https://github.com/yashanksingh/secure-file-sharing-system

Secure File-Sharing System with Flask and MongoDB
https://github.com/yashanksingh/secure-file-sharing-system

docker file-sharing flask mongodb oracle-cloud python traefik waitress

Last synced: 2 months ago
JSON representation

Secure File-Sharing System with Flask and MongoDB

• Host: GitHub
• URL: https://github.com/yashanksingh/secure-file-sharing-system
• Owner: yashanksingh
• License: mit
• Created: 2025-01-17T10:24:41.000Z (over 1 year ago)
• Default Branch: master
• Last Pushed: 2025-01-19T11:03:49.000Z (over 1 year ago)
• Last Synced: 2025-07-13T08:46:33.176Z (11 months ago)
• Topics: docker, file-sharing, flask, mongodb, oracle-cloud, python, traefik, waitress
• Language: Python
• Homepage:
• Size: 78.1 KB
• Stars: 2
• Watchers: 1
• Forks: 2
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
## Secure File Sharing System



### Backend Assessment for EZ Works

This project is a secure file-sharing system implemented as part of the backend engineer assessment for **EZ Works**.

You can find the live project at: [TODO](#) (This will be taken down after the assessment)


It provides an API for secure file upload, download, and management between two types of users: Operation Users and Client Users.



### Features

#### Technology Stack

- **Framework**: Flask

- **Database**: MongoDB

- **Authentication**: JWT (JSON Web Tokens)

- **File Type Detection**: python-magic

  - The file type is determined not only by the file extension but also by analyzing its contents.



### Security Considerations

- File types are verified by content, not just extension

- Download URLs are encrypted and have a short expiration time

- User passwords are hashed before storage



### API Endpoints

#### Authentication

- **POST** `/signup`: Sign up a new user

- **GET** `/verify-email/`: Verify user's email

- **POST** `/login`: Log in a user

#### File Operations

- **POST** `/upload`: Upload a file (Operation Users only)

- **GET** `/files`: List all uploaded files

- **GET** `/download/`: Generate a download link for a file

- **GET** `/secure-download/`: Download a file using a secure token



### Future Improvements

- Implement rate limiting

- Add file encryption at rest

- Implement more granular user permissions

- Add logging and monitoring



### Testing

To run the test suite:

```shell

pytest -v tests/

```

You can check out a previous pytest log at [tests/test_results.log](tests/test_results.log) 


View the postman tests run summary at [assets/Secure File Sharing System.postman_test_run.json](assets/Secure%20File%20Sharing%20System.postman_test_run.json) 




  



You can also import the Postman collection at [assets/Secure File Sharing System.postman_collection.json](assets/Secure%20File%20Sharing%20System.postman_collection.json)



### Setup and Installation

Make sure you are using `Python 3.12` or later. 


These instructions will help you get set up with a local development environment

1. Clone the repository:

   ```shell

   git clone https://github.com/yashanksingh/Secure-File-Sharing-System.git

   cd Secure-File-Sharing-System

   ```

2. Set up a virtual environment:

   ```shell

   python -m venv venv

   ./venv/Scripts/activate  # On Linux use `source venv\bin\activate`

   ```

3. Install dependencies:

   ```shell

   pip install -r requirements.txt

   pip install python-magic-bin~=0.4.14 # only for Windows 

   sudo apt update && sudo apt install -y libmagic-dev # only for Linux

   ```

4. Set up environment variables:


   Create a `.env` file in the root directory and add the following:

   ```

   SECRET_KEY=your_secret_key

   MONGO_URI=your_mongodb_uri

   UPLOAD_FOLDER=path_to_upload_folder

   SMTP2GO_API_KEY=your_smtp2go_api_key

   SMTP2GO_SENDER='sender_name '

   BASE_URL='' # specify the base URL of your application or leave empty for 127.0.0.1:5000

   ```

5. Run the application:

   ```shell

   python run.py

   ```



### Deployment

Follow these steps to deploy the application using Docker

1. Create a Dockerfile 


   Create a file named `Dockerfile` in the root directory of the project with the following content:

   ```dockerfile

   FROM python:3.12-slim

   WORKDIR /SFSS

   COPY . .

   RUN pip install -r requirements.txt

   RUN apt update && apt install -y libmagic-dev

   RUN pip install waitress

   RUN mkdir uploads

   EXPOSE 5000

   CMD ["waitress-serve", "--port=5000", "--call", "app:create_app"]

   ```

2. Create a .dockerignore file 


   Create a `.dockerignore` file in the root directory to exclude unnecessary files:

   ```

   .idea/

   venv/

   .pytest_cache

   *.pyc

   __pycache__/

   .git/

   .gitignore

   uploads/

   tests/

   README.md

   Dockerfile

   .dockerignore

   ```

3. Build the Docker image 


   Run the following command in your terminal:

    ```shell 

    sudo docker build -t sfss .

    ```

4. Run the Docker container 


   To run the container with a mounted volume, use:

    ```shell

    sudo docker run --name sfss -d -p 5000:5000 -v $(pwd)/uploads:/uploads sfss

    ```

    This command does the following: 


    **-d**: Runs the container in detached mode. This means the container will keep running in the background.


    **-p 5000:5000**: Maps port 5000 of the host to port 5000 on the container. 


    **-v $(pwd)/uploads:/uploads**: Mounts the uploads directory from your current working directory to /uploads in the container

5. Access your application 


The application should now be accessible at `http://localhost:5000`



### Contributing

This project was created as part of an assessment. However, if you have suggestions or improvements, please feel free to open an issue or submit a pull request.



### License

MIT License