This project consists of a secure chat application built using Python's Flask framework, and JavaScript for the client-side. The application uses RSA and AES encryption for secure communication between users.
The server-side application is built using Flask and uses RSA and AES for secure communication. It handles login, messaging, and WebSocket connection management.
Flask
: A micro web framework written in Python.rsa
: A Python RSA cryptography module.aes
: A Python Advanced Encryption Standard (AES) cryptography module.flask_wtf.csrf
: Cross-Site Request Forgery (CSRF) protection for Flask applications.
graph TD
A(User Interface) --> B[Login]
B -->|Send login details| C(Client App)
C -->|Send login details| D[Server App]
D -->|Send back RSA keys / Error message| C
C -->|Show success/error message| A
E[Submit message]
A --> E
E -->|Send message data| C
C -->|Send message data| D
D -->|Message delivered / Error message| C
C -->|Update chat interface / Show error message| A
F[Disconnect]
A --> F
F -->|Send disconnect request| C
C -->|Send disconnect request| D
D -->|Acknowledge disconnect| C
C -->|Show disconnection success message| A
sequenceDiagram
participant User as User Interface
participant Client as Client App
participant Server as Server App
Note over User,Client: User enters username and password
User->>Client: Login
Client->>Server: Send login details
alt successful login
Server-->>Client: Send back RSA keys
Client-->>User: Show success message
else unsuccessful login
Server-->>Client: Send back error message
Client-->>User: Show error message
end
Note over User,Client: User writes a message
User->>Client: Submit message
Client->>Server: Send message data
alt successful message sent
Server-->>Client: Message delivered
Client->>User: Update chat interface
else unsuccessful message sent
Server-->>Client: Send back error message
Client-->>User: Show error message
end
Note over User,Client: User decides to logout/disconnect
User->>Client: Disconnect
Client->>Server: Send disconnect request
Server-->>Client: Acknowledge disconnect
Client-->>User: Show disconnection success message
The server application has five main routes:
/api/
: Home endpoint of the application returning a welcome message./api/login
: Handles the login process with a POST request containing a username and password in JSON format./api/chat
: Handles chat messages by receiving a JSON object containing the message to be sent, encrypting it using AES with the client's public key, signing the ciphertext with the server's private key, and broadcasting the message to all connected clients./api/connect
: Establishes a WebSocket connection and adds the client to the set of connected clients. It then starts receiving messages from the client and forwards them to the/api/chat
endpoint./api/disconnect
: Removes a WebSocket client from the set of connected clients.
The server is run on a server by calling the run()
method of the Flask application object.
The client-side of the application is built using JavaScript. It provides the user interface for the chat application and handles login, messaging, and WebSocket connection management.
Login
: The login function handles the user authentication process. It sends a request to the/api/login
endpoint with the username and password provided by the user.Chat
: The chat function handles sending and receiving messages. It sends a POST request to the/api/chat
endpoint when the user submits a message, and it listens for incoming messages from the server.WebSocket Connection
: The connect function establishes a WebSocket connection with the server, while the disconnect function closes the WebSocket connection.
The application also uses Jinja2 templating to display information such as the current user's username and the list of chat messages. The status of the user (online/offline) is also updated dynamically based on the WebSocket connection status.
Both server and client applications can be dockerized using Docker. Docker allows you to package an application with all its dependencies into a standardized unit for software development. Dockerfiles and a docker-compose file are provided for this purpose.
To build and run the applications, use the following command in the terminal:
docker-compose up --build
This will start the server at http://localhost:8000
and the client at http://localhost:5000
. You can then navigate to http://localhost:5000
in your web browser to use the chat application.