This repository evolved into republik-backend which in turn has been merged into the orbiting/backends monorepo. Most of the functionality of this backend is still avilable in the monorepo.
This NodeJS server provides an GraphQL API to power your next crowdfunding. It works best together with crowdfunding-frontend. This software is developped by Project R and was used to power our crowdfunding at Republik.
Postgres acts as the database and is queried by the amazing pogi client. The GraphQL API is powered by Apollo's graphql-server.
- passwordless / email authentication and session support with express-session.
- an extensive crowdfunding data model
- pledges
- memberships
- goodies
- payments
- payments via Stripe, PayPal, Postfinance and paymentslips.
- vouchers: give membership to other users as a present.
- testimonials: let users share their message (and image) with the world.
- events, faqs and updates via google spreadsheets.
- feeds: get user comments to specific topics. Includes sorting via Reddit's hottness algorithm.
- votings: let users vote on different options.
- statistic endpoints (for memberships, payments, testimonials, votings) to share insights.
Check out the (production) API: https://api.republik.ch/graphiql
You need to have postgres running somewhere.
Boostrap your .env file.
PORT=3001
PUBLIC_URL=http://localhost:3001
SESSION_SECRET=replaceMe
DATABASE_URL=postgres://postgres@localhost:5432/postgres
Adapt the seed file to your needs and bootstrap the DB.
npm run db:reset
Run it.
npm install
npm run dev
Check out the API: http://localhost:3001/graphiql
- You want to change translations.js and adapt it to your wording. See the comment about static texts about how to conveniently do that with spreadsheets.
- Adapt the environment variables to e.g. integrate billing or enable image uploading to S3.
Please read the source (a good starting are the resolvers) and open an issue if you have a question.
We make use of many third party services.
Emails are sent via Mandrill see lib/sendMail.js. We make extensive use of mandrill templates to send custom styled HTML emails and also to convert them to text-only emails, see this README. You can find all our templates inside the seeds/email_templates folder.
We integrated 3 payment services: Stripe, PayPal and Postfinance. On top of that we manually handle swiss payment slips. All the payment "magic" happens in payPledge.js.
We use Google Spreadsheets to manage user-facing messages ("static texts") this API emits, see lib/translations.js. Refresh this file with npm run translations. Gsheets also act as a small CMS for FAQs, updates and events. To accomplish that we wrote a small macro which sends a GET request via a menu-item inside the spreadsheet to this API. src/gsheets.js receives the message and refreshes the cached gsheet inside the DB. Don't use the content of this file without adapting it to your needs.
We store our assets inside Exoscale's Object Store. It provides a S3 v3 compatible API, which we talk to via lib/uploadExoscale.js
Keycdn acts as CDN for our assets. lib/keyCDN.js provides an easy way to purge the cache for specific urls.
Slack is used for notifications and overview of user comments. See lib/slack.js.
We use Phantomjscloud to render social-media images via the front-end.
There are many knobs which can be turned to, check the following extensive list. Provided values are just an example.
PORT=3001
SESSION_SECRET=
DATABASE_URL=postgres://postgres@localhost:5432/postgres
NODE_ENV=development
# used to construct links in mails sent
PUBLIC_URL=http://localhost:3001
# used to construct links/redirects to frontend
FRONTEND_BASE_URL=http://localhost:3003
# basic auth
# provide the following ENV variables to enable HTTP basic auth.
BASIC_AUTH_USER=
BASIC_AUTH_PASS=
BASIC_AUTH_REALM=
# set the auth cookie to a specific domain.
COOKIE_DOMAIN=
# whitelist requests from a specific domain
CORS_WHITELIST_URL=http://localhost:3003
# used by cancelPledge to transfer canceled memberships
PARKING_PLEDGE_ID=
PARKING_USER_ID=
# mandrill api key, used to send mail
MANDRILL_API_KEY=
# mails are not send in DEV, except SEND_MAILS is true
# mails are suppressed in production if SEND_MAILS is false
# this is a kill switch, if SEND_MAILS is false, no mails will be sent
# instead they are printed to console.
SEND_MAILS=true
# if set, mails are only sent to the specified domain, others are filtered
# out and printed to console instead.
# This is handy if you want to test internally with real mails
# but you must make sure not to send mails to customers.
SEND_MAILS_DOMAIN_FILTER=project-r.construction
# where to send auth mails from
AUTH_MAIL_FROM_ADDRESS="[email protected]"
# where to send new (FA)Questions to
QUESTIONS_MAIL_ADDRESS="[email protected]"
# where to send mails from (if no param specified for sendMail or sendMailTemplate)
DEFAULT_MAIL_FROM_ADDRESS="[email protected]"
DEFAULT_MAIL_FROM_NAME=Republik
# mailchimp is used to subscribe people to lists
MAILCHIMP_URL=https://us14.api.mailchimp.com
MAILCHIMP_API_KEY=
REMIND_ME_LIST_ID=
# random secret: used to sign the subscription link send by mail
SUBSCRIBE_SECRET=
# mailchimp group/interest ids, see script/getMailchimpInterests.js
MAILCHIMP_INTEREST_PLEDGE=
MAILCHIMP_INTEREST_MEMBER=
MAILCHIMP_INTEREST_MEMBER_BENEFACTOR=
# if truthy, @project-r.construction mail addresses get automatically
# signedin and no mail is sent (used for automated testing)
AUTO_LOGIN=1
# credentials to upload assets to the exoscale object store
EXO_KEY=
EXO_SECRET=
S3BUCKET=republik-staging
# where will the assets be available publicly
ASSETS_BASE_URL=https://assets.staging.republik.ch
# keyCDN access to clear cache on file uploads
# must correspond with the object store config
KEYCDN_API_KEY=
KEYCDN_ZONE_ID=
KEYCDN_ZONE_URL=
# phantomjscloud.com to render social media share images
PHANTOMJSCLOUD_API_KEY=
# payment secrets
PAYPAL_URL=
PAYPAL_USER=
PAYPAL_PWD=
PAYPAL_SIGNATURE=
PF_SHA_IN_SECRET=
PF_SHA_OUT_SECRET=
PF_PSPID=
STRIPE_SECRET_KEY=
There are multiple scripts to run things manually (like importGoals.js). Checkout the script folder, each script comes with a header explaining how to use it.
The source code and it's documentation is licensed under GNU AGPLv3+.
The content of translations.js is property of Project R and may not be reproduced without permission.
Check the READMEs in /assets/geography/*/ for licensing details of used geo data.