Real-time collaborative project management β built for teams, engineered for production.
CollabBoard is a full-stack, production-grade collaborative task management platform. Multiple users can work on the same Kanban board simultaneously β tasks move, update, and appear in real time across every connected session without a page refresh.
Think Linear or Jira, but built from scratch with a focus on engineering fundamentals: event-driven architecture, transactional database operations, secure token-based authentication, and an integrated AI layer powered by LLaMA 3.1 via Groq.
- Real-time board sync β changes appear instantly across all connected clients via WebSocket rooms scoped to board ID
- Kanban task management β create, move, and delete tasks across columns (Backlog β In Progress β Review β Done)
- Priority & tagging β tasks support priority levels (High / Med / Low) and category tags (feat, bug, infra, docs, design...)
- Online presence β see who's viewing the same board in real time
- Activity log β live feed of all board actions
- JWT authentication β access tokens (15min) + refresh tokens (7d) with single-use rotation
- Workspace organization β group boards into workspaces
- AI Assistant β three LLM-powered tools built into the sidebar (see below)
- Admin Panel β real-time platform analytics, user management, and CSV export (owner-only)
Powered by LLaMA 3.1 via Groq β free, fast, no credit card required.
Three tools are available directly from the sidebar:
Describe your project in plain English β the AI builds a full, structured task breakdown across Backlog, In Progress, Review, and Done columns. Ideal for kicking off a new board without manually creating every card.
Input: project name + optional description β Output: complete task plan ready to populate your board
Give it a task title and optional project context β the AI writes a professional task description with acceptance criteria, edge cases, and definition of done. Turns a one-liner into a properly scoped ticket.
Input: task title + project name β Output: description with acceptance criteria, auto-filled into the task form
Paste your board ID (from the URL: /board/YOUR-ID-HERE) β the bot reads the last 24 hours of board activity and generates a daily standup report in the standard format: what was done, what's in progress, any blockers.
Input: board ID β Output: formatted standup report based on real board activity
All three tools run on LLaMA 3.1-8B-Instant served via the Groq API. Latency is typically under 1 second.
Visible only to the platform owner. Accessible from the sidebar when logged in as the admin account.
- Platform stats β total users, workspaces, boards, tasks, and new signups today
- Signup chart β bar chart of new user registrations over the last 7 days
- User directory β searchable list of all users with online/offline status and role badges
- CSV export β one-click export of all user data
- Auto-refresh β stats update every 30 seconds automatically; manual refresh also available
| Layer | Technology | Why |
|---|---|---|
| Frontend | React 18, Zustand, Vite | Fast SPA with lightweight global state |
| Styling | Tailwind CSS | Utility-first, consistent design system |
| Real-time | Socket.io client/server | Bidirectional event-driven communication |
| Backend | Node.js, Express | Lightweight, non-blocking I/O |
| Database | PostgreSQL + pg pool | ACID transactions, connection pooling |
| Auth | JWT (access + refresh) | Stateless auth with secure rotation |
| AI | LLaMA 3.1 via Groq API | Fast LLM inference, free tier, no GPU needed |
| Logging | Winston + Morgan | Structured production logging |
| Deployment | Vercel (frontend), Render (backend + DB) | Zero-cost production infrastructure |
Client (React + Zustand)
β
βββ REST API (Express) ββββββββββββ PostgreSQL
β β (connection pool)
βββ WebSocket (Socket.io) ββββββββββ Board rooms
β (scoped broadcast)
βββ AI Routes (Express) βββββββββββ Groq API
(LLaMA 3.1)
Event-driven real-time sync β Socket.io rooms are scoped to boardId. When a task is created or moved, the server broadcasts only to clients in that board's room β not all connected users.
Optimistic UI updates β task moves update the local state immediately before the server confirms, giving instant feedback. If the server call fails, a toast error is shown.
JWT refresh token rotation β refresh tokens are single-use and stored in the database. On each refresh, the old token is invalidated and a new one is issued, preventing replay attacks.
Idempotency keys β task creation requests include a client-generated UUID. If the same request is retried (e.g., on network failure), the server deduplicates it β no duplicate tasks created.
DB transactions with row locking β task move operations use SELECT ... FOR UPDATE to prevent race conditions when multiple users move the same task simultaneously.
AI via Groq, not OpenAI β Groq's inference API serves LLaMA 3.1 at near-instant speeds with a generous free tier. No credit card, no cold starts, no per-token billing anxiety during demos.
Admin gate at the component level β the Admin Panel nav item and route are conditionally rendered based on the authenticated user's email, keeping the surface area minimal. No separate role column needed in the DB for a single-owner platform.
| Method | Endpoint | Auth | Description |
|---|---|---|---|
| POST | /api/auth/register |
β | Create account |
| POST | /api/auth/login |
β | Login, receive tokens |
| POST | /api/auth/refresh |
β | Rotate access token |
| POST | /api/auth/logout |
β | Invalidate refresh token |
| GET | /api/auth/me |
β | Current user info |
| GET | /api/workspaces |
β | List workspaces |
| POST | /api/workspaces |
β | Create workspace |
| GET | /api/workspaces/:id/boards |
β | List boards in workspace |
| POST | /api/workspaces/:id/boards |
β | Create board (auto-creates 4 columns) |
| GET | /api/boards/:id |
β | Board + columns + tasks |
| POST | /api/boards/:id/columns/:colId/tasks |
β | Create task (idempotent) |
| PATCH | /api/tasks/:id/move |
β | Move task (transactional) |
| DELETE | /api/tasks/:id |
β | Delete task |
| GET | /api/boards/:id/activity |
β | Activity log |
| POST | /api/ai/generate-tasks |
β | AI task plan from description |
| POST | /api/ai/write-description |
β | AI task description + criteria |
| POST | /api/ai/standup |
β | AI standup from board activity |
| GET | /api/admin/stats |
β Admin | Platform stats |
| GET | /api/admin/users |
β Admin | All users |
| GET | /api/admin/export |
β Admin | CSV user export |
| GET | /health |
β | Health check |
| Event | Direction | Description |
|---|---|---|
board:join |
Client β Server | Join a board's socket room |
board:online_users |
Server β Client | Current viewers on join |
user:joined |
Server β Client | Another user joined |
user:left |
Server β Client | A user disconnected |
task:created |
Bidirectional | New task broadcast to room |
task:moved |
Bidirectional | Task column change |
task:updated |
Bidirectional | Task field update |
task:deleted |
Bidirectional | Task removal |
Prerequisites: Node.js 18+, PostgreSQL 14+, Groq API key (free at console.groq.com)
# Clone
git clone https://github.com/AkashMs24/collabboard
cd collabboard
# Backend
cd server
npm install
cp .env.example .env
# Fill in: DATABASE_URL, JWT_SECRET, JWT_REFRESH_SECRET, CLIENT_URL, GROQ_API_KEY
npm run migrate
npm run dev
# Frontend (new terminal)
cd client
npm install
cp .env.example .env
# Set VITE_API_URL=http://localhost:4000
npm run devBackend β Render
- New Web Service β connect GitHub repo β root:
server/ - Add PostgreSQL plugin
- Set env vars:
DATABASE_URL,JWT_SECRET,JWT_REFRESH_SECRET,CLIENT_URL,GROQ_API_KEY,NODE_ENV=production - Shell β
npm run migrate
Frontend β Vercel
- Import repo β root:
client/ - Set
VITE_API_URLβ your Render backend URL - Deploy
Groq API key β get yours free at console.groq.com β API Keys β Create. No credit card required. Add it as
GROQ_API_KEYin both your.envand Render environment variables.
collabboard/
βββ server/
β βββ src/
β βββ config/ # DB pool, logger, migrations
β βββ controllers/ # Auth, board, task, AI, admin logic
β βββ middleware/ # JWT auth, rate limiting, error handler
β βββ routes/ # API route definitions
β βββ socket/ # WebSocket event handlers
β βββ index.js # Server entry point
βββ client/
βββ src/
βββ components/ # Layout, UI components
βββ context/ # Auth store (Zustand), Socket context
βββ lib/ # Axios instance with auto token refresh
βββ pages/ # Login, Register, Dashboard, Board, AI, Admin
βββ App.jsx
Akash M S β GitHub
Built as a demonstration of production software engineering: real-time systems, event-driven architecture, secure JWT auth patterns, transactional database design, scalable backend architecture, and LLM integration without infrastructure overhead.
This is not a tutorial clone. Every architectural decision β from idempotency keys to optimistic UI to refresh token rotation to Groq-powered AI tooling β was made deliberately to reflect how production systems are actually built.