A secure end-to-end encrypted file storage frontend built with React, TypeScript, and Vite. Ghost Drive Frontend provides a modern, user-friendly interface for the Ghost Drive secure file storage system, ensuring that only users can decrypt their files - even the development team cannot access user data.
- True End-to-End Encryption: Files are encrypted on the client side using AES-256
- Client-Side Key Generation: AES keys generated on frontend, preventing backend backdoors
- PIN-Based Security: User-defined PINs protect encryption keys (PIN never leaves client)
- Zero-Knowledge Architecture: Server cannot decrypt user files even if compromised
- Modern React Interface: Built with React 19, TypeScript, and Tailwind CSS
- Responsive Design: Works seamlessly on desktop and mobile devices
- File Management: Upload, download, organize, and manage encrypted files
- Virtual Folder Organization: Create and manage virtual folders for file organization
- Real-time Updates: Instant feedback for file operations
- Secure Authentication: JWT-based authentication with secure token management
- Framework: React 19 - Modern React with concurrent features
- Language: TypeScript - Type-safe JavaScript
- Build Tool: Vite - Fast build tool and dev server
- Styling: Tailwind CSS - Utility-first CSS framework
- HTTP Client: Axios - Promise-based HTTP client
- Cryptography: Web Crypto API - Native browser cryptography
- Package Manager: Bun - Fast JavaScript runtime and package manager
ghost-drive-fe/
├── public/ # Static assets
├── src/
│ ├── components/ # Reusable React components
│ │ └── PinModal.tsx # PIN input modal component
│ ├── pages/ # Page components
│ │ ├── LoginPage.tsx # User login page
│ │ └── RegisterPage.tsx # User registration page
│ ├── utils/ # Utility functions
│ │ ├── crypto.ts # Cryptography utilities
│ │ └── README.md # Crypto module documentation
│ ├── App.tsx # Main application component
│ ├── main.tsx # Application entry point
│ └── index.css # Global styles
├── package.json # Dependencies and scripts
├── vite.config.ts # Vite configuration
├── tsconfig.json # TypeScript configuration
└── README.md # Project documentation
Ghost Drive Frontend implements a sophisticated encryption system that ensures complete privacy:
- PIN-Based Key Derivation: Users provide a secret 6-digit PIN
- Client-Side AES Key Generation: Frontend generates a random AES-256 key for file encryption
- Key Encryption: The AES key is encrypted using the user's PIN on the client side
- Secure Storage: Only the encrypted AES key is sent to and stored in the database
- Zero-Knowledge: Backend never sees the plain PIN or plain AES key
- Client-Side Processing: All file encryption/decryption happens on the client
┌─────────────┐
│ User │
│ Selects │
│ File │
└─────────────┘
│
▼
┌─────────────┐
│ Generate │
│ Random AES │
│ Key │
└─────────────┘
│
▼
┌─────────────┐
│ Encrypt │
│ File with │
│ AES Key │
└─────────────┘
│
▼
┌─────────────┐ Encrypted ┌─────────────┐
│ User │ ───────────────►│ Backend │
│ │ File │ │
└─────────────┘ └─────────────┘
│
▼
┌─────────────┐ Encrypted ┌─────────────┐
│ MinIO │ ◄────────────── │ Backend │
│ Storage │ File │ │
└─────────────┘ └─────────────┘
┌─────────────┐ Request ┌─────────────┐
│ User │ ──────────────►│ Backend │
│ │ File ID │ │
└─────────────┘ └─────────────┘
│
▼
┌─────────────┐ Encrypted ┌─────────────┐
│ User │ ◄────────────── │ MinIO │
│ │ File │ Storage │
└─────────────┘ └─────────────┘
│
▼
┌─────────────┐
│ Decrypt │
│ File with │
│ AES Key │
└─────────────┘
│
▼
┌─────────────┐
│ Original │
│ File │
│ Restored │
└─────────────┘
- Node.js (v18 or higher) or Bun (v1.0.0 or higher)
- Modern web browser with Web Crypto API support
- Ghost Drive Backend server running (see backend documentation)
git clone <repository-url>
cd ghost-drive-feUsing Bun (recommended):
bun installUsing npm:
npm installUsing yarn:
yarn installCreate a .env file in the root directory:
# Backend API Configuration
VITE_API_BASE_URL=http://localhost:3000
VITE_API_TIMEOUT=30000
# Application Configuration
VITE_APP_NAME=Ghost Drive
VITE_APP_VERSION=1.0.0
# Feature Flags
VITE_ENABLE_DEBUG_MODE=false
VITE_ENABLE_ANALYTICS=falseUsing Bun:
bun devUsing npm:
npm run devUsing yarn:
yarn devThe application will be available at: http://localhost:5173
Using Bun:
bun run buildUsing npm:
npm run buildUsing yarn:
yarn build# Development with hot reload
bun dev
# Build for production
bun run build
# Preview production build
bun run preview
# Run linting
bun run lint- Create Components: Add new components in
src/components/ - Create Pages: Add new pages in
src/pages/ - Add Utilities: Add utility functions in
src/utils/ - Update Styles: Modify Tailwind classes or add custom CSS
- Test Features: Test in development mode before deployment
- Components: Use functional components with hooks
- TypeScript: Use strict TypeScript for type safety
- Styling: Use Tailwind CSS utility classes
- State Management: Use React hooks for local state
- API Calls: Use Axios for HTTP requests
- Error Handling: Implement proper error boundaries and error handling
- PIN Security: Users should use strong, unique 6-digit PINs
- Client-Side Key Generation: AES keys are generated on the frontend
- PIN Never Transmitted: User PINs never leave the client
- Zero-Knowledge Architecture: Backend cannot decrypt files
- HTTPS Required: Always use HTTPS in production
- Secure Storage: Use secure storage for sensitive data
- Input Validation: Validate all user inputs
- XSS Prevention: Sanitize user inputs and outputs
- Web Crypto API: Requires modern browsers with Web Crypto API support
- HTTPS Requirement: Web Crypto API only works in secure contexts
- Fallback Support: Consider fallback mechanisms for older browsers
- Environment Variables: Never commit sensitive data to version control
- API Keys: Store API keys in environment variables
- Debug Mode: Disable debug mode in production
- Error Messages: Don't expose sensitive information in error messages
- User Registration: Secure user registration with PIN setup
- User Login: JWT-based authentication with PIN verification
- PIN Management: Secure PIN change functionality
- Session Management: Automatic token refresh and session handling
- File Upload: Drag-and-drop file upload with encryption
- File Download: Secure file download with automatic decryption
- File Organization: Virtual folder creation and management
- File Preview: Preview supported file types
- File Search: Search files by name and content
- File Sharing: Secure file sharing capabilities
- Responsive Design: Works on desktop, tablet, and mobile
- Dark/Light Mode: User preference-based theme switching
- Progress Indicators: Real-time upload/download progress
- Error Handling: User-friendly error messages and recovery
- Loading States: Smooth loading animations and states
// User registration
POST /api/users/register
{
"username": "[email protected]",
"password": "securepassword",
"aesKeyEncrypted": "encrypted-aes-key-string"
}
// User login
POST /api/users/login
{
"username": "[email protected]",
"password": "securepassword"
}// Get upload presigned URL
GET /api/files/upload-url?filename=document.pdf&path=/Documents/
// Get download presigned URL
GET /api/files/download-url/:fileId
// List user files
GET /api/files?path=/Documents/
// Delete file
DELETE /api/files/:fileId// Get user profile
GET /api/users/me
// Update encrypted AES key
POST /api/users/update-aes-key-encrypted
{
"aesKeyEncrypted": "new-encrypted-aes-key-string"
}
// Update user avatar
POST /api/users/update-avatar
{
"avatar": "base64-encoded-avatar-image"
}- User Registration: Test user registration with PIN setup
- User Login: Test login with correct and incorrect credentials
- File Upload: Test file upload with encryption
- File Download: Test file download with decryption
- PIN Change: Test PIN change functionality
- Error Handling: Test various error scenarios
# Run unit tests
bun test
# Run integration tests
bun test:integration
# Run end-to-end tests
bun test:e2e# Build for production
bun run build
# Preview production build
bun run preview- Static Hosting: Deploy to Vercel, Netlify, or similar
- CDN: Use CDN for global distribution
- Docker: Containerize the application
- Cloud Platforms: Deploy to AWS, Google Cloud, or Azure
# Production environment variables
VITE_API_BASE_URL=https://api.ghostdrive.com
VITE_APP_NAME=Ghost Drive
VITE_ENABLE_DEBUG_MODE=false
VITE_ENABLE_ANALYTICS=true- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
- Follow TypeScript best practices
- Use meaningful commit messages
- Add tests for new features
- Update documentation as needed
- Follow the existing code style
This project is licensed under the MIT License - see the LICENSE file for details.
- Built with modern web technologies for maximum security and performance
- Special thanks to the React, TypeScript, and Vite communities
- Inspired by the need for truly secure file storage solutions
- Documentation: Check the docs folder for detailed guides
- Issues: Report bugs and request features on GitHub
- Discussions: Join community discussions on GitHub
- Security: Report security vulnerabilities privately
🔐 Remember: The strength of your encryption depends on the strength of your PIN. Choose wisely!
🌐 Browser Support: This application requires modern browsers with Web Crypto API support and HTTPS.