A comprehensive full-stack web application built with Go backend and modern frontend technologies. Features include real-time WebSocket communication, secure authentication, static file serving, and server-side rendering capabilities.
- HTTP API using
net/httpandchirouter - JSON-based REST endpoints with comprehensive error handling
- JWT-based authentication with role support and CSRF protection
- PostgreSQL integration using
sqlxwith migrations - Redis caching and session management
- WebSocket support with authentication, rate limiting, and room-based messaging
- Static file serving with SPA fallback for React Router
- Server-side rendering hooks for future SSR implementation
- Background job processing with asynq
- Comprehensive monitoring with Prometheus, OpenTelemetry, and health checks
- Security-first approach with rate limiting, input validation, and security headers
- Modern responsive UI with CSS Grid and Flexbox
- Real-time chat via WebSocket connections
- Authentication system with JWT token management
- SPA architecture with client-side routing support
- Static file serving from Go backend
- SSR-ready templates for future server-side rendering
- Admin Dashboard with glassmorphic design and real-time monitoring
- Docker containerization with multi-stage builds
- Docker Compose for development and production
- Load testing with k6 and comprehensive test suites
- Security scanning with automated vulnerability detection
- CI/CD ready with comprehensive testing and deployment scripts
connex/
βββ cmd/ # Application entry points
β βββ server/
β βββ main.go # Main server with WebSocket and static file support
βββ internal/ # Application logic
β βββ api/ # HTTP handlers and WebSocket
β β βββ auth/ # Authentication handlers
β β βββ user/ # User management
β β βββ websocket/ # WebSocket handler with rooms and messaging
β β βββ ssr/ # Server-side rendering hooks
β βββ service/ # Business logic
β βββ db/ # Database access & migrations
β βββ middleware/ # HTTP middleware (security, logging, etc.)
β βββ job/ # Background tasks
β βββ config/ # Configuration management
βββ pkg/ # Shared libraries
β βββ hash/ # Password hashing
β βββ jwt/ # JWT utilities
β βββ logger/ # Structured logging
βββ web/ # Frontend application
β βββ public/ # Static assets (served by Go)
β β βββ index.html # Main SPA with WebSocket chat
β β βββ admin.html # Admin dashboard with glassmorphic UI
β βββ src/ # Frontend source code
βββ tests/ # Comprehensive test suites
βββ scripts/ # Build and deployment scripts
βββ Dockerfile # Multi-stage container build
βββ docker-compose.yml # Development environment
βββ docker-compose.prod.yml # Production environment
βββ Makefile # Build automation
βββ README.md # This file
- Go >= 1.24.3
- PostgreSQL >= 14
- Redis >= 6
- Docker (optional, for containerized setup)
- Node.js >= 18 (for frontend development)
git clone https://github.com/wdarrenww/connex.git
cd connexCreate a .env file based on env.example:
cp env.example .envConfigure your environment variables:
# Server
PORT=8080
ENV=development
# Database
DATABASE_URL=postgres://user:password@localhost:5432/connex?sslmode=disable
# Redis
REDIS_HOST=localhost
REDIS_PORT=6379
REDIS_PASSWORD=
REDIS_DB=0
# JWT
JWT_SECRET=your-super-secret-jwt-key-32-chars-minimum
# CSRF (base64-encoded 32-byte key)
CSRF_AUTH_KEY=your-base64-encoded-32-byte-csrf-key
# OpenTelemetry
OTEL_ENABLED=true
OTEL_ENDPOINT=http://localhost:14268/api/traces# Backend dependencies
go mod tidy
# Frontend dependencies (if developing frontend)
cd web
npm install# Start all services (PostgreSQL, Redis, Jaeger, Prometheus, Grafana)
make dev-docker
# In another terminal, start the Go application
make run# Start PostgreSQL and Redis manually
# Then run the application
make run- Web Application: http://localhost:8080
- Admin Dashboard: http://localhost:8080/admin
- API Documentation: http://localhost:8080/api/health
- Metrics: http://localhost:8080/metrics
- Grafana: http://localhost:3000 (admin/admin)
- Jaeger: http://localhost:16686
The application includes a comprehensive WebSocket implementation at /ws:
// Connect with JWT authentication
const ws = new WebSocket(`ws://localhost:8080/ws?token=${jwtToken}`);// Chat message
{
"type": "chat",
"data": "Hello, world!",
"timestamp": "2025-07-03T21:58:45.123Z"
}
// Join room
{
"type": "auth",
"data": {
"room": "general"
}
}
// Ping/Pong (automatic)
{
"type": "ping",
"data": {},
"timestamp": "2025-07-03T21:58:45.123Z"
}- Authentication: JWT token validation
- Rate Limiting: 10 connections per minute per IP
- Room Support: Join/leave chat rooms
- Message Broadcasting: Send to all clients or specific rooms
- Automatic Ping/Pong: Connection health monitoring
- Error Handling: Comprehensive error responses
The application serves static files from web/public/:
- Static Assets:
/static/*- CSS, JS, images, etc. - SPA Fallback: Any unknown route serves
index.htmlfor React Router - Security: Proper cache headers and security middleware
# Build frontend (if using a build tool)
cd web
npm run build
# Copy build output to public directory
cp -r dist/* public/- JWT-based authentication with secure token handling
- Password hashing with bcrypt
- CSRF protection on state-changing requests
- Role-based access control
- Comprehensive input validation for all endpoints
- XSS protection with content filtering
- SQL injection prevention
- Request size limiting (1MB default)
- Content Security Policy (CSP)
- X-Content-Type-Options
- X-Frame-Options
- X-XSS-Protection
- Modern security headers (COEP, COOP, etc.)
- IP-based rate limiting for authentication endpoints
- WebSocket connection rate limiting
- Configurable limits and time windows
# Unit tests
make test
# Integration tests
make test-integration
# Security tests
make security-test-comprehensive
# Load tests
make load-testmake test-coverage- Prometheus metrics at
/metrics - Custom application metrics
- Database and Redis monitoring
- OpenTelemetry integration
- Jaeger for distributed tracing
- Request tracing middleware
/health- Basic health check/health/detailed- Comprehensive health status/ready- Readiness probe
docker-compose up --builddocker-compose -f docker-compose.prod.yml up --build- Multi-stage builds for smaller images
- Security hardening
- Resource limits
- Health checks
- Graceful shutdown
# Format code
make fmt
# Lint code
make lint
# Run security scans
make security-all# Run migrations
make migrate-up
# Rollback migrations
make migrate-down# Start job worker
go run ./cmd/worker
# Enqueue jobs via API
curl -X POST http://localhost:8080/api/jobs/emailEnsure all production environment variables are set:
# Required for production
ENV=production
JWT_SECRET=<secure-32-char-minimum>
CSRF_AUTH_KEY=<base64-encoded-32-byte-key>
DATABASE_URL=<production-database-url>
REDIS_PASSWORD=<redis-password>- Change default passwords
- Configure HTTPS/TLS
- Set up proper CORS origins
- Configure rate limiting for production
- Set up monitoring and alerting
- Regular security scans
- Database backups
- Log aggregation
POST /api/auth/register- User registrationPOST /api/auth/login- User login
GET /api/users/me- Get current userPUT /api/users/me- Update current userDELETE /api/users/me- Delete current user
GET /api/admin/dashboard- Dashboard overview dataGET /api/admin/users- User management dataGET /api/admin/analytics- Analytics and reportingGET /api/admin/system- System status and healthGET /api/admin/logs- System logsGET /api/admin/metrics- System metrics
GET /health- Basic health checkGET /health/detailed- Detailed health statusGET /ready- Readiness probeGET /metrics- Prometheus metrics
GET /ws- WebSocket endpoint
- Fork the repository
- Create a feature branch
- Make your changes
- Add tests for new functionality
- Run the test suite
- Submit a pull request
This project is licensed under the MIT License - see the LICENSE file for details.
For support and questions:
- Create an issue on GitHub
- Check the documentation
- Review the security audit report
Built with β€οΈ using Go, WebSockets, and modern web technologies