ImpactFlow API

Backend infrastructure for the ImpactFlow Protocol.

Overview

This repository provides backend services for:

• Authentication
• Campaign management
• Beneficiary verification
• Notifications
• Analytics
• Off-chain validation

Features

• Wallet authentication via Stellar wallet signature verification
• JWT-based session issuance
• In-memory session handling
• Role-based access control (planned)
• Campaign APIs
• Beneficiary onboarding
• Milestone approval workflow
• Event tracking
• Queue processing

Tech Stack

• Node.js
• Express
• TypeScript
• JWT
• Stellar SDK

Getting Started

git clone https://github.com/impactflowlabs/impactflow-api.git
cd impactflow-api
npm install
cp .env.example .env
npm run dev

Environment Variables

DATABASE_URL=
JWT_SECRET=your-super-secret-key
REDIS_URL=
STELLAR_RPC_URL=https://horizon-testnet.stellar.org
CONTRACT_ID=

Wallet Authentication API

Request a challenge

POST /auth/challenge

Request body:

{
  "publicKey": "G..."
}

Response:

{
  "publicKey": "G...",
  "challenge": "ImpactFlow wallet authentication ...",
  "expiresAt": 1680000000000
}

Verify a signature and get a JWT

POST /auth/verify

Request body:

{
  "publicKey": "G...",
  "signature": "Base64SignatureHere"
}

Response:

{
  "token": "eyJ...",
  "expiresIn": 3600,
  "publicKey": "G..."
}

Get authenticated user info

GET /auth/me

Headers:

Authorization: Bearer <token>

Response:

{
  "publicKey": "G...",
  "authMethod": "wallet"
}

Logout

POST /auth/logout

Headers:

Authorization: Bearer <token>

Response:

{
  "status": "logged out"
}

Project Structure

src/
 ├── auth/
 │   ├── auth.controller.ts
 │   ├── auth.service.ts
 │   ├── session.service.ts
 │   ├── stellar.utils.ts
 │   └── types.ts
 ├── middleware/
 │   └── jwt.middleware.ts
 ├── app.ts
 └── server.ts

Notes

• JWT_SECRET must be set in .env for secure token signing.
• This implementation uses an in-memory session store; replace with Redis or database storage for production.