OpenJournal is an open-source, feature-rich journaling application designed to serve both personal and business documentation needs with enterprise-grade security and flexibility.
Repository: https://github.com/btafoya/journal
Project Status: ✅ Production Ready - All 18 core features implemented and fully documented
- Rich Text Editor: Powered by TipTap with full formatting support
- Entry Management: Create, edit, delete, and organize journal entries
- Templates: Pre-built entry templates for different use cases
- Tags & Categories: Organize entries with customizable tags
- Advanced Search: Full-text search with fuzzy matching and suggestions
- Attachments: Upload and attach files to entries with encryption
- Theme System: Install and customize themes with Tailwind CSS variables
- Plugin Architecture: Extend functionality with custom plugins
- Workspace Management: Multiple workspaces for different contexts
- User Preferences: Customizable settings and preferences
- End-to-End Encryption: Files encrypted at rest with AES-256-GCM
- Two-Factor Authentication: TOTP-based 2FA with backup codes
- Role-Based Access Control: Granular permissions system
- Security Headers: Comprehensive HTTP security headers and CSP
- CSRF Protection: Double-submit cookie CSRF protection
- Rate Limiting: Tiered rate limiting to prevent abuse
- XSS Prevention: DOMPurify sanitization for user-generated content
- Audit Logging: Complete audit trail for all sensitive operations
- Comments System: Add comments to entries for team collaboration
- User Mentions: Mention other users in comments
- Notifications: Real-time notifications for mentions and updates
- Role Management: Admin, User, and custom role support
- Version Control: Track changes to entries with version history
- Import/Export: Import/export entries in various formats
- MCP Server Integration: Model Context Protocol server support
- OAuth Authentication: Google, GitHub, Microsoft OAuth support
- Email Notifications: Postmark integration for email delivery
- Plugin System: Comprehensive plugin API with lifecycle hooks
- Theme Marketplace: Share and distribute custom themes
- REST API: Full-featured API for third-party integrations
- TypeScript: Fully typed codebase for better DX
- Prisma ORM: Type-safe database queries
- Frontend: Next.js 14 with TypeScript, Tailwind CSS, and shadcn/ui
- Backend: Next.js 14 API Routes
- Database: PostgreSQL 16
- ORM: Prisma
- Styling: Tailwind CSS with shadcn/ui components
- Code Quality: ESLint, Prettier, TypeScript
- Node.js 18+ (LTS recommended)
- pnpm 8+
- Docker and Docker Compose
- Git
git clone https://github.com/btafoya/journal.git
cd journalpnpm installdocker compose up -dThis will start a PostgreSQL instance on port 5433.
Copy the example environment file:
cp .env.example .env.localThe default .env.local is configured for local development.
For OAuth authentication providers (Google, GitHub, Microsoft):
- See OAuth Setup Guide for detailed instructions on configuring OAuth providers
pnpm prisma generatepnpm prisma migrate devpnpm devOpen http://localhost:3000 with your browser to see the application.
pnpm dev- Start the development serverpnpm build- Build the production applicationpnpm start- Start the production serverpnpm lint- Run ESLintpnpm format- Format code with Prettierpnpm format:check- Check code formatting
journal/
├── app/ # Next.js 14 app directory
│ ├── layout.tsx # Root layout
│ └── page.tsx # Home page
├── components/ # React components
├── lib/ # Utility functions
├── prisma/ # Prisma schema and migrations
├── public/ # Static assets
├── .taskmaster/ # Task Master configuration
├── docker-compose.yml # PostgreSQL Docker setup
├── .env.local # Environment variables (local)
├── .prettierrc # Prettier configuration
├── .eslintrc.json # ESLint configuration
├── tailwind.config.ts # Tailwind CSS configuration
└── tsconfig.json # TypeScript configuration
Comprehensive documentation is available in the docs/ directory:
- Security Guide - Security features, best practices, and audit results
- OAuth Setup - Configure Google, GitHub, and Microsoft OAuth
- Plugin Development - Create custom plugins
- Plugin API Reference - Complete plugin API documentation
- User Guide - End-user documentation and features
- Developer Guide - Developer onboarding and architecture
- API Documentation - REST API reference
- Deployment Guide - Production deployment instructions
This project uses Task Master for task tracking and workflow management:
# View all tasks
task-master list
# Get next available task
task-master next
# View task details
task-master show <id>
# Mark task as in-progress
task-master set-status --id=<id> --status=in-progress
# Mark task as complete
task-master set-status --id=<id> --status=doneFor detailed development workflows, see the Developer Guide.
OpenJournal implements enterprise-grade security features:
- 🔒 File Encryption: AES-256-GCM encryption for all uploaded files
- 🔐 Two-Factor Authentication: TOTP-based 2FA with backup codes
- 🛡️ Security Headers: Comprehensive HTTP security headers and CSP
- 🚫 CSRF Protection: Double-submit cookie pattern for all state-changing operations
- ⚡ Rate Limiting: Tiered rate limiting (auth, API, read operations)
- 🧹 XSS Prevention: DOMPurify sanitization for user-generated HTML
- 📝 Audit Logging: Complete audit trail for all sensitive operations
Security Score: 95/100 (see Security Guide for details)
For detailed security information, see the Security Guide.
Development Phase: ✅ Complete (100%)
| Feature Category | Status | Details |
|---|---|---|
| Core Journaling | ✅ Complete | Rich text editor, templates, search, attachments |
| Security | ✅ Complete | 95/100 security score, encryption, 2FA, CSRF, rate limiting |
| Collaboration | ✅ Complete | Comments, mentions, notifications, RBAC |
| Customization | ✅ Complete | Themes, plugins, workspaces |
| Advanced Features | ✅ Complete | Version control, import/export, MCP integration |
| Documentation | ✅ Complete | User guide, API docs, developer guide, deployment guide |
Total Tasks: 18/18 completed ✅
- ✅ All core features implemented
- ✅ Enterprise-grade security
- ✅ Comprehensive documentation
- ✅ Production deployment guides
- 🔄 Mobile app development
- 🔄 Offline support with sync
- 🔄 Advanced analytics dashboard
- 🔄 AI-powered content suggestions
- 📋 Real-time collaboration
- 📋 Advanced plugin marketplace
- 📋 Multi-language support
- 📋 Enhanced export formats
Coming soon - screenshots will be added before public release
We welcome contributions from the community! Here's how you can help:
- 🐛 Report Bugs: Open an issue with detailed reproduction steps
- 💡 Suggest Features: Share your ideas in the discussions section
- 📝 Improve Documentation: Help us make our docs clearer
- 🔧 Submit Pull Requests: Fix bugs or implement features
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Make your changes following our code style guidelines
- Add tests for new functionality
- Run the test suite (
pnpm test) - Commit your changes (
git commit -m 'feat: add amazing feature') - Push to your branch (
git push origin feature/amazing-feature) - Open a Pull Request
See CONTRIBUTING.md for detailed guidelines.
- 📖 Documentation: Check our comprehensive docs
- 💬 Discussions: Join our GitHub Discussions
- 🐛 Issues: Report bugs via GitHub Issues
- 📧 Email: contact@openjournal.dev (for security issues, see SECURITY.md)
This project is licensed under the MIT License - see the LICENSE file for details.
- Built with Next.js
- UI components from shadcn/ui
- Rich text editor powered by TipTap
- Icons from Lucide
If you find this project useful, please consider giving it a star ⭐
Made with ❤️ by the OpenJournal Team