Enterprise-grade secure file storage solution with React frontend, JWT authentication, and Cloudflare R2 integration
Features β’ Quick Start β’ API Docs β’ Deployment
- Overview
- Features
- Tech Stack
- Quick Start
- Configuration
- API Documentation
- Deployment
- Project Structure
- Contributing
- License
FileVault is a full-stack secure file storage application that provides:
- React Frontend with modern UI/UX and dark mode support
- Node.js/Express Backend with RESTful API
- JWT Authentication with email verification
- Cloudflare R2 Storage for scalable file hosting
- PostgreSQL Database with Aiven cloud hosting
- Docker Support for easy deployment
Perfect for building secure file sharing platforms, document management systems, or cloud storage solutions.
- β JWT-based authentication with secure token management
- β Email verification system with automated emails (Gmail SMTP)
- β Password reset functionality
- β Bcrypt password hashing
- β Rate limiting on all endpoints
- β CORS and security headers (Helmet.js)
- β Anonymous file uploads for quick sharing
- β Authenticated user file management
- β Multiple file format support (images, documents, archives, media)
- β File size validation (up to 5GB)
- β Secure file deletion with R2 cleanup
- β Shareable links with expiration controls
- β Modern React UI with TypeScript
- β Dark/Light mode toggle
- β Responsive design (mobile-friendly)
- β File upload with drag-and-drop
- β User dashboard with file management
- β Real-time upload progress
- β Cloudflare R2 for scalable storage
- β Presigned URLs for secure downloads
- β Automatic file organization
- β Global edge distribution
- β Winston logging with file rotation
- β Database query monitoring
- β Error tracking with unique IDs
- β Health check endpoints
- Runtime: Node.js 18+
- Framework: Express.js
- Database: PostgreSQL (Aiven Cloud)
- Storage: Cloudflare R2 (S3-compatible)
- Authentication: JWT + Bcrypt
- Email: Nodemailer (Gmail SMTP)
- Logging: Winston
- Security: Helmet.js, CORS, Rate Limiting
- Framework: React 18 with TypeScript
- Routing: React Router v6
- Forms: React Hook Form + Zod validation
- HTTP Client: Axios
- Styling: Tailwind CSS
- Notifications: React Hot Toast
- State: React Context API
- Containerization: Docker + Docker Compose
- Development: Nodemon, Hot Reload
- Database Migrations: dbmate
- Node.js 18+ and npm
- Docker and Docker Compose (recommended)
- PostgreSQL database (or use Aiven free tier)
- Cloudflare R2 bucket
- Gmail account for SMTP (or other email service)
git clone https://github.com/hariomop12/FileVault.git
cd FileVaultCreate .env file in the root directory:
# Server Configuration
PORT=3000
NODE_ENV=development
# Database (Aiven PostgreSQL)
DATABASE_URL=postgresql://user:password@host:port/database?sslmode=require
# JWT Configuration
JWT_SECRET=your-super-secret-jwt-key-change-this
JWT_EXPIRES_IN=7d
# Cloudflare R2 Storage
R2_ENDPOINT=https://your-account-id.r2.cloudflarestorage.com
R2_ACCESS_KEY_ID=your-r2-access-key
R2_SECRET_ACCESS_KEY=your-r2-secret-key
R2_BUCKET_NAME=your-bucket-name
# Email Configuration (Gmail)
EMAIL_HOST=smtp.gmail.com
EMAIL_PORT=587
EMAIL_SECURE=false
EMAIL_USER=your-email@gmail.com
EMAIL_PASS=your-app-password
EMAIL_FROM=FileVault <your-email@gmail.com>
# Frontend URL
FRONTEND_URL=http://localhost:3001# Start all services (backend, frontend, postgres)
docker-compose -f docker-compose.dev.yml up -d
# View logs
docker-compose -f docker-compose.dev.yml logs -f
# Stop services
docker-compose -f docker-compose.dev.yml downAccess the application:
- Frontend: http://localhost:3001
- Backend API: http://localhost:3000
- API Docs: http://localhost:3000/api-docs
Backend:
# Install dependencies
npm install
# Run database migrations
npm run migrate
# Start development server
npm run devFrontend:
cd frontend
npm install
npm start- Create free PostgreSQL database at Aiven.io
- Copy the connection string to
DATABASE_URLin.env - Run migrations:
npm run migrate
- Create R2 bucket in Cloudflare dashboard
- Generate API tokens with R2 permissions
- Add credentials to
.env
- Enable 2-Step Verification in Google Account
- Generate App Password: Google App Passwords
- Use app password (16 characters, no spaces) in
EMAIL_PASS
// Default limits (configurable in code):
API endpoints: 100 requests/15 minutes
Auth endpoints: 10 requests/15 minutes
File uploads: 5 requests/1 minutePOST /api/v1/auth/signup # User registration
POST /api/v1/auth/login # User login
GET /api/v1/auth/verify-email # Email verification
POST /api/v1/auth/forgot-password # Password reset request
POST /api/v1/auth/reset-password # Password reset
POST /api/v1/auth/resend-verification # Resend verification emailPOST /api/v1/files/upload # Anonymous file upload
POST /api/v1/files/download # Anonymous file downloadGET /api/v1/user/files # Get user's files
POST /api/v1/user/files/upload # Upload file
GET /api/v1/user/files/:id # Get file metadata
GET /api/v1/user/files/:id/download # Get download link
DELETE /api/v1/user/files/:id # Delete file
POST /api/v1/user/files/:id/share # Create shareable linkcurl -X POST http://localhost:3000/api/v1/auth/signup \
-H "Content-Type: application/json" \
-d '{
"name": "John Doe",
"email": "john@example.com",
"password": "securePassword123"
}'Response:
{
"success": true,
"message": "Registration successful! Please check your email to verify your account.",
"user": {
"id": 1,
"name": "John Doe",
"email": "john@example.com"
}
}curl -X POST http://localhost:3000/api/v1/user/files/upload \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-F "file=@/path/to/file.pdf"Interactive API Documentation: Visit http://localhost:3000/api-docs for Swagger UI with all endpoints.
Development:
docker-compose -f docker-compose.dev.yml up -dProduction:
docker-compose -f docker-compose.prod.yml up -dBackend:
npm install --production
npm run migrate
npm startFrontend:
cd frontend
npm install
npm run build
# Serve build folder with nginx or serveNODE_ENV=production
DATABASE_URL=your-production-db-url
FRONTEND_URL=https://your-domain.comFileVault/
βββ backend/
β βββ config/ # Database, R2, email config
β βββ controllers/ # Request handlers
β βββ middlewares/ # Auth, validation, rate limiting
β βββ models/ # Database models
β βββ routes/ # API routes
β βββ services/ # Business logic (auth, file, R2)
β βββ utils/ # Helpers and utilities
β βββ app.js # Express app setup
β βββ server.js # Server entry point
β
βββ frontend/
β βββ public/ # Static assets
β βββ src/
β β βββ components/ # React components
β β βββ contexts/ # Context providers
β β βββ pages/ # Page components
β β βββ services/ # API services
β β βββ types/ # TypeScript types
β β βββ App.tsx # Main app component
β βββ package.json
β
βββ db/
β βββ migrations/ # Database migrations
β
βββ docker-compose.dev.yml # Development setup
βββ docker-compose.prod.yml # Production setup
βββ Dockerfile.dev # Backend dev image
βββ .env # Environment variables
βββ README.md
Contributions are welcome! Please follow these steps:
- Fork the repository
- Create feature branch (
git checkout -b feature/amazing-feature) - Commit changes (
git commit -m 'Add amazing feature') - Push to branch (
git push origin feature/amazing-feature) - Open Pull Request
- Follow ESLint configuration
- Write tests for new features
- Update documentation as needed
- Use conventional commits
This project is licensed under the MIT License - see the LICENSE file for details.
Hariom Virkhare
- GitHub: @hariomop12
- Email: hariomvirkhare02@gmail.com
- LinkedIn: hariomop12
- Cloudflare R2 for excellent cloud storage
- Aiven for managed PostgreSQL hosting
- Node.js and React communities
- All open-source contributors
- π Bug Reports: GitHub Issues
- π‘ Feature Requests: GitHub Discussions
- π Security Issues: Email directly to hariomvirkhare02@gmail.com
β Star this repo if you find it helpful!
Made with β€οΈ by Hariom Virkhare