Skip to content

A simple Web application that demonstrates how the end-to-end encryption works. The application uses firebase as a backend service for authentication and chat messaging, and Virgil E3Kit SDK for end-to-end encryption.

License

Notifications You must be signed in to change notification settings

VirgilSecurity/demo-firebase-js

Repository files navigation

Virgil E3Kit JS Web + Firebase Demo

This is an end-to-end encrypted HIPAA-compliant demo chat app for Firebase that is using Virgil Security's E3Kit JavaScript SDK. The demo allows you to register users and back up their private keys, create peer-to-peer channels and send end-to-end encrypted messages.

You can reuse this sample in your projects to protect user data, documents, images using Virgil's end-to-end encryption HIPAA whitepaper.

After you set up the demo with the all credentials required in the instructions below you can run a chat for chatting:

Chat screenshot

The demo is using E3Kit v2.3.3.

Prerequisites

Set up and run demo

Clone JavaScript project

git clone https://github.com/VirgilSecurity/demo-firebase-js
cd demo-firebase-js

Connect your Virgil and Firebase accounts

To connect your Virgil and Firebase accounts, you need to deploy a Firebase function that gives out Virgil JWT tokens for your authenticated users.

To deploy the function, head over to our GitHub repo and follow the instructions in README:

Configure Authentication

At Firebase dashboard, select the Authentication panel and then click the Sign In Method tab. Choose the E-mail authentication method and click Done, then follow instructions and click Save.

 

Configure Cloud Firestore

Set up a Firestore database for the sample apps:

  1. Select the Cloud Firestore panel
  2. Click Create database under Firestore
  3. Choose Start in test mode and click Enable

Once the database is created, click on the Rules tab, click Edit rules and paste:

service cloud.firestore {
  match /databases/{database}/documents {
    match /{document=**} {
      allow read, write: if request.auth.uid != null;
    }
  }
}

Now click PUBLISH.

 

You only need to do this once - if you had already done it earlier, you don't need to do it again.

Add your Firebase project config to app

  1. Go to the Firebase console -> your project's page in Firebase console, click the gear icon -> Project settings

 
  1. Click Add app and choose "</> Add Firebase to your web app"

Chat screenshot

 
  1. Copy only this part to the clipboard:
  var firebaseConfig = {
    apiKey: "...",
    authDomain: "...",
    databaseURL: "...",
    projectId: "...",
    storageBucket: "...",
    messagingSenderId: "..."
  };

Chat screenshot

 

  1. Replace the copied block in your src/firebase.ts file.

Chat screenshot

 

Build and run

  • Update dependencies, build & run
    npm install
    npm run start
    

In case you receive a message like warning found n vulnerabilities printed in the console after running the npm install, there is a potential security vulnerability in one of the demo's dependencies. Don't worry, this is a normal occurrence and in the majority of cases it is fixed by updating the packages. To install any updates, run the command npm audit fix. If some of the vulnerabilities persist after the update, check the results of the npm audit to see a detailed report. The report includes instructions on how to act on this information.

Explore demo

  1. Browse to http://localhost:1234. You will see a register/login form; you can use any e-mail and password to sign up a test user.

Chat screenshot

  1. Start a second incognito or browser window to have 2 chat apps running with 2 different users. Sign up one more user.

  1. Click the "New Channel" to create a channel between the 2 users.

Chat screenshot

  Now you can start sending encrypted messages between them.

Chat screenshot

Remember, the app deletes messages right after delivery (it's a HIPAA requirement to meet the conduit exception). If you want to see encrypted messages in your Firestore database, run only 1 browser instance, send a message to your chat partner and check Firestore DB's contents before opening the other user's app to receive the message. If you don't want to implement this behavior in your own app, you can remove it from this sample here.

License

This library is released under the 3-clause BSD License.

Support

Our developer support team is here to help you. Find out more information on our Help Center.

You can find us on Twitter or send us email support@VirgilSecurity.com.

Also, get extra help from our support team on Slack.

About

A simple Web application that demonstrates how the end-to-end encryption works. The application uses firebase as a backend service for authentication and chat messaging, and Virgil E3Kit SDK for end-to-end encryption.

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published