SFU with Dynamic HLS Compositing & WebRTC Conferencing
SFU designed to facilitate real-time multi-party WebRTC video/audio communication and simultaneously provide a dynamically generated, composite HLS live stream for a subset of participants.Manages WebRTC transports for producers and consumers, handling ICE, DTLS, and RTP. A dynamically generated SDP file is fed to an FFmpeg process. This SDP describes the incoming RTP streams (ports, codecs, SSRCs). FFmpeg transcodes these streams, composites the video (e.g., side-by-side layout), mixes audio, and packages the output into HLS (HTTP Live Streaming) format.
FFmpeg·HLS·SFU·TypeScript·WebSockets(Signaling)
Secure: E2EE real-time chat with zero server knowledge
The design is a hybrid cryptosystem built on a series of deliberate engineering decisions. The key exchange mechanism is X25519, chosen over traditional curves (e.g., P-256) for its superior security-by-design. Its Montgomery Ladder algorithm provides inherent constant-time execution, mitigating timing side-channel attacks, while the function itself eliminates the need for complex and error-prone point validation. For authenticated encryption, AES-256-GCM is used. An AEAD cipher was chosen to guarantee not only confidentiality but also integrity and authenticity. Each message includes a tamper-evident authentication tag, causing decryption to fail if the ciphertext is modified in transit. Client-side hardening is achieved with non-exportable keys; to defend against key exfiltration via XSS, private keys are generated as non-exportable CryptoKey objects via the Web Crypto API. This browser enforced rule prevents JavaScript from accessing the raw key material, and the resulting secure handles are persisted in IndexedDB to maintain the key's non exportable guarantee. The application is architected for high performance, especially when handling extensive chat histories. The message interface utilizes a virtualization strategy, rendering only the subset of messages currently visible in the viewport. This approach keeps the DOM lightweight and ensures the UI remains memory efficient, even when navigating conversations with tens of thousands of messages. To complement this, historical messages are loaded dynamically through an infinite scroll mechanism supported by efficient cursor-based pagination. This technique maintains constant-time query performance regardless of depth, avoiding the performance degradation typical of traditional offset based methods as datasets grow.
AES-256-GCM·Argon2·Drizzle·Next.js·Token-Bucket Rate-Limiting·TypeScript·WebSockets·X25519
Custom Auth starter kit
A feature-rich Next.js 15 starter kit designed for rapid full-stack application development. This project implements a complete authentication system entirely from scratch, including email/password (signup, login, OTP-based email verification, forgot/reset password flows with Argon2 hashing and Pwned Passwords strength checking), and social OAuth (Google with PKCE, GitHub). It features robust session management using HTTP-only cookies and database persistence (PostgreSQL with Drizzle ORM). Additional functionalities include profile picture uploads via UploadThing, server-side rate limiting for API actions, a custom username selection flow post-social login, and a polished UI built with Tailwind CSS and shadcn/ui components. The project is structured with Next.js App Router, utilizes Server Actions for backend logic, and incorporates modern tooling like TypeScript, Biome for linting/formatting, and Turbopack for development. It also serves as a great example of how to build secure and scalable web applications. (Try bunx create-arnav-app for a similar experience!)
Argon2 (Password Hashing and Salt)·Google OAuth 2.0 (PKCE)·Next.js (App Router)·PostgreSQL·Redis Rate Limiting (Sliding Window Counter)·TypeScript
Real-time Event Queue Service (SSE)
A lightweight Go-based real-time event notification service, designed as a companion to the main Peeple API. This service utilizes Server-Sent Events (SSE) via an /events endpoint to push updates to connected clients (e.g., an admin dashboard). It features a /trigger endpoint, which, when called (likely by the main Peeple API after a user submits a verification request), broadcasts a notification. The authentication middleware for the trigger endpoint interfaces with the PostgreSQL database to check the user's verification status, preventing redundant notifications. Made because I couldn't get a messaging queue:(
Peeple - Real-time Dating App API
A robust and scalable backend API for 'Peeple', a real-time dating application. This Go-based API powers core functionalities including user authentication (JWT-based, with Google Sign-In option), comprehensive profile management (creation, editing, media uploads, prompts), dynamic user feeds (home feed, quick feed), a real-time WebSocket-based chat system with message reactions and typing indicators (scaled with Redis Pub/Sub), content liking/disliking, matching/unmatching, and an admin panel for user verifications. It integrates with AWS S3 for media uploads (images, audio prompts) via presigned URLs and includes analytics tracking. The application is fully containerized using Docker and deployed via a CI/CD pipeline on GitHub Actions to a Linux VM using Podman and systemd.
AWS S3·GitHub Actions·Go·Podman·Postgres·Redis (Rate Limiting Pub/Sub)·WebSockets·systemd
Real-Time Whiteboard
A real-time collaborative whiteboard and design application built with Next.js, Liveblocks, and Fabric.js. Users can sign up/log in via email/password or Google/GitHub OAuth. The application features a persistent dashboard for managing design 'rooms'. Within a room, users experience real-time collaboration including live cursors, reactions, shared canvas drawing (rectangles, circles, triangles, lines, freeform, text, image uploads), and threaded commenting. It includes features like OTP-based email verification, password recovery, user profile picture uploads (via UploadThing), and an edit access request system for rooms. The backend logic is handled through Next.js Server Actions, with data persisted in a PostgreSQL database.
Fabric.js·Liveblocks·Next.js·Nodemailer·PostgreSQL·TypeScript