A modern, full-stack social-style comment system built with Next.js, TypeScript, Express and MongoDB. Features nested comments, real-time interactions, email verification and Google OAuth authentication.
- User registration with email verification
- Email login with JWT authentication
- Google OAuth integration
- Protected routes for verified users only
- User profile management
- Create, read, update and delete posts
- Rich text content support
- Optional image attachments
- Author information display
- Pagination for posts
- Multi-level nested comment threads
- Real-time comment creation
- Edit and delete own comments
- Author and timestamp display
- Comment count per post
- Pagination for comments and replies
- Sort by recent or most liked
- Like/unlike comments and replies
- Toggle behavior (one like per user)
- Total like count display
- View users who liked
- Only owners can edit their content
- Admin role for moderation
- Delete inappropriate content
- Rate limiting (5 comments per minute)
- Modern, clean design with Tailwind CSS
- Smooth animations with Framer Motion
- Responsive mobile and desktop layouts
- Interactive hover effects
- Loading skeletons
- Toast notifications
- Intuitive nested thread view
- Node.js - Runtime environment
- Express.js - Web framework
- MongoDB - Database
- Mongoose - ODM
- JWT - Authentication
- Bcrypt - Password hashing
- Brevo (Sendinblue) - Email delivery service
- Passport.js - Google OAuth
- Express Rate Limit - API rate limiting
- Express Validator - Input validation
- Next.js - React framework
- TypeScript - Type safety
- Tailwind CSS - Styling
- Framer Motion - Animations
- Axios - HTTP client
- React Hot Toast - Notifications
- date-fns - Date formatting
- Lucide React - Icons
Comment-System/
├── server/
│ ├── src/
│ │ ├── config/
│ │ │ ├── database.js # MongoDB connection
│ │ │ ├── email.js # Email configuration
│ │ │ └── passport.js # OAuth configuration
│ │ ├── models/
│ │ │ ├── User.js # User schema
│ │ │ ├── Post.js # Post schema
│ │ │ └── Comment.js # Comment schema
│ │ ├── controllers/
│ │ │ ├── authController.js # Auth logic
│ │ │ ├── postController.js # Post logic
│ │ │ └── commentController.js # Comment logic
│ │ ├── middleware/
│ │ │ ├── auth.js # Auth middleware
│ │ │ ├── validator.js # Input validation
│ │ │ └── rateLimiter.js # Rate limiting
│ │ ├── routes/
│ │ │ ├── authRoutes.js # Auth endpoints
│ │ │ ├── postRoutes.js # Post endpoints
│ │ │ └── commentRoutes.js # Comment endpoints
│ │ ├── utils/
│ │ │ └── token.js # Token utilities
│ │ └── index.js # Server entry point
│ ├── package.json
│ └── .env
│
└── client/
├── src/
│ ├── app/
│ │ ├── layout.tsx # Root layout
│ │ ├── page.tsx # Home page
│ │ ├── login/ # Login page
│ │ ├── register/ # Register page
│ │ ├── verify-email/ # Email verification
│ │ ├── posts/
│ │ │ ├── create/ # Create post
│ │ │ └── [id]/ # Post detail
│ │ └── auth/callback/ # OAuth callback
│ ├── components/
│ │ ├── Navbar.tsx # Navigation bar
│ │ ├── CommentList.tsx # Comments container
│ │ ├── CommentItem.tsx # Single comment
│ │ ├── CommentForm.tsx # Comment input
│ │ └── CommentReplies.tsx # Nested replies
│ ├── contexts/
│ │ └── AuthContext.tsx # Auth state management
│ ├── services/
│ │ ├── auth.ts # Auth API calls
│ │ ├── post.ts # Post API calls
│ │ └── comment.ts # Comment API calls
│ └── lib/
│ └── axios.ts # HTTP client setup
├── package.json
└── .env.local
git clone <repository-url>
cd Comment-Systemcd server
npm installCreate a .env file in the server directory:
PORT=5000
MONGODB_URI=mongodb://localhost:27017/comment-system
JWT_SECRET=your_secure_random_secret_key_here
JWT_EXPIRE=7d
# Brevo (Sendinblue) Email Settings
BREVO_API_KEY=your-brevo-api-key
BREVO_FROM_EMAIL=[email protected]
BREVO_FROM_NAME=CommentHub
CLIENT_URL=http://localhost:3000
# Optional: Google OAuth (leave empty if not using)
GOOGLE_CLIENT_ID=your-google-client-id
GOOGLE_CLIENT_SECRET=your-google-client-secret
SESSION_SECRET=your-session-secret
SESSION_TTL_SECONDS=86400- Sign up for a free account at Brevo
- Go to Settings → SMTP & API
- Create a new API key
- Copy the API key to
BREVO_API_KEYin your.envfile - Verify your sender email address in Brevo dashboard
- Use the verified email in
BREVO_FROM_EMAIL
- Go to Google Cloud Console
- Create a new project
- Enable Google+ API
- Create OAuth 2.0 credentials
- Add authorized redirect URI:
http://localhost:5000/api/auth/google/callback - Copy Client ID and Client Secret to
.env
npm run devServer will run on http://localhost:5000
cd ../client
npm installCreate .env.local file in the client directory:
NEXT_PUBLIC_API_URL=http://localhost:5000/apinpm run devFrontend will run on http://localhost:3000
Open your browser and navigate to:
- Frontend: http://localhost:3000
- Backend API: http://localhost:5000/api/health
POST /api/auth/register # Register new user
POST /api/auth/login # Login user
GET /api/auth/verify-email?token= # Verify email
GET /api/auth/me # Get current user
POST /api/auth/resend-verification # Resend verification email
GET /api/auth/google # Google OAuth login
GET /api/auth/google/callback # Google OAuth callback
GET /api/posts # Get all posts (paginated)
GET /api/posts/:id # Get single post
POST /api/posts # Create post (auth required)
PUT /api/posts/:id # Update post (owner only)
DELETE /api/posts/:id # Delete post (owner/admin)
POST /api/comments # Create comment/reply (auth required)
GET /api/comments/post/:postId # Get post comments (paginated)
GET /api/comments/:commentId/replies # Get comment replies (paginated)
PUT /api/comments/:id # Update comment (owner only)
DELETE /api/comments/:id # Delete comment (owner/admin)
POST /api/comments/:id/like # Toggle like (auth required)
GET /api/comments/:id/likes # Get users who liked
page- Page number (default: 1)limit- Items per page (default: 10 for comments, 5 for replies)sort- Sort order: 'recent' or 'liked' (default: 'recent')
- Click "Sign Up" in the navigation bar
- Fill in username, email and password
- Click "Sign Up"
- Check your email for verification link
- Click the verification link
- Click "Login" in the navigation bar
- Enter email and password
- Or click "Continue with Google" for OAuth
- After logging in, click "Create Post"
- Enter title and content
- Optionally add an image URL
- Click "Create Post"
- Click on any post to view details
- Scroll to the comment section
- Type your comment in the input field
- Click "Comment"
- Click "Reply" under any comment
- Type your reply
- Click "Reply"
- Click the heart icon on any comment
- Click again to unlike
- Click the three dots menu on your comment
- Click "Edit"
- Update the content
- Click "Save"
- Your own: Click three dots → Delete
- As admin: Click the trash icon on any content
To prevent abuse, the following rate limits are enforced:
- Comments: 5 per minute per user
- Authentication: 5 attempts per 15 minutes
- Real-time notifications with WebSockets
- Image upload with cloud storage
- User profiles and avatars
- Direct messaging
- Comment mentions (@username)
- Markdown support in comments
- Search and filtering
- Report/flag system
- Analytics dashboard
- Dark mode theme
This project is licensed under the MIT License.
For issues or questions:
- Check the documentation above
- Review the code comments
- Open an issue on GitHub