A simple file management API built with Node.js, Express, MongoDB, and Redis. This project provides endpoints for user authentication, file upload, and file management with proper authentication and authorization.
- User Authentication: Secure user registration and login with SHA1 password hashing
- Token-based Authentication: JWT-like tokens stored in Redis with 24-hour expiration
- File Management: Upload, retrieve, and manage files with proper permissions
- Database Integration: MongoDB for data persistence with Redis for session management
- Background Processing: Bull queue integration for file processing tasks
- RESTful API: Clean, well-documented REST endpoints
Before running this project, make sure you have the following installed:
- Node.js (v14 or higher)
- MongoDB (v4.4 or higher)
- Redis (v6.0 or higher)
- npm or yarn
-
Clone the repository
git clone [email protected]:hassanah391/files_manager.git cd files_manager
-
Install dependencies
npm install
-
Set up environment variables Create a
.envfile in the root directory with the following variables:PORT=5000 DB_HOST=localhost DB_PORT=27017 DB_DATABASE=files_manager FOLDER_PATH=/tmp/files_manager
-
Start MongoDB and Redis
# Start MongoDB (make sure it's running on localhost:27017) sudo systemctl start mongod # Start Redis (make sure it's running on localhost:6379) sudo systemctl start redis
-
Start the server
npm run start-server
http://localhost:5000
POST /users
Creates a new user account with email and password.
Request Body:
{
"email": "[email protected]",
"password": "password123"
}Success Response (201):
{
"id": "5f1e7cda04a394508232559d",
"email": "[email protected]"
}Error Responses:
400- Missing email or password400- User already exists
Example:
curl -X POST http://localhost:5000/users \
-H "Content-Type: application/json" \
-d '{"email": "[email protected]", "password": "toto1234!"}'GET /connect
Authenticates a user using Basic Authentication and returns an access token.
Headers:
Authorization: Basic <base64-encoded-email:password>
Success Response (200):
{
"token": "031bffac-3edc-4e51-aaae-1c121317da8a"
}Error Response (401):
{
"error": "Unauthorized"
}Example:
# Encode credentials: echo -n "[email protected]:toto1234!" | base64
curl -X GET http://localhost:5000/connect \
-H "Authorization: Basic Ym9iQGR5bGFuLmNvbTp0b3RvMTIzNCE="GET /users/me
Retrieves the current user's profile using the authentication token.
Headers:
X-Token: <authentication-token>
Success Response (200):
{
"id": "5f1e7cda04a394508232559d",
"email": "[email protected]"
}Error Response (401):
{
"error": "Unauthorized"
}Example:
curl -X GET http://localhost:5000/users/me \
-H "X-Token: 031bffac-3edc-4e51-aaae-1c121317da8a"GET /disconnect
Signs out a user by invalidating their authentication token.
Headers:
X-Token: <authentication-token>
Success Response (204):
(Empty response body)
Error Response (401):
{
"error": "Unauthorized"
}Example:
curl -X GET http://localhost:5000/disconnect \
-H "X-Token: 031bffac-3edc-4e51-aaae-1c121317da8a"GET /status
Returns the status of Redis and MongoDB connections.
Success Response (200):
{
"redis": true,
"db": true
}Example:
curl -X GET http://localhost:5000/statusGET /stats
Returns the number of users and files in the database.
Success Response (200):
{
"users": 5,
"files": 12
}Example:
curl -X GET http://localhost:5000/statsfiles_manager/
βββ controllers/ # Route controllers
β βββ AppController.js # System status and stats
β βββ AuthController.js # Authentication endpoints
β βββ UsersController.js # User management
βββ routes/ # API routes
β βββ index.js # Route definitions
βββ utils/ # Utility modules
β βββ db.js # MongoDB client
β βββ redis.js # Redis client
β βββ user.js # User utilities
β βββ basic.js # Basic utilities
βββ server.js # Express server entry point
βββ package.json # Dependencies and scripts
βββ README.md # This file
- Password Hashing: All passwords are hashed using SHA1 before storage
- Token-based Authentication: Secure tokens with 24-hour expiration
- Input Validation: Comprehensive validation for all user inputs
- Error Handling: Proper error responses without exposing sensitive information
npm run start-server- Start the development server with nodemonnpm run start-worker- Start the background workernpm run dev- Start in development modenpm run test- Run testsnpm run lint- Run ESLint
{
_id: ObjectId,
email: String,
password: String, // SHA1 hashed
createdAt: Date
}{
_id: ObjectId,
userId: ObjectId,
name: String,
type: String,
isPublic: Boolean,
parentId: ObjectId,
localPath: String
}- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add some amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
This project is part of the ALX Software Engineering program.
Hassan - ALX Student
Here's a complete workflow to test the API:
# 1. Create a new user
curl -X POST http://localhost:5000/users \
-H "Content-Type: application/json" \
-d '{"email": "[email protected]", "password": "password123"}'
# 2. Authenticate and get token
curl -X GET http://localhost:5000/connect \
-H "Authorization: Basic dGVzdEBleGFtcGxlLmNvbTpwYXNzd29yZDEyMw=="
# 3. Get user profile (use token from step 2)
curl -X GET http://localhost:5000/users/me \
-H "X-Token: YOUR_TOKEN_HERE"
# 4. Check system status
curl -X GET http://localhost:5000/status
# 5. Get system stats
curl -X GET http://localhost:5000/stats
# 6. Sign out
curl -X GET http://localhost:5000/disconnect \
-H "X-Token: YOUR_TOKEN_HERE"For more information, check the individual endpoint documentation above.