A lightweight, secure messaging server with CLI client built in C, featuring encrypted database storage, JWT authentication, and location sharing with explicit consent.
- User Registration & Authentication - Secure account creation with SHA256 password hashing
- Real-time Messaging - Send and receive messages between users
- Message History - View conversation history with timestamps
- JWT Token Authentication - Secure session management with 24-hour expiry
- Encrypted Database - SQLite database with custom encryption key
- Location Sharing - GPS coordinates sharing with explicit user consent
- Admin Panel - Administrative interface for user location monitoring
- Role-based Access - Regular users and admin roles with different permissions
- Multi-threaded Server - Handles multiple concurrent connections
- HTTP REST API - Clean API endpoints for all operations
- Cross-platform - Works on Windows (MSYS2), Linux, and macOS
- CLI Interface - Command-line client for easy interaction
graph TB
subgraph "Client Layer"
CLI["π₯οΈ CLI Client<br/>β’ Authentication<br/>β’ Message Send/View<br/>β’ Location Share"]
API_Client["π HTTP Client<br/>β’ REST API Calls<br/>β’ JWT Token Mgmt"]
end
subgraph "Security Layer"
CORS["π‘οΈ CORS Protection"]
JWT["π JWT Authentication<br/>β’ 24h Expiry<br/>β’ Token Validation"]
HASH["π SHA256 Hashing<br/>β’ Password Security"]
end
subgraph "Server Layer"
HTTP["β‘ Multi-threaded HTTP Server<br/>Port: 8080<br/>Max Connections: 100"]
ROUTER["π API Router<br/>β’ /api/register<br/>β’ /api/login<br/>β’ /api/message<br/>β’ /api/messages<br/>β’ /api/location<br/>β’ /api/locations"]
AUTH["π€ Auth Controller<br/>β’ User Registration<br/>β’ Login/Logout<br/>β’ Role Management"]
MSG["π¬ Message Controller<br/>β’ Send Messages<br/>β’ Retrieve History<br/>β’ Real-time Processing"]
LOC["π Location Controller<br/>β’ GPS Coordinates<br/>β’ Consent Management<br/>β’ Admin Monitoring"]
end
subgraph "Data Layer"
ENCRYPT["π Database Encryption<br/>β’ Auto-generated Key<br/>β’ Obfuscated Storage"]
DB[("ποΈ Encrypted SQLite<br/>telegram_clone.db")]
USERS["π₯ Users Table<br/>β’ ID, Username, Email<br/>β’ Password Hash<br/>β’ Role, Location Consent"]
MESSAGES["π Messages Table<br/>β’ ID, Sender, Target<br/>β’ Content, Timestamp<br/>β’ Message Type"]
GROUPS["π¨βπ©βπ§βπ¦ Groups Table<br/>β’ Group Management<br/>β’ Member Relations"]
end
subgraph "Admin Panel"
ADMIN["π¨βπΌ Admin Interface<br/>β’ User Management<br/>β’ Location Monitoring<br/>β’ System Overview"]
end
%% Client to Server Flow
CLI --> API_Client
API_Client --> CORS
CORS --> JWT
JWT --> HTTP
%% Server Internal Flow
HTTP --> ROUTER
ROUTER --> AUTH
ROUTER --> MSG
ROUTER --> LOC
ROUTER --> ADMIN
%% Security Integration
AUTH --> HASH
AUTH --> JWT
MSG --> JWT
LOC --> JWT
ADMIN --> JWT
%% Database Flow
AUTH --> ENCRYPT
MSG --> ENCRYPT
LOC --> ENCRYPT
ADMIN --> ENCRYPT
ENCRYPT --> DB
DB --> USERS
DB --> MESSAGES
DB --> GROUPS
%% Modernized Styling
classDef client fill:#dbeafe,stroke:#3b82f6,stroke-width:2px %% Light blue background, strong blue stroke
classDef security fill:#fef9c3,stroke:#facc15,stroke-width:2px %% Soft yellow bg, gold stroke
classDef server fill:#ede9fe,stroke:#8b5cf6,stroke-width:2px %% Light violet bg, rich purple stroke
classDef data fill:#dcfce7,stroke:#22c55e,stroke-width:2px %% Soft green bg, vibrant green stroke
classDef admin fill:#ffe4e6,stroke:#e11d48,stroke-width:2px %% Light pink bg, strong rose stroke
class CLI,API_Client client
class CORS,JWT,HASH security
class HTTP,ROUTER,AUTH,MSG,LOC server
class ENCRYPT,DB,USERS,MESSAGES,GROUPS data
class ADMIN admin
# Install MSYS2 from https://www.msys2.org/
# Then install dependencies:
pacman -S mingw-w64-x86_64-gcc mingw-w64-x86_64-sqlite3 mingw-w64-x86_64-json-c mingw-w64-x86_64-openssl mingw-w64-x86_64-make gitsudo apt-get update
sudo apt-get install libsqlite3-dev libjson-c-dev libssl-dev build-essential gitsudo yum install sqlite-devel json-c-devel openssl-devel gcc make gitbrew install sqlite json-c opensslgit clone https://github.com/codehubbers/hubbergram
cd hubbergram# Automatic build with dependency management (preferred)
make all
# Or manual dependency installation
make install-libmingw32 # Downloads required networking library
make # Build servermake -f Makefile_cliThe server automatically:
- Generates a secure encryption key
- Creates encrypted SQLite database
- Sets up required tables (users, messages, groups)
- Creates default admin account
./build/telegram_clone
# Server runs on http://localhost:8080./cli_client- Username:
admin - Password:
admin123
- Register - Create new user account
- Login - Authenticate with username/password
- Send Message - Send message to specific user
- View Messages - See received messages
- Logout - End current session
- View Locations - Monitor user locations (requires consent)
| Method | Endpoint | Description | Auth Required |
|---|---|---|---|
| POST | /api/register |
User registration | No |
| POST | /api/login |
User authentication | No |
| POST | /api/message |
Send message | Yes |
| GET | /api/messages |
Get user messages | Yes |
| POST | /api/location |
Update location | Yes |
| GET | /api/locations |
View all locations | Admin |
curl -X POST http://localhost:8080/api/register \
-H "Content-Type: application/json" \
-d '{"username":"john","email":"john@example.com","password":"secret123"}'curl -X POST http://localhost:8080/api/message \
-H "Content-Type: application/json" \
-H "Authorization: Bearer YOUR_TOKEN" \
-d '{"target_username":"jane","content":"Hello!"}'- Encrypted Storage - All data encrypted at rest
- Auto-generated Keys - Unique encryption key per installation
- Secure Key Storage - Obfuscated key storage in headers
- SHA256 Hashing - Secure password storage
- JWT Tokens - Stateless authentication
- Token Expiry - 24-hour automatic expiration
- Rate Limiting - Protection against brute force attacks
- Explicit Consent - Location sharing requires user permission
- Data Minimization - Only necessary data collected
- Admin Separation - Clear role-based access control
Edit include/config.h to customize:
#define SERVER_PORT 8080 // Server port
#define MAX_CONNECTIONS 100 // Max concurrent clients
#define TOKEN_EXPIRY_HOURS 24 // JWT token lifetime
#define DEFAULT_LOCATION_DURATION 60 // Location sharing duration
#define REQUIRE_LOCATION_CONSENT 1 // Enforce location consenthubbergram/
βββ include/ # Header files
β βββ server.h # Main server definitions
β βββ config.h # Configuration constants
β βββ db_security.h # Database encryption
βββ source/ # Source code
β βββ server.c # HTTP server & routing
β βββ api.c # REST API endpoints
β βββ database.c # SQLite operations
β βββ auth.c # Authentication & JWT
β βββ db_security.c # Database encryption
βββ build/ # Compiled objects & executable
βββ cli_client.c # Command-line client
βββ Makefile # Server build configuration
βββ Makefile_cli # Client build configuration
# Clean build
make clean && make all
# Check dependencies
make deps-msys2 # On MSYS2# Check if server is running
curl http://localhost:8080/
# Check port availability
netstat -an | grep 8080# Backup and rebuild database
./build_with_db_merge.sh- Fork the repository
- Create feature branch (
git checkout -b feature/amazing-feature) - Commit changes (
git commit -m 'Add amazing feature') - Push to branch (
git push origin feature/amazing-feature) - Open Pull Request
This project is licensed under the MIT License - see the LICENSE file for details.
For issues and questions:
- Check existing GitHub issues
- Create new issue with detailed description
- Include system information and error logs