Skip to content

theanuragshukla/realtime-auth-dashboard

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

24 Commits
client
client
 
 
server
server
 
 
README.md
README.md
 
 
dump.rdb
dump.rdb
 
 

Repository files navigation

Realtime Auth Dashboard

This is simple PoC design for Realtime account monitoring using Socket.io in Nodejs.

Deployments

Features

  • User Authentication (email + pass)
  • RBAC (user, admin)
  • Twofactor Verification via email
  • User dashboard
    • all devices (logged in/out)
    • logs (all previous activities)
    • Device details
    • Upgrade account to admin
  • Admin dashboard
    • All Users
    • All Activities (global)
    • Access any account
  • Realtime System
    • realtime logs/activities
    • for both local + global(admin level)
  • Emails for each event
  • IP blocking after 3 wrong attempts
  • Admin can logout any user/device
  • Easy deployment (Vercel + Dockerfile)

Tech Stack

  • Frontend
    • NextJS (RTE + UI Framework)
    • ChakraUI (UI Framework)
    • socket.io-client (Socket connection)
    • react-icons + iconsax
    • Visitor API (device telemetry)
  • Backend
    • NodeJS (RTE)
    • ExpressJS (Web Server)
    • bcryptJS (Password hashing)
    • jsonwebtoken (signing auth tokens)
    • nodemailer (SMTP client for sending Emails)
    • socket.io (socket server)
    • zod (schema validation)
    • redis (redis client)
    • pg (postgres client)
    • typeorm (Database ORM)
    • envoix (Env management) [theanuragshukla/envoix]
    • Docker + Docker compose (containerisation + deployment)
    • Azure (Cloud VM)
  • Database
    • Postgres (Persistent User + device data)
    • Redis (IP ban, OTPs, logs, events, pub/sub, etc)

Architecture

image

REST API Routes (READ MORE ABOUT ROUTES)

  • /auth - [NO AUTH]
    • POST /login
    • POST /register
    • POST /verify
    • GET /profile
  • /account - [USER + ADMIN]
    • GET /recent-devices
    • GET /recent-activities
    • GET /all-activities
    • GET /logout-device/:deviceId
    • GET /device/:deviceId
    • GET /upgrade
  • /users - [ADMIN]
    • GET /all
    • GET /:uid
    • DELETE /:uid

REALTIME SYSTEM

  • Server: Socket.io
  • Authentication: AuthToken via cookies (http-only)

Working

  • After User connects, If Authorised, gets added to their Unique room, where all their activities are broadcasted
  • ADMIN can specify forUID in handshake.query, to join any users room or set it to admin for global events/logs
  • every activity is broadcasted to two rooms
    1. User' room (UID)
    2. Admin channel (global)
  • Activities are added broadcasted by REDIS CONSUMER

REDIS

  • Their are two redis instances running
    1. PUB: Publishes all activites to redisDB
    2. SUB: Consumes activities and takes actions accordingly
  • Actions:
    1. OTP
    • saves the users OPT for 2FA (Expire time: 10min)
    1. BAN
    • Saves User's IP as banned (Expire time: 2hrs)
    1. LOG
    • sends new logs through admin and user channels

MAILER

  • Service: nodemailer
  • Sends email to users

Author

developed by Anurag Shukla

About

Realtime Authentiacation Monitoring Dashboard

realtime-auth-dashboard.vercel.app

Topics

authentication nextjs socket-io realtime realtime-tracking dashbo

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages