#Privacy first chat application

1 messages · Page 1 of 1 (latest)

lilac ember
#

Use case - Here 2 users share their public key out of the platform then start chatting they can change the key anytime and also that the messages are not stored in server

Architecture - There is a Auth/Register micro service which will register & store the logged in user details in MongoDB just when the user is online I will pull the user data to Redis later there is a web socket gateway which basically transfers the messages between 2 users

Q1. how to maintain the auth details in Redis so that the Web socket gateway can establish a connection
Q2 . Is there any Improvements or flaws in the design

Thinkfused

image.png
agile blazeBOT
#

<@&987246841693360200> please have a look, thanks.

safe forum
#

You only need to do a server side event endpoint for each user to receive all other user message.

#

And make 1 endpoint where all user send message to other.

#

Save and cache nothing.

#

No redis

#

Just make is some kind of event server.

#

You could even make it a mqtt server.

#

And have the logic only in the client app.

#

No need to login, you just want a server on to rebound message on.

#

Make a token so that only people with your app can use your server at least.

#

Use 2 factor Auth token.

#

The one that change with time every 30 sec

#

You want to actually keep nothing of your users

#

Just generate a uuidv7 as the user ID the first time from the server

#

When the client open, the first time they ask a uuid from the server.

#

From that uuid the client create a ssl key pair

#

Exchange by qr

#

The xchange add a contact that you can rename just after.

lilac ember
#

I want user to be authenticated to the server ryt

safe forum
#

Why? Is it not made to be private?

#

Why do you need a login?

#

What does the user need to be logged in for?

lilac ember
lilac ember
safe forum
#

Yeah? Is the chat not crypted by ssl?

lilac ember
lilac ember
lilac ember
safe forum
#

Well then only the other user can read it.

#

Not even the server

#

I am not talking about https

#

You get that ssl is like someone giving you a lock open that you can use to lock a box and send to the other person, as he is the only one with the key.

lilac ember
safe forum
#

So your chat is not truly private

lilac ember
safe forum
#

I mean, from the device of user1 you generate a ssl key pair, same for user2, exchange public key by qr code reader, then chat by sending message crypted with the key.

#

Each message get uncrypted when received

lilac ember
#

yesssssssssss

safe forum
#

No one can send you message if you did not give them your key

#

And you cannot receive message from someone who did not give you their key.

lilac ember
lilac ember
safe forum
#

Just make the one sending encrypt 2 time the message, with theirs key and the other key.

#

It will not, only 1 server sent event endpoint by user

lilac ember
#

I didnt get you

safe forum
#

You send to /send/otheruseruuid

#

Listen to all message from /receive/myuseruuid

#

It is a 2 path app.

#

Read about sse

#

Sse is less costly than ws

#

And scale with http cache server like varnish

lilac ember
safe forum
lilac ember
#

then how to get msg from user to server then

safe forum
#

Just a post

lilac ember
#

nah I expect it to be a full duplex post calls are costly

#

its a chat application post will not be efficient

safe forum
#

Maybe, but less than ws

#

Ws does not scale

lilac ember
#

it can scale using AWS Gat way and dynamodb
nvm I will check for that article
but I need to authenticate the user for that so I am asking

safe forum
#

Aws...

#

Wow you want to pay lots.

lilac ember
#

nah this is expected in terms of scale so I dont want to make it HTTPS call I want the lowest latency and other requirements go to that requirement

other requirement -
I want to know weatherthe user is online or no ect ...

safe forum
#

So, I just made the server for it with vert.x, pretty interesting.

lilac ember
#

what is vert.x

lilac ember
#

dammmmmmmmmmmm its a whole new thing now

safe forum
#

Well, it is perfect to make 4 path apps.

agile blazeBOT
#

@lilac ember

Your question has been closed due to inactivity.

If it was not resolved yet, feel free to just post a message below
to reopen it, or create a new thread.

Note that usually the reason for nobody calling back is that your
question may have been not well asked and hence no one felt confident
enough answering.

When you reopen the thread, try to use your time to improve the quality
of the question by elaborating, providing details, context, all relevant code
snippets, any errors you are getting, concrete examples and perhaps also some
screenshots. Share your attempt, explain the expected results and compare
them to the current results.

Also try to make the information easily accessible by sharing code
or assignment descriptions directly on Discord, not behind a link or
PDF-file; provide some guidance for long code snippets and ensure
the code is well formatted and has syntax highlighting. Kindly read through
https://stackoverflow.com/help/how-to-ask for more.

With enough info, someone knows the answer for sure 👍

lilac ember
#

What is 4 path apps?

lilac ember
#

How can I repoen it?

turbid knot
#

just add a new message in here