Skip to content

Nitya-003/Share-It

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

14 Commits
.vscode
.vscode
Β 
Β 
backend
backend
Β 
Β 
frontend
frontend
Β 
Β 
node_modules
node_modules
Β 
Β 
CODE_OF_CONDUCT.md
CODE_OF_CONDUCT.md
Β 
Β 
CONTRIBUTING.md
CONTRIBUTING.md
Β 
Β 
LICENSE
LICENSE
Β 
Β 
PROJECT_STRUCTURE.md
PROJECT_STRUCTURE.md
Β 
Β 
README.md
README.md
Β 
Β 
package-lock.json
package-lock.json
Β 
Β 
package.json
package.json
Β 
Β 
test-upload.js
test-upload.js
Β 
Β 

Repository files navigation

πŸ“ Share-IT: Secure File Sharing System

License: GPL v3 Open Source Love PRs Welcome Node.js React MongoDB

Share-IT is a secure, scalable, and user-friendly full-stack web application for secure internal file sharing. It empowers organizations to upload and distribute files through unique, time-bound, and password-protected linksβ€”eliminating the security risks of public cloud storage and email attachments.

Perfect for: HR departments, Legal teams, Development teams, and any organization prioritizing data confidentiality.

πŸ“‹ Table of Contents

🎯 Key Features

Core Functionality

  • πŸ” Secure Uploads - Multi-format validation with configurable file size limits and virus scanning ready
  • ⏰ Time-Bound Links - Automatic link expiration after a configurable duration (1 hour to 30 days)
  • πŸ›‘οΈ Password Protection - Optional AES-256 encryption with strong password requirements
  • πŸ“Š Admin Dashboard - Comprehensive analytics for file traffic, storage usage, and user activity
  • πŸ”‘ JWT Authentication - Secure token-based authentication for admin operations
  • πŸ“± Responsive Design - Seamless experience across desktop, tablet, and mobile devices
  • πŸ“₯ Download Tracking - Monitor who accessed and downloaded files with timestamps
  • πŸ—‘οΈ Automatic Cleanup - Expired files and their metadata automatically purged from the system

πŸ’‘ Why Share-IT?

In an era of sophisticated data breaches, relying on public cloud links or unencrypted email attachments is unacceptable. Share-IT addresses critical enterprise needs:

1. Corporate Confidentiality & Compliance

  • Ideal for HR (payroll, background checks) and Legal departments (contracts, NDAs)
  • Files automatically "vanish" after set duration, reducing compliance burden
  • Audit trails for regulatory requirements (GDPR, HIPAA, SOX)

2. Reduced Storage Bloat & Cost Savings

  • Time-bound links enforce a "clean-as-you-go" storage policy
  • Prevents servers from filling with forgotten, outdated files
  • Reduces long-term storage costs and maintenance overhead

3. Eliminate Shadow IT

  • Provides a controlled, audited internal alternative to personal Dropbox/WeTransfer
  • Prevents sensitive data from leaking to personal cloud accounts
  • Maintains organizational control over shared data

4. Developer Collaboration

  • Securely share .env templates, credentials, and configuration files
  • Password-protected links for team members and contractors
  • Zero exposure to public repositories or version control systems

5. Privacy-First Design

  • No third-party dependency for sensitive data
  • On-premise or private cloud deployment options
  • Complete data ownership and control

πŸ› οΈ Technology Stack

Category Technologies
Frontend React 18+, TypeScript, Vite, Axios, Tailwind CSS (or your CSS framework)
Backend Node.js 18+, Express.js, JWT Authentication
Database MongoDB, Mongoose ODM
File Handling Multer (middleware), native Node.js streams
Security bcrypt, crypto (AES-256), helmet, express-rate-limit
Development Git, GitHub, Postman, ESLint, Prettier
Deployment Docker (optional), CI/CD ready

πŸ”„ System Architecture

graph TD
    A[User Selects File] --> B{Validation}
    B -- Type/Size OK --> C[Upload to Server]
    B -- Invalid --> D[Error Message]
    C --> E[Generate Unique Link & Token]
    E --> F{Add Protection?}
    F -- Password --> G[Hash & Encrypt]
    F -- No Password --> H[Store Metadata]
    G --> H
    H --> I[(MongoDB)]
    I --> J[Return Share Link]
    J --> K[User Shares Link]
    K --> L{Recipient Access}
    L -- Password Required --> M[Verify Password]
    L -- Direct Access --> N[Check Expiry]
    M -- Valid --> N
    N -- Expired --> O[Deny Access]
    N -- Valid --> P[Download File]
    P --> Q[Update Statistics]
    Q --> R[Log Access]
Loading

πŸ“‚ Project Structure

Secure-File-Sharing-System/
β”œβ”€β”€ backend/                          # Node.js & Express server
β”‚   β”œβ”€β”€ controllers/                 # Business logic for routes
β”‚   β”‚   β”œβ”€β”€ fileController.js        # File upload/download handlers
β”‚   β”‚   β”œβ”€β”€ authController.js        # Authentication logic
β”‚   β”‚   └── adminController.js       # Admin dashboard handlers
β”‚   β”œβ”€β”€ models/                      # Mongoose schemas
β”‚   β”‚   β”œβ”€β”€ File.js                  # File metadata schema
β”‚   β”‚   └── User.js                  # User/admin schema
β”‚   β”œβ”€β”€ routes/                      # API endpoint definitions
β”‚   β”‚   β”œβ”€β”€ fileRoutes.js            # File operations
β”‚   β”‚   β”œβ”€β”€ authRoutes.js            # Auth endpoints
β”‚   β”‚   └── adminRoutes.js           # Admin endpoints
β”‚   β”œβ”€β”€ middleware/                  # Custom middleware
β”‚   β”‚   β”œβ”€β”€ authMiddleware.js        # JWT verification
β”‚   β”‚   β”œβ”€β”€ multerConfig.js          # File upload config
β”‚   β”‚   └── errorHandler.js          # Global error handling
β”‚   β”œβ”€β”€ utils/                       # Utility functions
β”‚   β”‚   β”œβ”€β”€ encryption.js            # AES encryption/decryption
β”‚   β”‚   β”œβ”€β”€ tokenGenerator.js        # Unique link generation
β”‚   β”‚   └── validators.js            # Input validation
β”‚   β”œβ”€β”€ uploads/                     # Physical file storage directory
β”‚   β”œβ”€β”€ .env.example                 # Environment variables template
β”‚   β”œβ”€β”€ server.js                    # Express app setup & entry point
β”‚   β”œβ”€β”€ package.json                 # Backend dependencies
β”‚   └── README.md                    # Backend-specific documentation
β”‚
β”œβ”€β”€ frontend/                         # React + TypeScript client
β”‚   β”œβ”€β”€ src/
β”‚   β”‚   β”œβ”€β”€ components/              # Reusable UI components
β”‚   β”‚   β”‚   β”œβ”€β”€ FileUpload.tsx       # Upload form component
β”‚   β”‚   β”‚   β”œβ”€β”€ ShareLink.tsx        # Link display component
β”‚   β”‚   β”‚   β”œβ”€β”€ AdminDashboard.tsx   # Admin panel
β”‚   β”‚   β”‚   └── Navigation.tsx       # Navigation bar
β”‚   β”‚   β”œβ”€β”€ pages/                   # Page components
β”‚   β”‚   β”‚   β”œβ”€β”€ Home.tsx             # Landing page
β”‚   β”‚   β”‚   β”œβ”€β”€ Dashboard.tsx        # User dashboard
β”‚   β”‚   β”‚   β”œβ”€β”€ Admin.tsx            # Admin panel
β”‚   β”‚   β”‚   └── Download.tsx         # Download/access page
β”‚   β”‚   β”œβ”€β”€ services/                # API integration layer
β”‚   β”‚   β”‚   β”œβ”€β”€ api.ts               # Axios configuration & endpoints
β”‚   β”‚   β”‚   β”œβ”€β”€ fileService.ts       # File operations
β”‚   β”‚   β”‚   └── authService.ts       # Authentication
β”‚   β”‚   β”œβ”€β”€ hooks/                   # Custom React hooks
β”‚   β”‚   β”œβ”€β”€ styles/                  # Global & component styles
β”‚   β”‚   β”œβ”€β”€ App.tsx                  # Root component
β”‚   β”‚   β”œβ”€β”€ main.tsx                 # React entry point
β”‚   β”‚   └── vite-env.d.ts            # Vite type definitions
β”‚   β”œβ”€β”€ .env.example                 # Environment variables template
β”‚   β”œβ”€β”€ vite.config.ts               # Vite build configuration
β”‚   β”œβ”€β”€ tsconfig.json                # TypeScript configuration
β”‚   β”œβ”€β”€ package.json                 # Frontend dependencies
β”‚   └── README.md                    # Frontend-specific documentation
β”‚
β”œβ”€β”€ CODE_OF_CONDUCT.md               # Community guidelines
β”œβ”€β”€ CONTRIBUTING.md                  # Contribution guidelines
β”œβ”€β”€ LICENSE                          # GPL v3 License
β”œβ”€β”€ PROJECT_STRUCTURE.md             # Detailed structure documentation
└── README.md                        # This file

⚑ Quick Start

Prerequisites

Before you begin, ensure you have the following installed:

Installation

Step 1: Clone the Repository

git clone https://github.com/yourusername/Secure-File-Sharing-System.git
cd Secure-File-Sharing-System

Step 2: Install Backend Dependencies

cd backend
npm install

Step 3: Install Frontend Dependencies

cd ../frontend
npm install

Configuration

Step 1: Backend Environment Setup

Create a .env file in the backend/ directory:

cp backend/.env.example backend/.env

Edit backend/.env with your configuration:

# Server Configuration
PORT=5000
NODE_ENV=development

# Database Configuration
MONGO_URI=mongodb://localhost:27017/secureFileDB
# For MongoDB Atlas: mongodb+srv://username:[email protected]/secureFileDB

# JWT Configuration
JWT_SECRET=your-super-secret-jwt-key-change-this-in-production
JWT_EXPIRE=7d

# File Upload Configuration
MAX_FILE_SIZE=52428800  # 50MB in bytes
ALLOWED_EXTENSIONS=pdf,doc,docx,xlsx,xls,ppt,pptx,txt,zip,jpg,png

# Link Expiry Configuration (in seconds)
DEFAULT_EXPIRY=86400     # 24 hours
MAX_EXPIRY=2592000      # 30 days

# Frontend URL (for CORS)
FRONTEND_URL=http://localhost:5173

# Email Configuration (optional, for notifications)
SMTP_HOST=smtp.gmail.com
SMTP_PORT=587
[email protected]
SMTP_PASS=your-app-password

Step 2: Frontend Environment Setup

Create a .env file in the frontend/ directory:

cp frontend/.env.example frontend/.env

Edit frontend/.env:

VITE_API_URL=http://localhost:5000/api
VITE_APP_NAME=Share-IT

Running the Application

Terminal 1: Start Backend Server

cd backend
npm run dev

Expected output:

βœ“ Server running on http://localhost:5000
βœ“ Connected to MongoDB

Terminal 2: Start Frontend Development Server

cd frontend
npm run dev

Expected output:

βœ“ Local: http://localhost:5173/

Access the Application

πŸ“– Usage Guide

For End Users

  1. Upload a File

    • Navigate to the home page
    • Click "Upload File" button
    • Select a file (respects size limits)
    • (Optional) Set expiry time (default: 24 hours)
    • (Optional) Add password protection
    • Click "Generate Link"

  2. Share the Link

    • Copy the generated link
    • Share via email, chat, or messaging platform
    • Optionally share the password separately for security

  3. Access Shared Files

    • Recipient clicks the link
    • If password-protected, enters password
    • Views file metadata (size, upload date, expiry)
    • Downloads the file before it expires

For Administrators

  1. Login to Dashboard

    • Navigate to /admin
    • Enter admin credentials (initial setup required)
    • JWT token stored in localStorage

  2. Monitor Activity

    • View all uploaded files and metadata
    • See access statistics and download counts
    • Monitor storage usage and quotas

  3. Manage Files

    • View active and expired files
    • Manually remove files if needed
    • View audit logs and access history

  4. System Settings

    • Configure file size limits
    • Set default expiry duration
    • Manage admin users and permissions

πŸ”Œ API Documentation

Base URL

http://localhost:5000/api

Authentication

All protected endpoints require a Bearer token:

Authorization: Bearer <JWT_TOKEN>

Key Endpoints

File Operations

POST /files/upload - Upload a file

curl -X POST http://localhost:5000/api/files/upload \
  -F "[email protected]" \
  -F "expiry=86400" \
  -F "password=securePass123" \
  -H "Authorization: Bearer TOKEN"

GET /files/:fileId - Download a file

curl http://localhost:5000/api/files/FILE_ID \
  -H "Authorization: Bearer TOKEN"

GET /files/:fileId/metadata - Get file metadata

curl http://localhost:5000/api/files/FILE_ID/metadata \
  -H "Authorization: Bearer TOKEN"

Authentication

POST /auth/register - Register new admin

curl -X POST http://localhost:5000/api/auth/register \
  -H "Content-Type: application/json" \
  -d '{"email":"[email protected]","password":"securePass123"}'

POST /auth/login - Login

curl -X POST http://localhost:5000/api/auth/login \
  -H "Content-Type: application/json" \
  -d '{"email":"[email protected]","password":"securePass123"}'

Admin Operations

GET /admin/dashboard - Get dashboard statistics

curl http://localhost:5000/api/admin/dashboard \
  -H "Authorization: Bearer TOKEN"

GET /admin/files - List all files

curl http://localhost:5000/api/admin/files \
  -H "Authorization: Bearer TOKEN"

For comprehensive API documentation, see API_DOCS.md (if available in repo).

πŸ§ͺ Testing

Backend Tests

cd backend
npm test

Frontend Tests

cd frontend
npm test

Manual Testing with Postman

  1. Import the Postman collection from postman-collection.json
  2. Set environment variables (BASE_URL, TOKEN, etc.)
  3. Run requests against local or staging environment

πŸ› Troubleshooting

MongoDB Connection Issues

Problem: MongooseError: Cannot connect to MongoDB

Solution:

# Ensure MongoDB is running
mongod

# Check MongoDB URI in .env
# Local: mongodb://localhost:27017/secureFileDB
# Atlas: mongodb+srv://user:[email protected]/dbname

# Verify connection with mongo shell
mongosh "mongodb://localhost:27017/secureFileDB"

File Upload Fails

Problem: 413 Payload Too Large or File size exceeds limit

Solution:

  • Check MAX_FILE_SIZE in .env (default 50MB)
  • Increase if needed, but be cautious of server resources
  • Check /backend/middleware/multerConfig.js for additional limits

CORS Errors

Problem: Access to XMLHttpRequest blocked by CORS policy

Solution:

# Verify FRONTEND_URL in backend/.env matches actual frontend URL
# Local development: http://localhost:5173
# Production: https://yourdomain.com

# Restart backend server after changes

JWT Token Expired

Problem: 401 Unauthorized: Token expired

Solution:

  • Token automatically refreshes on login
  • Clear browser localStorage and login again
  • Increase JWT_EXPIRE in .env if needed

Port Already in Use

Problem: Error: listen EADDRINUSE :::5000

Solution:

# macOS/Linux: Find and kill process
lsof -i :5000
kill -9 <PID>

# Windows: Find and kill process
netstat -ano | findstr :5000
taskkill /PID <PID> /F

# Or change PORT in .env
PORT=5001

πŸ“ Project Structure Details

For more detailed information about project organization and conventions, see:

πŸš€ Deployment

Docker Deployment

Build Docker Image:

docker-compose up --build

Using Docker Individually:

# Backend
cd backend
docker build -t share-it-backend .
docker run -p 5000:5000 --env-file .env share-it-backend

# Frontend
cd frontend
docker build -t share-it-frontend .
docker run -p 5173:5173 share-it-frontend

Cloud Deployment Options

Production Checklist

  • Use environment variables for all secrets
  • Enable HTTPS/SSL certificates
  • Set up database backups and recovery
  • Configure rate limiting on API endpoints
  • Set up monitoring and logging
  • Enable CORS for production domain only
  • Configure firewall rules and security groups
  • Test file upload/download with production settings
  • Set up automated error reporting (Sentry, etc.)
  • Document disaster recovery procedures

🀝 Contributing

We welcome contributions from developers of all skill levels! Whether it's bug fixes, feature additions, or documentation improvements, your help is valued.

Getting Started with Contributing

  1. Read our Guidelines: See CONTRIBUTING.md for detailed contribution instructions
  2. Follow Code Standards: Review CODE_OF_CONDUCT.md for community expectations
  3. Set Up Development Environment: Follow the Quick Start section above

Development Workflow

# 1. Fork the repository on GitHub
# 2. Clone your fork
git clone https://github.com/YOUR_USERNAME/Secure-File-Sharing-System.git

# 3. Create a feature branch
git checkout -b feature/your-feature-name

# 4. Make your changes and test thoroughly
npm run lint      # Check code quality
npm test         # Run tests

# 5. Commit with clear messages
git commit -m "Add feature: brief description"

# 6. Push to your fork
git push origin feature/your-feature-name

# 7. Create a Pull Request on GitHub

Areas We Need Help With

  • πŸ› Bug fixes and issue resolution
  • ✨ New features and enhancements
  • πŸ“š Documentation improvements
  • πŸ§ͺ Test coverage expansion
  • 🎨 UI/UX improvements
  • 🌍 Translation and internationalization
  • πŸš€ Performance optimization

βš–οΈ License

This project is licensed under the GNU General Public License v3.0 (GPLv3).

This ensures that:

  • βœ… The code remains free and open-source
  • βœ… Any modifications must be shared under the same license
  • βœ… Commercial use is permitted with proper attribution
  • βœ… Users have the freedom to study, modify, and distribute the code

See the LICENSE file for the complete legal text and terms.

πŸ“ž Support & Community

πŸŽ“ Learning Resources

🌟 Acknowledgments

  • Thanks to all contributors who have helped improve Share-IT
  • Special thanks to the open-source community for amazing libraries and tools
  • Inspired by the need for secure, simple file sharing solutions

Built to provide a secure bridge for data, ensuring privacy remains a right, not a privilege.

Star us on GitHub ⭐ β€’ Follow us on Twitter 🐦 β€’ Support the Project ❀️

About

Because sharing your work shouldn't mean sacrificing your security

secure-file-sharing-system-red.vercel.app/

Resources

Readme

License

GPL-3.0 license

Code of conduct

Code of conduct

Contributing

Contributing
Activity

Stars

1 star

Watchers

0 watching

Forks

2 forks
Report repository

Contributors

Languages