): Connection authentication, subcription and pulishing service with centrifugo proxy server
  • Report: Report generation and viewing service
  • Services: Mail and file upload service package
  • Users: User management system
  • Utils: Utility package of shared helper functions and data types

Contributing

Pull requests are welcome from the zc_core_main team. Please review the issues created before making a pull request or create an issue if the issue you solve is not already listed.

  1. Fork/Clone the Project
  2. Create your Feature Branch (git checkout -b [branch name])
  3. Lint your Changes (golangci-lint run --timeout 2m)
  4. Commit your Changes (git commit -m "Added some amazing features")
  5. Push to the Branch (git push origin [branch name])
  6. Open a Pull Request
Comments
  • [SECURITY] Registration confirmation code exposed on response

    [SECURITY] Registration confirmation code exposed on response

    A request to create a user on the /users endpoint returns a verification code on the response.
    This makes email verification pretty useless at the moment as I can register with any email account and get verified easily.

    https://github.com/zurichat/zc_core/blob/6d57d932a43d253c6bd46f308a1f669d416e3de5/user/user.go#L97-L99

    opened by murageyun 4
  • Auth: As a user, I should be able to register

    Auth: As a user, I should be able to register

    PR - https://github.com/zurichat/zc_core/pull/188

    Slack - HOD

    Link - https://api.zuri.chat/users/6133d00e0366b6816a0b75c1

    The link shows the details of a user created successfully

    Another test link which I worked on is a form that accepts details and implements the create user logic is https://api.zuri.chat/usersform from PR - https://github.com/zurichat/zc_core/pull/238 but not currently live. It has been merged but my team (Newton) is currently experiencing problems with auto deployment probably due to the dev branch we introduced again.

    opened by DavidHODs 3
  • Blog features

    Blog features

    Updated the blog workflow backend @DavidHODs @Aminujb @UfiairENE

    • Modified the models.go folder to add new models for likes and comments. Separated likes and comments into different collections to minimize data sent to the client
    • Modified the create blog function to allow creation of like and comments documents whilst creating a new blog
    • Implemented the like function. User can like and unlike using the same endpoint. If user hasn't liked, we like, store the userId in the blog document in the bloglikes collection and increment the like count by 1. Else, the userId is removed from the document and the like count is decremented
    • Implemented the comment function. User can comment. We store the comment in the blog document in the blogcomments collection and increment the comment count by 1
    • Created a function to estimate reading time in minutes of a blog post
    • Added a Generic update method in utils/db.go to allow generic updates like array increment, object field setting etc.

    Some of the changes are increases in whitespace caused by code editor formatting Haven't used authentication of routes yet, need to know admin role and authentication of admin

    opened by farouqu 2
  • Auth check for valid token #234

    Auth check for valid token #234

    Endpoints that require authentication should not allow a user to access them without a valid token that was provided by the login endpoint. the middleware checks the token against the secret key and signing algorithm. issue #234 /v1/welcome is protected so you need an authorization token to access it.

    opened by rock16 2
  • created user registration handler

    created user registration handler

    I created a handler for the auth/register endpoint. It creates a MongoDB doc for "Users". Let me know if there are any corrections or additions to be made. Issue #114

    opened by Khrees2412 2
  • Auth: As a User, i should be able to login with magic link

    Auth: As a User, i should be able to login with magic link

    I should be able to login without a password, only email address

    Payload:

    • organisation id
    • email address

    Flow:

    • Check if user email exists
    • Generate a auto_login token with user information e.g email, organisation id, user id
    • Send magic link to user email address

    Endpoint: api.zuri.chat/auth/:organisation_id/login

    pending review Auth 
    opened by samsoft00 2
  • CVE-2022-28948 (Medium) detected in github.com/go-yaml/yaml-v2.4.0 - autoclosed

    CVE-2022-28948 (Medium) detected in github.com/go-yaml/yaml-v2.4.0 - autoclosed

    CVE-2022-28948 - Medium Severity Vulnerability

    Vulnerable Library - github.com/go-yaml/yaml-v2.4.0

    YAML support for the Go language.

    Dependency Hierarchy:

    • github.com/spf13/viper-v1.9.0 (Root Library)
      • :x: github.com/go-yaml/yaml-v2.4.0 (Vulnerable Library)

    Found in base branch: dev

    Vulnerability Details

    An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input.

    Publish Date: 2022-05-19

    URL: CVE-2022-28948

    CVSS 3 Score Details (5.5)

    Base Score Metrics:

    • Exploitability Metrics:
      • Attack Vector: Local
      • Attack Complexity: Low
      • Privileges Required: None
      • User Interaction: Required
      • Scope: Unchanged
    • Impact Metrics:
      • Confidentiality Impact: None
      • Integrity Impact: None
      • Availability Impact: High

    For more information on CVSS3 Scores, click here.

    Suggested Fix

    Type: Upgrade version

    Origin: https://github.com/advisories/GHSA-fm53-mpmp-7qw2

    Release Date: 2022-05-19

    Fix Resolution: v3.0.0


    Step up your Open Source Security Game with Mend here

    security vulnerability 
    opened by mend-bolt-for-github[bot] 1
  • Register plugin has two endpoints.

    Register plugin has two endpoints.

    This should be just one. --> /plugins/register

    h.Router.HandleFunc("/plugins/register", ph.Register).Methods("POST") h.Router.HandleFunc("/plugins", ph.Register).Methods("POST")

    opened by Aminujb 1
  • Review

    Review "install plugin" in organization data storage flow

    Currently, a collection is created for a single organization to old the installed plugins details. In an event where there are 500 organizations, that's 500 collections created. A review of this flow is needed to find a much better way to reduce collection creation and better management.

    opened by Aminujb 1
  • added query options to POST data/read request so query modifications can be performed

    added query options to POST data/read request so query modifications can be performed

    This update adds query modifier options to the body to the read request so actions like $limit, $sort, $skip can be performed

    • modified the read request to accomodate some mongodb query modifier options
    • modified the utils/GetMongoDocs to allow FindOptions
    • Also removed password from GetUser(s) response
    opened by 0xdod 1
  • Transfer Org

    Transfer Org

    Wo, oga @Aminujb, me ayaff been doing and testing you and oga mark work since lastnight ooo.

    After many trials and errors and plenty debugging, I have come to the conclusion that's its not me but you and the organization module, specifically , the members collection.

    I will say search through, e no go search through, update, e no go update and I'm 100% sure I have the needes resources to carry out those operations.

    Majorly two issues in this PR - the part where I try to confirm the proposed new owner is a member of the organization - e no give me result wey I want.

    And the update document part, e dey refuse to update.

    Thanks...

    opened by DavidHODs 1
  • Feat- implelented Agora token generator for Agora engine authentication

    Feat- implelented Agora token generator for Agora engine authentication

    -Created an end point to generate Agora RTC token base on users

    • Channelname *role *tokenType *uid
    • Fixed token expiration of 2 hours
    • Endpoint = {{url}}/rtc/{channelName}/{role}/{tokentype}/{uid}/
    • role = "publisher" or "subscriber" string
    • tokentype = "userAccount" or "uid" string
    • uid= integer
    • channelName = string
    opened by taiwonaf 0
  • Re-activate account after deactivated on re-create.

    Re-activate account after deactivated on re-create.

    Hi, I noticed that if u delete an account on zuri.chat, it's not actually deleted.

    You can't signup again using that account because it already exists and when you try to login, u get a not verified error.

    So when the account is trying to recreate it should reactivate it and not have verification problem or even reverify it

    opened by samsoft00 0
  • Verification for accounts without a gmail address

    Verification for accounts without a gmail address

    Accounts without gmail addresses are not restricted from the zurichat signup process but the verification code required to actually complete the process doesn't get delivered to the email address.

    opened by pauline-banye 0
Owner
Zuri Chat
An open source, very flexible group communication tool
Zuri Chat
Flagr is an open source Go service that delivers the right experience to the right entity and monitors the impact.

Flagr is an open source Go service that delivers the right experience to the right entity and monitors the impact. It provides feature flags, experimentation (A/B testing), and dynamic configuration. It has clear swagger REST APIs for flags management and flag evaluation.

null 2k Nov 19, 2022
RoadRunner: an open-source high-performance PHP application server, load balancer, and process manager

RoadRunner is an open-source (MIT licensed) high-performance PHP application server, load balancer, and process manager. It supports running as a serv

Spiral Scout 0 Jan 13, 2022
⚡ A fast, lightweight, and secure chat protocol, client and server, written in Go.

⚡ A fast, lightweight, and secure chat protocol, client and server, written in Go.

Bolt 17 Oct 27, 2022
An open-source, on-prem feature flag solution

An open-source, on-prem feature flag solution Documentation | Features | Values | Examples | Enterprise Flipt is an open source, on-prem feature flag

Mark Phelps 1.9k Nov 19, 2022
CasaOS - A simple, easy-to-use, elegant open-source home server system.

CasaOS - A simple, easy-to-use, elegant open-source home server system. CasaOS is an open-source home server system based on the Docker ecosystem and

IceWhale 7.4k Nov 27, 2022
Go package for the BeagleBone open source hardware

go-beaglebone Go package for the BeagleBone open source hardware Also check out https://github.com/SpaceLeap/go-embedded This package builds on top of

Space Leap 15 Jul 6, 2019
A feature flag solution, with only a YAML file in the backend (S3, GitHub, HTTP, local file ...), no server to install, just add a file in a central system and refer to it. 🎛️

??️ go-feature-flag A feature flag solution, with YAML file in the backend (S3, GitHub, HTTP, local file ...). No server to install, just add a file i

Thomas Poignant 549 Nov 23, 2022
Formrecevr is a simple and lightweight from receiver backend primarily designed for (but not limited to) static websites.

Formrecevr Formrecevr (pronunced "Form receiver") is a simple and lightweight from receiver backend primarily designed for (but not limited to) static

Dorian Zedler 2 Apr 17, 2022
Web server for running Brainfuck on the backend

Brainfuck Web Server Web server for running Brainfuck on the backend Run go run . <brainfuck file> The server will start on port 8080 by default. You

Fabrizio Delcompare 3 Oct 25, 2021
Backend for Workery application server implemented in Golang

workery-server Backend for Workery application server implemented in Golang. This is a rewrite of the workery-django project. Development Goals: Rewri

Over 55 (London) Inc. 1 Aug 27, 2022
Open platform to collect and prioritize product feedback

Fider A platform to collect and organize customer feedback. Let your customers share, vote and discuss on suggestions they have to make your product e

getfider 2.1k Nov 19, 2022
Opinionated boilerplate Golang HTTP server with CORS, OPA, Prometheus, rate-limiter for API and static website.

Teal.Finance/Server Opinionated boilerplate HTTP server with CORS, OPA, Prometheus, rate-limiter… for API and static website. Origin This library was

teal.finance 8 Nov 3, 2022
Heart 💜A high performance Lua web server with a simple, powerful API

Heart ?? A high performance Lua web server with a simple, powerful API. See the full documentation here. Overview Heart combines Go's fasthttp with Lu

Hyperspace Logistics 77 Aug 31, 2022
Simple Golang Product API Server

Simple Golang Product API Server Layanan API untuk menambah, merubah informasi, mengambil data dan menghapus produk. Implementasi kode terinspirasi ol

Widya Ade Bagus 2 Nov 20, 2022
A simple server with REST API to keep track of your TODOs (with html interface).

TODOserver A simple server written in GO using gin and gorm. Getting started Download the repository docker build -t todoserver . docker run -p 8888:8

Aidar Shagiyev 0 Nov 10, 2021
ready-to-use RTSP / RTMP server and proxy that allows to read, publish and proxy video and audio streams

rtsp-simple-server is a simple, ready-to-use and zero-dependency RTSP / RTMP server and proxy, a software that allows users to publish, read and proxy live video and audio streams. RTSP is a specification that describes how to perform these operations with the help of a server, that is contacted by both publishers and readers and relays the publisher's streams to the readers.

Alessandro Ros 4.3k Nov 20, 2022
Fully featured and highly configurable SFTP server with optional FTP/S and WebDAV support - S3, Google Cloud Storage, Azure Blob

SFTPGo Fully featured and highly configurable SFTP server with optional FTP/S and WebDAV support, written in Go. Several storage backends are supporte

Nicola Murino 5.1k Nov 23, 2022
RBTI Golang Server uses PostgreSQL and for its main database and uses Elasticsearch

RBTI Golang Server This server is used for my thesis project, it uses PostgreSQL and for its main database and uses Elasticsearch for faster query spe

Haikal Ikhwan 0 Jan 17, 2022