A peer-support platform for live listener discovery, lightweight conversation requests, and permanent encrypted chat history once a listener accepts.
- Production:
https://konfide-flame.vercel.app - Status: stable live request-and-chat build
Konfide is built around one simple flow:
- Talkers browse published listeners in
explore - A talker sends a conversation request with a topic and optional context
- The listener accepts the request
- Both sides continue in the same permanent chat thread
The current product contract is intentionally narrow:
- no payment flow
- no appointment booking
- no calendar-slot scheduling
- no expiring chat timer
- Role-based auth for talkers and listeners
- Google OAuth and email/password sign-in
- Public listener profiles with publishing controls
- Explore catalog with search, topic filters, and
Active nowstate - Single listener availability toggle for accepting new requests
- Pending request limits to reduce listener overload
- Permanent shared chat history after acceptance
- Browser notification preference support
- Encrypted chat storage at rest
- Security headers, signed cookies, origin checks, and rate limits
The authoritative requirements live in docs/SRS.md.
| Layer | Technology |
|---|---|
| Framework | Next.js 16 (App Router) |
| Styling | Tailwind CSS v4 |
| Database | PostgreSQL + Prisma |
| Auth | Custom cookie auth + Google OAuth |
| Route | Page |
|---|---|
/ |
Landing page |
/auth |
Sign in / Sign up |
/join |
Listener workspace intro |
| Route | Page |
|---|---|
/explore |
Browse published listeners |
/explore/[listenerId] |
Listener profile |
/explore/[listenerId]/connect |
Send a chat request |
/sessions |
User session history |
/account |
User account |
| Route | Page |
|---|---|
/listener/dashboard |
Listener dashboard |
/listener/profile |
Edit public profile |
/listener/availability |
Toggle live availability |
/listener/sessions |
Manage incoming requests |
npm install
npm run prisma:push
npm run devOpen http://localhost:3000.
Copy .env.example to .env:
cp .env.example .envRequired variables:
| Variable | Purpose |
|---|---|
DATABASE_URL |
PostgreSQL connection string |
AUTH_SECRET |
Session signing secret |
CHAT_ENCRYPTION_KEY |
Chat encryption key for message storage |
GOOGLE_CLIENT_ID |
Google OAuth client id |
GOOGLE_CLIENT_SECRET |
Google OAuth client secret |
Optional:
| Variable | Purpose |
|---|---|
APP_URL |
Canonical deployed app URL |
NEXTAUTH_URL |
Optional compatibility URL for tooling or future integrations |
Add these in Google Cloud Console.
Authorized JavaScript origins:
http://localhost:3000https://konfide-flame.vercel.app
Authorized redirect URIs:
http://localhost:3000/api/auth/google/callbackhttps://konfide-flame.vercel.app/api/auth/google/callback
This app is ready for Vercel as a standard Next.js project.
Do not deploy with a local URL like postgresql://...@localhost:5432/.... Vercel cannot reach your laptop database.
Use a hosted PostgreSQL database before deploying. If you want to stay inside the Vercel workflow, the fastest path is:
vercel install neonThen connect the created database to this project and make sure Vercel exposes either DATABASE_URL or POSTGRES_URL.
Set these in Project Settings -> Environment Variables:
DATABASE_URLorPOSTGRES_URLAUTH_SECRETCHAT_ENCRYPTION_KEYGOOGLE_CLIENT_IDGOOGLE_CLIENT_SECRETAPP_URL
Recommended value:
APP_URL="https://your-project.vercel.app"If APP_URL is missing, the app falls back to Vercel system URLs like VERCEL_URL, but setting APP_URL explicitly is still the safest option for auth redirects.
Add your deployed callback URL in Google Cloud Console:
https://your-project.vercel.app/api/auth/google/callbackIf you use a custom domain, add that callback too.
Before the first production test, sync Prisma against the hosted database:
npx prisma db pushOnce the env vars are added, deploy normally from Vercel.
The build already runs prisma generate automatically, so the Prisma client stays fresh during deployment.
- Chat messages are encrypted at rest
- Mutating routes reject untrusted origins
- Auth and chat writes are rate-limited
- Session cookies are signed and
httpOnly - Production responses include CSP, HSTS,
X-Frame-Options, andnosniff
npm run dev
npm run lint
npm run build
npm run typegen
npm run prisma:push
npm run prisma:resetIf your editor reports that .next/types/routes.d.ts is missing after local cleanup, run:
npm run typegenTo reset the current database and start with no users:
npm run prisma:resetPrivate - All rights reserved.