A modern, secure, and anonymous real-time chat application built with Node.js, WebSockets, and modern web technologies.
- Complete anonymity - No registration required
- HTTPS/WSS encryption - Secure connections
- Input sanitization - XSS protection
- Rate limiting - Spam protection
- Content Security Policy - Enhanced security headers
- Real-time messaging - Instant communication
- User mentions (@username) with sound notifications
- Dynamic usernames - Generated or custom nicknames
- Message persistence - Local storage for chat history
- Commands system -
/help,/nick,/users,/clear - Character counter - 500 character limit with visual feedback
- Glassmorphism design - Beautiful modern interface
- Responsive layout - Works on all devices
- Dark theme - Easy on the eyes
- Smooth animations - Enhanced user experience
- PWA support - Install as mobile/desktop app
- Accessibility - Screen reader support, keyboard navigation
- WebSocket connections - Real-time communication
- Service Worker - Offline capability and caching
- Auto-reconnection - Handles network issues
- Message queuing - Queues messages when offline
- Error handling - Graceful error recovery
- Node.js v16 or higher
- npm or yarn package manager
- SSL certificates (for HTTPS - recommended for production)
-
Clone the repository
git clone https://github.com/notYarazi/room21.git cd Room21 -
Install dependencies
npm install
-
Configure server type (Optional)
- HTTP Mode (Development): Default, no certificates needed
- HTTPS Mode (Production): Requires SSL certificates
- Set via environment variable:
USE_HTTPS=trueorUSE_HTTPS=false
-
Set up SSL certificates (Only for HTTPS mode)
- Create the certificate directory:
src/public/assets/cert/ - Place your SSL certificate files:
cert.pem- SSL certificatekey.pem- Private key
- For development, you can generate self-signed certificates
- Create the certificate directory:
-
Start the server
# Development (HTTP) - Default npm run dev # Development (HTTPS) - Requires certificates npm run dev:https # Production (HTTPS) npm run prod # Manual control USE_HTTPS=false npm start # HTTP mode USE_HTTPS=true npm start # HTTPS mode
-
Access the application
- HTTP Mode:
http://localhost:3000 - HTTPS Mode:
https://localhost:3000 - Accept the self-signed certificate warning if using development certificates
- HTTP Mode:
The server can run in HTTP or HTTPS mode:
-
HTTP Mode (Default):
USE_HTTPS=false- Faster setup for development
- No SSL certificates required
- Not suitable for production
-
HTTPS Mode:
USE_HTTPS=true- Secure encrypted connections
- Requires SSL certificates
- Recommended for production
PORT- Server port (default: 3000)NODE_ENV- Environment (production/development)SESSION_SECRET- Session secret key
- Message rate limiting: 1 message per second
- Maximum message length: 500 characters
- Session timeout: 24 hours
Room21 can be installed as a Progressive Web App:
- Open the app in a supported browser
- Look for the "Install" or "Add to Home Screen" option
- Follow the browser prompts to install
/help- Show available commands/nick <name>- Change your nickname/users- List online users/clear- Clear chat history (admin-like feature)
- Express.js - Web server framework
- WebSocket - Real-time communication
- Helmet - Security middleware
- CORS - Cross-origin resource sharing
- Express-session - Session management
- Modern ES6+ - Clean, modern JavaScript
- CSS Variables - Consistent theming
- WebSocket API - Real-time communication
- Service Worker - PWA functionality
- Local Storage - Message persistence
- Check File Structure File
- HTML sanitization to prevent XSS
- Message length limits
- Command validation
- Username format validation
- Per-client message rate limiting
- Spam protection mechanisms
- Connection throttling
- HTTPS/WSS enforcement
- CORS policy configuration
- Security headers (CSP, X-Frame-Options, etc.)
- Session security
- Install dependencies:
npm install - Start development server:
npm run dev - Make changes and test locally
- Server-side: Modify
server.jsfor backend features - Client-side: Update
script.jsfor frontend features - Styling: Edit
style.cssfor UI changes
- Test WebSocket connections
- Verify security features
- Check responsive design
- Test PWA functionality
- Contributing Guidelines - How to contribute to the project
- Changelog - Detailed version history and changes
- License - Creative Commons licensing terms
We welcome contributions! Please read our Contributing Guidelines before submitting pull requests.
- Fork the repository
- Create a feature branch
- Make your changes
- Test thoroughly
- Submit a pull request
See CONTRIBUTING.md for detailed guidelines.
-
UmaEra (NotYarazi) - Original development
-
wassammy & dhummy - Contributors (testing & support)
-
Community - Thanks to all users and contributors out there!
This project is licensed under the DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE.
- ✅ Free to use for non-commercial purposes
- ✅ Free to distribute and share
- ✅ Free to modify and adapt
- ✅ Free to use commercially without permission
- ✅ No Attribution required when sharing or modifying
so.. absolute freedom, do whatever, just make it cool.
See the LICENSE file for details.
Room21 is built with privacy-first principles:
- No user registration or personal data collection
- No server-side message storage
- Complete anonymity by design
- HTTPS/WSS encryption for all communications