A comprehensive real-time messaging API built with Node.js, featuring automatic message planning, queue management, and real-time communication capabilities.
- Real-time messaging with Socket.IO
- JWT-based authentication with refresh tokens
- Automatic message planning and distribution
- Message queuing with RabbitMQ
- Online user tracking with Redis
- Conversation management
- Cron job scheduling for automated tasks
- Helmet.js for security headers
- CORS configuration
- Input validation and sanitization
- Rate limiting with express-rate-limit
- Token blacklisting system
- Microservices-ready design
- Scalable queue system with retry mechanisms
- Database optimization with MongoDB
- Caching layer with Redis
- Error handling and logging
- Health monitoring endpoints
- Runtime: Node.js 18+
- Framework: Express.js 5.x
- Database: MongoDB with Mongoose
- Cache: Redis
- Message Queue: RabbitMQ
- Real-time: Socket.IO
- Authentication: JWT
- Security: Helmet.js, express-rate-limit
- Task Scheduling: node-cron
- Environment: dotenv
- Node.js 18.x or higher
- MongoDB 5.x or higher
- Redis 6.x or higher
- RabbitMQ 3.8.x or higher
-
Clone the repository
git clone https://github.com/ismetcanbyk/NodeLabs-Case.git cd NodeLabs-Case -
Install dependencies
npm install
-
Environment configuration
cp env.example .env
-
Configure environment variables
# Server PORT=3000 NODE_ENV=development # Database MONGODB_URI=mongodb://localhost:27017/nodelabs # Redis REDIS_HOST=localhost REDIS_PORT=6379 # RabbitMQ RABBITMQ_URL=amqp://localhost # JWT JWT_SECRET=your-super-secret-jwt-key JWT_REFRESH_SECRET=your-super-secret-refresh-key JWT_EXPIRES_IN=15m JWT_REFRESH_EXPIRES_IN=7d
-
Start services
# Start MongoDB (if not running) mongod # Start Redis (if not running) redis-server # Start RabbitMQ (if not running) rabbitmq-server
-
Run the application
# Development mode npm run dev # Production mode npm start
# Start all services with Docker Compose
docker-compose up -d| Variable | Description | Default |
|---|---|---|
PORT |
Server port | 3000 |
MONGODB_URI |
MongoDB connection string | mongodb://localhost:27017/nodelabs |
REDIS_HOST |
Redis host | localhost |
REDIS_PORT |
Redis port | 6379 |
RABBITMQ_URL |
RabbitMQ connection string | amqp://localhost |
JWT_SECRET |
JWT secret key | Required |
JWT_REFRESH_SECRET |
JWT refresh secret key | Required |
POST /api/auth/register # User registration
POST /api/auth/login # User login
POST /api/auth/refresh # Refresh JWT token
POST /api/auth/logout # User logout
GET /api/auth/me # Get current user infoGET /api/user/list # Get user listPOST /api/messages/send # Send message
GET /api/messages/:conversationId # Get conversation messages
PUT /api/messages/:messageId/read # Mark message as readGET /api/conversations # Get user conversationsGET /api/system/status # System health check
GET /api/system/queue-stats # Queue statistics
POST /api/system/trigger-planning # Trigger message planning
POST /api/system/trigger-queue # Trigger queue management
POST /api/system/create-test-message # Create test message
POST /api/system/start-test-planning-cron # Start test cron job
POST /api/system/stop-test-planning-cron # Stop test cron job// Connection
socket.emit("join_room", { conversationId: "room_id" });
socket.emit("leave_room", { conversationId: "room_id" });
// Messaging
socket.emit("send_message", {
conversationId: "conv_id",
content: { text: "Hello World!" },
messageType: "text",
});
// Status
socket.emit("mark_message_read", {
messageId: "msg_id",
conversationId: "conv_id",
});
socket.emit("get_online_users", { conversationId: "conv_id" });// Connection status
socket.on("user_online", (data) => {
/* User came online */
});
socket.on("user_offline", (data) => {
/* User went offline */
});
// Room management
socket.on("room_joined", (data) => {
/* Successfully joined room */
});
socket.on("room_left", (data) => {
/* Successfully left room */
});
// Messaging
socket.on("message_received", (data) => {
/* New message received */
});
socket.on("message_read", (data) => {
/* Message marked as read */
});
// Online users
socket.on("online_users_list", (data) => {
/* Online users in conversation */
});
// Errors
socket.on("error", (error) => {
/* Error occurred */
});NodeLabs/
βββ config/
β βββ database.js # Database configuration
βββ middleware/
β βββ auth.js # JWT authentication middleware
βββ models/
β βββ User.js # User model
β βββ Message.js # Message model
β βββ Conversation.js # Conversation model
β βββ AutoMessage.js # Auto message model
βββ routes/
β βββ auth.js # Authentication routes
β βββ user.js # User management routes
β βββ message.js # Messaging routes
β βββ conversation.js # Conversation routes
βββ services/
β βββ redisService.js # Redis operations
β βββ rabbitService.js # RabbitMQ operations
β βββ cronService.js # Cron job management
βββ server.js # Main server file
βββ package.json # Dependencies
βββ docker-compose.yaml # Docker configuration
βββ README.md # This file
- Scheduled execution: Every night at 02:00 AM
- Algorithm: Pairs active users randomly
- Templates: Greeting, motivation, questions, fun facts, quotes
- Smart scheduling: Random send times between 1-24 hours
- Processing: Every minute check for ready messages
- Retry mechanism: Exponential backoff for failed messages
- Dead letter queue: For messages exceeding max retries
- Priority system: Message prioritization (3-7 scale)
- Real-time delivery: Via Socket.IO
- Automatic processing: RabbitMQ consumer
- Error handling: Comprehensive retry and logging
- Status tracking: Complete message lifecycle monitoring
curl http://localhost:3000/api/system/statusResponse:
{
"system": {
"uptime": 3600,
"node_version": "v18.17.0"
},
"services": {
"mongodb": true,
"redis": true,
"rabbitmq": true,
"cronJobs": true
},
"stats": {
"onlineUsers": 5,
"messageQueue": {
"queue": "message_sending_queue",
"messageCount": 0,
"consumerCount": 1
},
"failedMessages": {
"queue": "failed_messages",
"messageCount": 0
}
}
}Open test-socket.html in your browser for interactive WebSocket testing.
- Helmet.js: Security headers protection
- CORS: Cross-origin resource sharing control
- JWT: Secure token-based authentication
- Input validation: Request data sanitization
- Rate limiting: API abuse prevention
- Token blacklisting: Logout security
- Error handling: Information disclosure prevention
The API implements multiple layers of rate limiting to prevent abuse:
| Endpoint Type | Limit | Window | Description |
|---|---|---|---|
| General API | 100 requests | 15 minutes | Applied to all endpoints |
| Authentication | 5 requests | 15 minutes | Login, register, refresh |
| Messaging | 30 requests | 1 minute | Send message endpoints |
| System Admin | 10 requests | 5 minutes | System management endpoints |
HTTP/1.1 429 Too Many Requests
{
"error": "Too many requests from this IP, please try again later.",
"retryAfter": "15 minutes"
}- Connection pooling: Database and Redis connections
- Caching strategy: Redis for frequently accessed data
- Queue optimization: Message batching and prioritization
- Database indexing: Optimized queries
- Memory management: Efficient data structures
- Async operations: Non-blocking I/O operations
- Fork the repository
- Create a feature branch:
git checkout -b feature/amazing-feature - Commit your changes:
git commit -m 'Add amazing feature' - Push to the branch:
git push origin feature/amazing-feature - Open a Pull Request
This project is licensed under the MIT License - see the LICENSE file for details.
Δ°smet Can Byk
- GitHub: ismetcanbyk
- Email: ismetcanbyk@gmail.com
β If you find this project useful, please give it a star! β