OdinWorks

View posts from a private network of friends.

Device mockup of OdinWorks

OdinWorks is a full-stack application built with React & Node.js for The Odin Project's Odin-Book Node.js course project, with the goal of creating an application like Facebook. The spotlight of the application is the back-end — to implement the core features of Facebook such as users, profiles, posts, "liking", "friending", the feed, and the bonus of signing in with Facebook.

Features

OdinWorks aims to provide users the ability to:

  1. Create and authenticate an account using an email or with Facebook.
  2. Try the application using the demo account.
  3. Send friend requests to other users to get access to their posts.
  4. Create posts with text and an image.
  5. Write comments on posts.
  6. Like posts and comments.

Planning and Implementation

The Odin Project gives some hints on what we can use to create our application, notably using Passport.js to manage authentication with email and Facebook. For the rest of the stack, I used:

At the time of creating OdinWorks, there was not enough sufficient documentation on how we would authenticate using Facebook with Passport.js, making it a challenge to get it up and running with the various settings on Facebook's developer website and with the back-end.

In relation to authentication, we want a way to protect the posts of a user from other users. This is done in the form of utilizing the user ids of friends as a filter of who can access the content. This can be done through a middleware, which checks the relation of both parties (the viewer and the post owner) and gives the viewer access to the post if they are friends.

One of the more challenging things about implementing OdinWorks is how we would handle images. For simplicity, I have decided to use Firebase. For hosting purposes, this is a better alternative compared to using multer to store images locally. Overall, the general image upload + conversion workflow is similar to what I have done with my PC Parts List project.

Some of the hidden parts of the application include the creation of various tests using mongodb-memory-server & supertest to mock the behavior of a user using the application and to make sure no bugs occur. In addition, there is some rate limiting on the login route using express-rate-limit.

Originally, the back-end was hosted on the free-tier of Heroku before they nuked it. Currently, I have it hosted on Fly.io. The switch was seamless as Fly.io provided a tool for migrating a Heroku application to Fly.io.