Innovating Volunteering with Blockchain π
VolunChain is a blockchain-powered platform that connects volunteers with organizations in a transparent, decentralized, and efficient way. Our mission is to make volunteering more accessible, secure, and rewarding for everyone .
- Opportunity Connection: Match volunteers with organizations.
- NFT Certifications: Reward achievements with unique digital collectibles.
- Tokenized Rewards: Incentivize volunteers with blockchain tokens.
- Community Governance: A planned DAO model for user-driven decisions.
- Transparency & Security: All data and transactions are verifiable and secure.
- Global Reach: Designed to connect communities worldwide.
If you found this repository helpful or contributed to it, please give it a β on GitHub!
Your support helps us grow and motivates us to continue improving VolunChain. π
- Frontend: React, Next.js.
- Backend: Node.js, Express, Prisma.
- Blockchain: Stellar, Rust.
- Database: PostgreSQL, Prisma.
- Containers: Docker for consistent environments.
- Architecture: Domain-Driven Design (DDD)
The project follows Domain-Driven Design principles with the following structure:
src/
βββ modules/
β βββ project/
β βββ domain/ # Domain entities and value objects
β βββ repositories/ # Repository interfaces and implementations
β βββ use-cases/ # Application business logic
β βββ dto/ # Data Transfer Objects
βββ shared/ # Shared kernel
βββ infrastructure/ # External services and implementations
- Contains business entities and value objects
- Implements domain logic and business rules
- Independent of external concerns
- Defines interfaces for data access
- Implements data persistence logic
- Abstracts database operations
- Implements application business logic
- Orchestrates domain objects
- Handles transaction boundaries
- Defines data structures for API communication
- Handles data validation and transformation
- Separates domain models from API contracts
Follow these steps to set up the backend locally:
- Node.js (v18 or higher)
- Docker & Docker Compose
-
Clone the Repository:
git clone https://github.com/your-repo/volunchain-backend.git cd volunchain-backend -
Set Up Environment Variables: Create a
.envfile:DATABASE_URL=postgresql://volunchain:volunchain123@localhost:5432/volunchain PORT=3000 JWT_SECRET=your-jwt-secret
-
Start PostgreSQL with Docker:
docker-compose up -d
-
Install Dependencies:
npm install
-
Run the Development Server:
npm run dev
-
Fork the repository.
-
Create a branch for your changes:
git checkout -b feature/new-feature
-
Commit your changes: i. The project uses pre-commit hooks to ensure code quality. They will automatically:
- Run ESLint to check code style
- Run Prettier to format code
- Run tests to ensure everything works
ii. For urgent commits that need to bypass checks:
git commit -m "urgent fix" --no-verifygit commit -m "Add new feature" -
Push and create a Pull Request.
This project is licensed under the MIT License.
The application implements rate limiting to protect sensitive endpoints and prevent abuse.
Rate limiting can be configured via environment variables:
RATE_LIMIT_WINDOW_MS: Time window for rate limiting in milliseconds (default: 15 minutes)RATE_LIMIT_MAX_REQUESTS: Maximum number of requests allowed in the time window (default: 100)RATE_LIMIT_MESSAGE: Custom message when rate limit is exceeded
The following endpoints have rate limiting:
/auth/login/auth/register- Wallet verification endpoints
- Email-related endpoints
You can adjust rate limit settings in your .env file or use the default configurations.
The Email Verification system allows users to verify their email addresses during the registration process, ensuring the authenticity of user accounts and adding an extra layer of security to the application.
- Automatic email verification token generation and sending during registration
- Token expiration after 24 hours for security
- Email verification endpoint to validate tokens
- Resend verification email functionality for users who did not receive or have expired tokens
- Authentication middleware that restricts access to authenticated routes for non-verified users
- When a user registers, the system automatically sends a verification email to the provided email address.
- The email contains a unique verification link with a token parameter.
- The token is valid for 24 hours.
- When the user clicks the verification link, the system validates the token.
- If the token is valid and not expired, the user's email is marked as verified.
- The user can now access authenticated routes that require verification.
If a user did not receive the verification email or the token has expired, they can request a new verification email:
- User makes a
POSTrequest to/api/auth/resend-verification-emailwith their email address. - The system generates a new token and sends a fresh verification email.
POST /auth/register- Register a new user and send verification emailGET /auth/verify-email/:token- Verify email using the token from the email linkPOST /auth/resend-verification- Resend the verification emailGET /auth/verification-status- Check if the current user's email is verified
The email verification system follows Domain-Driven Design principles:
- Domain Layer:
Userentity extended withisVerified,verificationToken, andverificationTokenExpiresattributesIUserRepositoryinterface updated with verification-related methods
- Repository Layer:
PrismaUserRepositoryimplements methods for finding users by verification token, setting tokens, and verifying users
- Use Cases:
SendVerificationEmailUseCase: Handles sending verification emails to usersVerifyEmailUseCase: Validates tokens and marks users as verifiedResendVerificationEmailUseCase: Generates new tokens and resends verification emails
- Authentication:
AuthMiddlewarehas been updated to check if a user is verified before allowing access to protected routes
The email verification system requires the following environment variables:
JWT_SECRET- Secret key for JWT tokensEMAIL_SECRET- Secret key for verification tokensEMAIL_SERVICE- Email service provider (e.g., 'gmail')EMAIL_USER- Email address for sending verification emailsEMAIL_PASSWORD- Password for the email accountBASE_URL- Base URL for verification links (e.g., 'http://localhost:3000')
The Wallet Verification system integrates with Stellar's Horizon API to verify the authenticity of Stellar wallet addresses during user registration and authentication. This ensures that only valid Stellar addresses are used in the platform and provides additional security by validating wallet ownership.
- Format Validation: Validates Stellar address format using Stellar SDK
- Network Verification: Verifies wallet addresses against Stellar Horizon API
- Account Existence Check: Determines if a wallet account exists on the Stellar network
- Balance and Sequence Retrieval: Fetches account details for existing wallets
- Integration with Auth Flow: Seamlessly integrated into registration and login processes
- Comprehensive Error Handling: User-friendly error messages for various failure scenarios
The wallet verification system follows Domain-Driven Design principles:
WalletVerificationentity: Represents wallet verification resultsStellarAddressvalue object: Encapsulates Stellar address validation logicIWalletRepositoryinterface: Defines wallet verification operations
HorizonWalletRepository: Implements Horizon API integration for wallet verification
VerifyWalletUseCase: Handles complete wallet verification including network callsValidateWalletFormatUseCase: Validates wallet address format only (no network calls)
WalletVerificationRequestDto: Request structure for wallet verificationWalletVerificationResponseDto: Response structure with verification results
WalletService: High-level service for wallet operations
POST /auth/verify-wallet- Fully verify a wallet address (format + network)POST /auth/validate-wallet-format- Validate wallet address format only
POST /auth/register- Now includes wallet verification before user creationPOST /auth/login- Now validates wallet address before authentication
- User provides wallet address during registration
- System validates wallet address format
- System verifies wallet against Stellar Horizon API
- If verification succeeds, user registration proceeds
- If verification fails, registration is rejected with appropriate error message
- User provides wallet address for login
- System validates wallet address before checking user existence
- If wallet is invalid, authentication is rejected immediately
- If wallet is valid, normal authentication flow proceeds
# Verify wallet address (format + network)
curl -X POST http://localhost:3000/api/auth/verify-wallet \
-H "Content-Type: application/json" \
-d '{"walletAddress": "GCKFBEIYTKP5RDBQMUTAPDCFZDFNVTQNXUCUZMAQYVWLQHTQBDKTQRQY"}'
# Validate wallet format only
curl -X POST http://localhost:3000/api/auth/validate-wallet-format \
-H "Content-Type: application/json" \
-d '{"walletAddress": "GCKFBEIYTKP5RDBQMUTAPDCFZDFNVTQNXUCUZMAQYVWLQHTQBDKTQRQY"}'The wallet verification system requires the following environment variables:
HORIZON_URL- Stellar Horizon API URL (default: 'https://horizon-testnet.stellar.org')STELLAR_NETWORK- Stellar network ('testnet' or 'mainnet', default: 'testnet')
The system provides comprehensive error handling for various scenarios:
- Invalid Format: When wallet address format is incorrect
- Network Errors: When Horizon API is unreachable
- Account Not Found: When wallet address is valid but account doesn't exist (this is not an error)
- Duplicate Wallet: When attempting to register with an already registered wallet
Comprehensive test coverage includes:
- Unit tests for all domain entities and value objects
- Use case tests with mocked dependencies
- Repository tests with mocked Horizon API responses
- Integration tests for auth flow with wallet verification
Run wallet verification tests:
npm test -- --testPathPattern=wallet