Enterprise-Grade, End-to-End Encrypted File Sharing for Modern Teams
Modern, Secure, and Effortless File Sharing for Teams & Individuals
SecureDrive is a robust, full-stack web application for secure, auditable, and user-friendly file sharing. It leverages modern cryptography, cloud storage, and a seamless user experience to ensure your files are protected at every stage—at rest, in transit, and during sharing.
- End-to-End Encryption: Files are encrypted client-side (AES-256-GCM) before upload. Only authorized users can decrypt and access content.
- Zero Trust Architecture: The server never sees plaintext or private keys. All sensitive operations occur on the client.
- Granular Access Control: Share files securely with individuals or groups, with fine-grained permissions and key management.
- Multi-Factor Authentication: OTP-based verification for critical actions and account security.
- Cloud-Native Storage: Utilizes AWS S3 for scalable, reliable, and encrypted file storage.
- Audit Logging: Track file access, sharing, and key events for compliance and transparency.
- Modern UI/UX: Responsive React frontend with protected routes, dark mode, and real-time feedback.
- Email Notifications: Automated emails for sharing, verification, and security events.
Frontend: React, Vite, Context API, CryptoJS, JWT, CSS
Backend: Node.js, Express, JWT, AWS SDK, Nodemailer, Mongoose
Database: MongoDB
Storage: AWS S3
- Client-Side Encryption: Files are encrypted in-browser using AES-256-GCM. The AES key is encrypted with the recipient's RSA public key.
- Integrity & Authenticity: SHA-256 digests and RSA signatures ensure files are untampered and access is authorized.
- Zero Trust: The server only stores ciphertext and public keys. Private keys and plaintext never leave the client.
- JWT Authentication: All API endpoints are protected with stateless JWT tokens.
- MFA/OTP: Sensitive actions require OTP verification, sent via email.
SecureDrive/
├── backend/
│ ├── src/
│ │ ├── config/ # S3, DB, and app configs
│ │ ├── controllers/ # Business logic for auth, files, keys, users
│ │ ├── middleware/ # Auth, error handling
│ │ ├── models/ # Mongoose schemas for users, files
│ │ ├── routes/ # API endpoint definitions
│ │ ├── services/ # Email, S3, crypto services
│ │ └── utils/ # Helper utilities
│ ├── server.js # App entry point
│ └── ...
├── frontend/
│ ├── src/
│ │ ├── components/ # UI components (auth, files, keys, etc.)
│ │ ├── context/ # React context providers
│ │ ├── services/ # API and crypto services
│ │ └── utils/ # Crypto and config utilities
│ ├── index.html
│ └── ...
└── README.md
bash git clone https://github.com/rndastech/Secure-File-Sharing.git bash bash
- Node.js (v16+ recommended)
- npm or yarn
- AWS account (for S3)
- MongoDB instance (local or cloud)
git clone https://github.com/rndastech/Secure-File-Sharing.git
cd Secure-File-Sharing- Copy
.env.exampleto.envin bothbackend/andfrontend/folders. - Fill in AWS, MongoDB, JWT, and email credentials as required.
# Backend
cd backend
npm install
# Frontend
cd ../frontend
npm install# Start backend
cd backend
npm start
# Start frontend (in a new terminal)
cd ../frontend
npm run dev- Frontend: http://localhost:5173
- Backend API: http://localhost:5000
- Authentication: JWT-based, with OTP for registration and password reset.
- File Upload/Download: Encrypted files sent to S3; only authorized users can decrypt.
- Key Management: RSA key pairs generated client-side; public keys stored server-side.
- Sharing: Files can be shared by encrypting the AES key with the recipient's public key.
- Audit & Logging: All access and sharing events are logged for compliance.
This project is licensed under the MIT License.