Share-IT is a secure, scalable, and user-friendly full-stack web application for secure internal file sharing. It empowers organizations to upload and distribute files through unique, time-bound, and password-protected links—eliminating the security risks of public cloud storage and email attachments.
Perfect for: HR departments, Legal teams, Development teams, and any organization prioritizing data confidentiality.
- Key Features
- Why Share-IT?
- Technology Stack
- System Architecture
- Project Structure
- Quick Start
- Usage Guide
- API Documentation
- Testing
- Troubleshooting
- Project Structure Details
- Deployment
- Contributing
- License
- Secure Uploads - Multi-format validation with configurable file size limits and virus scanning ready
- Time-Bound Links - Automatic link expiration after a configurable duration (1 hour to 30 days)
- Password Protection - Optional AES-256 encryption with strong password requirements
- Admin Dashboard - Comprehensive analytics for file traffic, storage usage, and user activity
- JWT Authentication - Secure token-based authentication for admin operations
- Responsive Design - Seamless experience across desktop, tablet, and mobile devices
- Download Tracking - Monitor who accessed and downloaded files with timestamps
- Automatic Cleanup - Expired files and their metadata automatically purged from the system
In an era of sophisticated data breaches, relying on public cloud links or unencrypted email attachments is unacceptable. Share-IT addresses critical enterprise needs:
- Ideal for HR (payroll, background checks) and Legal departments (contracts, NDAs)
- Files automatically "vanish" after set duration, reducing compliance burden
- Audit trails for regulatory requirements (GDPR, HIPAA, SOX)
- Time-bound links enforce a "clean-as-you-go" storage policy
- Prevents servers from filling with forgotten, outdated files
- Reduces long-term storage costs and maintenance overhead
- Provides a controlled, audited internal alternative to personal Dropbox/WeTransfer
- Prevents sensitive data from leaking to personal cloud accounts
- Maintains organizational control over shared data
- Securely share
.envtemplates, credentials, and configuration files - Password-protected links for team members and contractors
- Zero exposure to public repositories or version control systems
- No third-party dependency for sensitive data
- On-premise or private cloud deployment options
- Complete data ownership and control
| Category | Technologies |
|---|---|
| Frontend | React 18+, TypeScript, Vite, Axios, Tailwind CSS (or your CSS framework) |
| Backend | Node.js 18+, Express.js, JWT Authentication |
| Database | MongoDB, Mongoose ODM |
| File Handling | Multer (middleware), native Node.js streams |
| Security | bcrypt, crypto (AES-256), helmet, express-rate-limit |
| Development | Git, GitHub, Postman, ESLint, Prettier |
| Deployment | Docker (optional), CI/CD ready |
graph TD
A[User Selects File] --> B{Validation}
B -- Type/Size OK --> C[Upload to Server]
B -- Invalid --> D[Error Message]
C --> E[Generate Unique Link & Token]
E --> F{Add Protection?}
F -- Password --> G[Hash & Encrypt]
F -- No Password --> H[Store Metadata]
G --> H
H --> I[(MongoDB)]
I --> J[Return Share Link]
J --> K[User Shares Link]
K --> L{Recipient Access}
L -- Password Required --> M[Verify Password]
L -- Direct Access --> N[Check Expiry]
M -- Valid --> N
N -- Expired --> O[Deny Access]
N -- Valid --> P[Download File]
P --> Q[Update Statistics]
Q --> R[Log Access]
Secure-File-Sharing-System/
├── backend/ # Node.js & Express server
│ ├── controllers/ # Business logic for routes
│ │ ├── fileController.js # File upload/download handlers
│ │ ├── authController.js # Authentication logic
│ │ └── adminController.js # Admin dashboard handlers
│ ├── models/ # Mongoose schemas
│ │ ├── File.js # File metadata schema
│ │ └── User.js # User/admin schema
│ ├── routes/ # API endpoint definitions
│ │ ├── fileRoutes.js # File operations
│ │ ├── authRoutes.js # Auth endpoints
│ │ └── adminRoutes.js # Admin endpoints
│ ├── middleware/ # Custom middleware
│ │ ├── authMiddleware.js # JWT verification
│ │ ├── multerConfig.js # File upload config
│ │ └── errorHandler.js # Global error handling
│ ├── utils/ # Utility functions
│ │ ├── encryption.js # AES encryption/decryption
│ │ ├── tokenGenerator.js # Unique link generation
│ │ └── validators.js # Input validation
│ ├── uploads/ # Physical file storage directory
│ ├── .env.example # Environment variables template
│ ├── server.js # Express app setup & entry point
│ ├── package.json # Backend dependencies
│ └── README.md # Backend-specific documentation
│
├── frontend/ # React + TypeScript client
│ ├── src/
│ │ ├── components/ # Reusable UI components
│ │ │ ├── FileUpload.tsx # Upload form component
│ │ │ ├── ShareLink.tsx # Link display component
│ │ │ ├── AdminDashboard.tsx # Admin panel
│ │ │ └── Navigation.tsx # Navigation bar
│ │ ├── pages/ # Page components
│ │ │ ├── Home.tsx # Landing page
│ │ │ ├── Dashboard.tsx # User dashboard
│ │ │ ├── Admin.tsx # Admin panel
│ │ │ └── Download.tsx # Download/access page
│ │ ├── services/ # API integration layer
│ │ │ ├── api.ts # Axios configuration & endpoints
│ │ │ ├── fileService.ts # File operations
│ │ │ └── authService.ts # Authentication
│ │ ├── hooks/ # Custom React hooks
│ │ ├── styles/ # Global & component styles
│ │ ├── App.tsx # Root component
│ │ ├── main.tsx # React entry point
│ │ └── vite-env.d.ts # Vite type definitions
│ ├── .env.example # Environment variables template
│ ├── vite.config.ts # Vite build configuration
│ ├── tsconfig.json # TypeScript configuration
│ ├── package.json # Frontend dependencies
│ └── README.md # Frontend-specific documentation
│
├── CODE_OF_CONDUCT.md # Community guidelines
├── CONTRIBUTING.md # Contribution guidelines
├── LICENSE # GPL v3 License
├── PROJECT_STRUCTURE.md # Detailed structure documentation
└── README.md # This file
Before you begin, ensure you have the following installed:
- Node.js 18.0.0 or higher (Download)
- npm 9.0.0 or higher (comes with Node.js)
- MongoDB 5.0 or higher (Download or use MongoDB Atlas for cloud)
- Git for version control (Download)
Step 1: Clone the Repository
git clone https://github.com/Nitya-003/Secure-File-Sharing-System.git
cd Secure-File-Sharing-SystemStep 2: Install Backend Dependencies
cd backend
npm installStep 3: Install Frontend Dependencies
cd ../frontend
npm installStep 1: Backend Environment Setup
Create a .env file in the backend/ directory:
cp backend/.env.example backend/.envEdit backend/.env with your configuration:
# Server Configuration
PORT=5000
NODE_ENV=development
# Database Configuration
MONGO_URI=mongodb://localhost:27017/secureFileDB
# For MongoDB Atlas: mongodb+srv://username:password@cluster.mongodb.net/secureFileDB
# JWT Configuration
JWT_SECRET=your-super-secret-jwt-key-change-this-in-production
JWT_EXPIRE=7d
# File Upload Configuration
MAX_FILE_SIZE=52428800 # 50MB in bytes
ALLOWED_EXTENSIONS=pdf,doc,docx,xlsx,xls,ppt,pptx,txt,zip,jpg,png
# Link Expiry Configuration (in seconds)
DEFAULT_EXPIRY=86400 # 24 hours
MAX_EXPIRY=2592000 # 30 days
# Frontend URL (for CORS)
FRONTEND_URL=http://localhost:5173
# Email Configuration (optional, for notifications)
SMTP_HOST=smtp.gmail.com
SMTP_PORT=587
SMTP_USER=your-email@gmail.com
SMTP_PASS=your-app-password
Step 2: Frontend Environment Setup
Create a .env file in the frontend/ directory:
cp frontend/.env.example frontend/.envEdit frontend/.env:
VITE_API_URL=http://localhost:5000/api
VITE_APP_NAME=Share-IT
Terminal 1: Start Backend Server
cd backend
npm run devExpected output:
✓ Server running on http://localhost:5000
✓ Connected to MongoDB
Terminal 2: Start Frontend Development Server
cd frontend
npm run devExpected output:
✓ Local: http://localhost:5173/
- Frontend: http://localhost:5173
- API: http://localhost:5000/api
- Admin Dashboard: http://localhost:5173/admin (requires authentication)
-
Upload a File
- Navigate to the home page
- Click "Upload File" button
- Select a file (respects size limits)
- (Optional) Set expiry time (default: 24 hours)
- (Optional) Add password protection
- Click "Generate Link"
-
Share the Link
- Copy the generated link
- Share via email, chat, or messaging platform
- Optionally share the password separately for security
-
Access Shared Files
- Recipient clicks the link
- If password-protected, enters password
- Views file metadata (size, upload date, expiry)
- Downloads the file before it expires
-
Login to Dashboard
- Navigate to
/admin - Enter admin credentials (initial setup required)
- JWT token stored in localStorage
- Navigate to
-
Monitor Activity
- View all uploaded files and metadata
- See access statistics and download counts
- Monitor storage usage and quotas
-
Manage Files
- View active and expired files
- Manually remove files if needed
- View audit logs and access history
-
System Settings
- Configure file size limits
- Set default expiry duration
- Manage admin users and permissions
http://localhost:5000/api
All protected endpoints require a Bearer token:
Authorization: Bearer <JWT_TOKEN>
POST /files/upload - Upload a file
curl -X POST http://localhost:5000/api/files/upload \
-F "file=@document.pdf" \
-F "expiry=86400" \
-F "password=securePass123" \
-H "Authorization: Bearer TOKEN"GET /files/:fileId - Download a file
curl http://localhost:5000/api/files/FILE_ID \
-H "Authorization: Bearer TOKEN"GET /files/:fileId/metadata - Get file metadata
curl http://localhost:5000/api/files/FILE_ID/metadata \
-H "Authorization: Bearer TOKEN"POST /auth/register - Register new admin
curl -X POST http://localhost:5000/api/auth/register \
-H "Content-Type: application/json" \
-d '{"email":"admin@example.com","password":"securePass123"}'POST /auth/login - Login
curl -X POST http://localhost:5000/api/auth/login \
-H "Content-Type: application/json" \
-d '{"email":"admin@example.com","password":"securePass123"}'GET /admin/dashboard - Get dashboard statistics
curl http://localhost:5000/api/admin/dashboard \
-H "Authorization: Bearer TOKEN"GET /admin/files - List all files
curl http://localhost:5000/api/admin/files \
-H "Authorization: Bearer TOKEN"For comprehensive API documentation, see API_DOCS.md.
cd backend
npm testcd frontend
npm test- Import the Postman collection from
postman-collection.json - Set environment variables (
BASE_URL,TOKEN, etc.) - Run requests against local or staging environment
Problem: MongooseError: Cannot connect to MongoDB
Solution:
# Ensure MongoDB is running
mongod
# Check MongoDB URI in .env
# Local: mongodb://localhost:27017/secureFileDB
# Atlas: mongodb+srv://user:password@cluster.mongodb.net/dbname
# Verify connection with mongo shell
mongosh "mongodb://localhost:27017/secureFileDB"Problem: 413 Payload Too Large or File size exceeds limit
Solution:
- Check
MAX_FILE_SIZEin.env(default 50MB) - Increase if needed, but be cautious of server resources
- Check
/backend/middleware/multerConfig.jsfor additional limits
Problem: Access to XMLHttpRequest blocked by CORS policy
Solution:
# Verify FRONTEND_URL in backend/.env matches actual frontend URL
# Local development: http://localhost:5173
# Production: https://yourdomain.com
# Restart backend server after changesProblem: 401 Unauthorized: Token expired
Solution:
- Token automatically refreshes on login
- Clear browser localStorage and login again
- Increase
JWT_EXPIREin.envif needed
Problem: Error: listen EADDRINUSE :::5000
Solution:
# macOS/Linux: Find and kill process
lsof -i :5000
kill -9 <PID>
# Windows: Find and kill process
netstat -ano | findstr :5000
taskkill /PID <PID> /F
# Or change PORT in .env
PORT=5001For more detailed information about project organization and conventions, see:
- PROJECT_STRUCTURE.md - Comprehensive structure documentation
- Backend README - Backend-specific setup and development
- Frontend README - Frontend-specific setup and development
Build Docker Image:
docker-compose up --buildUsing Docker Individually:
# Backend
cd backend
docker build -t share-it-backend .
docker run -p 5000:5000 --env-file .env share-it-backend
# Frontend
cd frontend
docker build -t share-it-frontend .
docker run -p 5173:5173 share-it-frontend- Heroku: See DEPLOYMENT_HEROKU.md
- AWS: See DEPLOYMENT_AWS.md
- DigitalOcean: See DEPLOYMENT_DIGITALOCEAN.md
- Vercel (Frontend Only): See DEPLOYMENT_VERCEL.md
- Use environment variables for all secrets
- Enable HTTPS/SSL certificates
- Set up database backups and recovery
- Configure rate limiting on API endpoints
- Set up monitoring and logging
- Enable CORS for production domain only
- Configure firewall rules and security groups
- Test file upload/download with production settings
- Set up automated error reporting (Sentry, etc.)
- Document disaster recovery procedures
We welcome contributions from developers of all skill levels! Whether it's bug fixes, feature additions, or documentation improvements, your help is valued.
- Read our Guidelines: See CONTRIBUTING.md for detailed contribution instructions
- Follow Code Standards: Review CODE_OF_CONDUCT.md for community expectations
- Set Up Development Environment: Follow the Quick Start section above
# 1. Fork the repository on GitHub
# 2. Clone your fork
git clone https://github.com/YOUR_USERNAME/Secure-File-Sharing-System.git
# 3. Create a feature branch
git checkout -b feature/your-feature-name
# 4. Make your changes and test thoroughly
npm run lint # Check code quality
npm test # Run tests
# 5. Commit with clear messages
git commit -m "Add feature: brief description"
# 6. Push to your fork
git push origin feature/your-feature-name
# 7. Create a Pull Request on GitHub- Bug fixes and issue resolution
- New features and enhancements
- Documentation improvements
- Test coverage expansion
- UI/UX improvements
- Translation and internationalization
- Performance optimization
This project is licensed under the GNU General Public License v3.0 (GPLv3).
This ensures that:
- The code remains free and open-source
- Any modifications must be shared under the same license
- Commercial use is permitted with proper attribution
- Users have the freedom to study, modify, and distribute the code
See the LICENSE file for the complete legal text and terms.
- Issues & Bugs: GitHub Issues
- Discussions: GitHub Discussions
- Email Support: nityagosain@gmail.com
- Documentation: Wiki
- Thanks to all contributors who have helped improve Share-IT
- Special thanks to the open-source community for amazing libraries and tools
- Inspired by the need for secure, simple file sharing solutions