Timeframe
April 2025 - July 2025
Github
Objective
A secure and scalable document management backend with Proper sharing logic.
Technologies
00
JWT Access & Refresh tokens with secure cookie flow
01
Token rotation for refresh tokens
02
CRUD operations for documents
03
Link-based document sharing
04
Search and filtering of documents
05
CSRF protection
06
Helmet security headers
07
Input validation for all requests
Frontend
Companion frontend for document editing
Backend
Modular Express layers: Routes → Controllers → Services → Middleware → Models → Error handling
Database
00
How to create secure shareable links?
Implemented link tokens stored in the database for revocation, regeneration, and expiration control.
Implemented link tokens stored in the database for revocation, regeneration, and expiration control.
01
How to prevent unauthorized access?
JWT authentication with access and refresh tokens, role-based access, and route-level permission checks.
JWT authentication with access and refresh tokens, role-based access, and route-level permission checks.
02
How to design scalable route architecture?
Structured routes, controllers, services, and middleware in a modular Express setup.
Structured routes, controllers, services, and middleware in a modular Express setup.
00
Importance of login-token security and proper refresh flows
01
Designing scalable middleware and route structures
02
Safe handling of link-based access with revocable tokens
00
Initially overlooked token revocation, which I fixed by storing tokens in the database.
01
Underestimated the complexity of shared documents about real-time collaboration, leading to multiple iterations.
00
Add versioning for documents
01
Implement real-time collaboration features
Next Project