DriveX β A Minimal File Drive Backend (Node.js + Express + MongoDB + Firebase)
DriveX is a lightweight file-drive backend built with Node.js, Express, MongoDB, and Firebase Storage. It supports JWT authentication using HTTP-only cookies, file upload with Firebase Storage, and ownership-based access control.
β Features
π JWT Authentication (stored in HTTP-only cookies for security)
π Upload + Store files in Firebase Storage
π‘οΈ Ownership-based authorization β users can delete only their own files
𧩠Clean Express architecture
routes/, middlewares/, models/, config/, views/
ποΈ MongoDB models for users + files
π¨ EJS-powered UI for uploading & viewing files
π οΈ Tech Stack Layer Technology Backend Node.js, Express Database MongoDB, Mongoose File Storage Firebase Storage Auth JWT + HTTP-only Cookies Views EJS Templates π Project Structure Project-DriveX/ βββ config/ βββ middlewares/ βββ models/ βββ routes/ βββ views/ βββ app.js βββ package.json βββ .gitignore
π Getting Started 1οΈβ£ Clone the repo git clone https://github.com//Project-DriveX.git cd Project-DriveX
2οΈβ£ Install dependencies npm install
3οΈβ£ Create a .env file PORT=3000 MONGO_URI=your-mongodb-uri JWT_SECRET=your-secret COOKIE_NAME=drivex_token
FIREBASE_PROJECT_ID=your-project-id FIREBASE_CLIENT_EMAIL=your-client-email FIREBASE_PRIVATE_KEY="your-private-key" FIREBASE_STORAGE_BUCKET=your-bucket.appspot.com
4οΈβ£ Run the app npm start
π Authentication Flow
User logs in β server creates JWT
JWT is sent in HTTP-only cookie (cannot be accessed by JS β more secure)
Every protected route uses an auth middleware to verify token
File delete/edit routes check file.owner === loggedInUser
π File Upload Flow
User uploads file β server receives it
File is uploaded to Firebase Storage
Metadata stored in MongoDB
UI loads file using Firebase URL
π§ͺ API Endpoints (Example) Method Route Description POST /auth/register Register user POST /auth/login Login + set JWT cookie POST /files/upload Upload file (protected) GET /files/:id View file DELETE /files/:id Delete file (owner only)
(Update these based on your actual routes.)
π What I Learned (Summary)
Implementing JWT auth with HTTP-only cookies
Using Firebase Storage for production-ready uploads
Building clean Express architectures (routes + middlewares separation)
Understanding how small backend decisions impact scalability
π§ Future Enhancements
Preview thumbnails
Public/private file modes
Sharing links
Pagination for large file sets
π€ Contributing
Feel free to open issues or submit PRs.
π License
MIT License