A simple, modern, secure file sharing application with OIDC authentication, download limits, and automatic expiration. Built with FastAPI and Vue.js in a single-file architecture for maximum simplicity and maintainability.
Easily upload a file and instantly receive a secure, shareable link. You control access by setting a maximum download count or an automatic expiration dateβafter which the file is deleted. All access is protected by authentication via your chosen OIDC provider; thereβs no manual user management or registration required. Only authenticated users can upload and share files.
- OIDC Authentication - Industry-standard OAuth/OpenID Connect
- Session Management - Secure session handling with signed cookies
- Token-based Access - Cryptographically secure file tokens
- No Public Access - All operations require authentication
- Download Limits - Set maximum download counts (1-β)
- Automatic Expiration - Files expire after 1 day to 1 month
- Auto-Cleanup - Expired and limit-reached files automatically deleted
- Real-time Tracking - Monitor download counts and expiration status
- Dark Theme - Professional glassmorphism design
- Drag & Drop - Intuitive file upload experience
- Responsive Design - Works on desktop, tablet, and mobile
- Real-time Updates - Live file status and progress indicators
- Single File Backend - Ultra-minimal deployment (~200 lines)
- SQLite Database - Zero-configuration, embedded database
- Background Tasks - Non-blocking file operations
- Async Operations - High-performance async/await architecture
- Docker & Docker Compose
- Python 3.11+ (for development)
git clone <your-repo>
cd dropbox
# Configure environment
cp .env.example .env
# Edit .env with your OIDC provider settings# Production deployment
docker-compose up -d
# Development mode
cd app
python -m pip install -r ../requirements.txt
python main.py- Web Interface: http://localhost:8000
- API Documentation: http://localhost:8000/docs
Create a .env file with your OIDC provider settings:
# OIDC Authentication (required for production)
OIDC_CLIENT_ID=your_client_id
OIDC_CLIENT_SECRET=your_client_secret
OIDC_DISCOVERY_URL=https://your-provider.com/.well-known/openid_configuration
OIDC_REDIRECT_URI=http://localhost:8000/auth/callback
# Application Settings
DATABASE_PATH=app.db
SESSION_SECRET=your-secret-key-here
# Optional: Custom upload directory
UPLOAD_DIR=uploadsCompatible with any OpenID Connect provider:
- pocket-id (tested with):
https://your-pocket-id.com/.well-known/openid_configuration - Auth0:
https://your-domain.auth0.com/.well-known/openid_configuration - Google:
https://accounts.google.com/.well-known/openid_configuration - Microsoft:
https://login.microsoftonline.com/common/v2.0/.well-known/openid_configuration - Keycloak:
https://your-keycloak.com/auth/realms/your-realm/.well-known/openid_configuration
dropbox/
βββ app/
β βββ main.py # Complete backend (FastAPI)
β βββ static/
β βββ index.html # Frontend HTML structure
β βββ styles.css # Modern dark theme styles
β βββ app.js # Vue.js application logic
βββ tests/
β βββ test_secureshare.py # Comprehensive test suite
β βββ load_test.py # Performance testing
β βββ README.md # Testing documentation
βββ requirements.txt # Python dependencies
βββ Dockerfile # Container configuration
βββ docker-compose.yml # Deployment setup
βββ README.md # This file
Backend (main.py)
- FastAPI - Modern async web framework
- SQLite - Embedded database
- OIDC - Authentication via authlib
- aiofiles - Async file operations
Frontend (static/)
- Vue.js 3 - Reactive frontend framework
- Tailwind CSS - Utility-first styling
- FontAwesome - Icon library
- Glassmorphism - Modern UI design
GET /auth/me- Check authentication statusGET /auth/login- Initiate OIDC loginGET /auth/callback- OIDC callback handlerPOST /auth/logout- Logout and clear session
POST /api/upload- Upload file with limitsGET /api/files- List user's uploaded filesGET /share/{token}- Download file by tokenDELETE /api/files/{id}- Delete file
GET /- Main application interfaceGET /static/*- Static assets (CSS, JS, images)
# Create virtual environment
python -m venv venv
source venv/bin/activate # Linux/Mac
# or
venv\Scripts\activate # Windows
# Install dependencies
pip install -r requirements.txt
# Set test environment
export OIDC_CLIENT_ID="" # Disable auth for testing
# Run application
python app/main.pySingle File Backend Philosophy
- All backend logic in
app/main.py(~200 lines) - Database, API, auth, and cleanup in one file
- Minimal dependencies, maximum maintainability
- Easy to understand, deploy, and modify
Separated Frontend
- Clean HTML structure (
static/index.html) - Modern CSS with dark theme (
static/styles.css) - Vue.js application logic (
static/app.js)
# Build and start
docker-compose up -d
# View logs
docker-compose logs -f
# Stop application
docker-compose down# Install dependencies
pip install -r requirements.txt
# Set production environment
export DATABASE_PATH=/var/lib/secureshare/app.db
export UPLOAD_DIR=/var/lib/secureshare/uploads
# Create directories
mkdir -p /var/lib/secureshare/uploads
# Run application
python app/main.py- Set strong
SESSION_SECRET - Configure proper OIDC redirect URIs
- Use reverse proxy (nginx) for HTTPS
- Set up log rotation and monitoring
- Regular database backups
- Monitor disk space for uploads
- OIDC Integration - Delegate authentication to trusted providers
- Session Security - Cryptographically signed sessions
- No Anonymous Access - All operations require authentication
- Secure Tokens - URL-safe, cryptographically random file tokens
- Automatic Cleanup - Expired files automatically removed
- Download Limits - Prevent unlimited file sharing
- File Isolation - Files stored with unique tokens
- No Directory Traversal - Safe file path handling
- Minimal Attack Surface - Single file backend
- No File Uploads to Web Root - Uploads stored separately
- CORS Configuration - Configurable cross-origin policies
- Error Handling - No sensitive information in error messages
You're very welcome to contribute to this project by discussions, issues or pull requests.
This project is licensed under the MIT License - see the LICENSE file for details.