Author:
zenc
A lightweight, secure, and containerized file-sharing API built with Go (Gin), PostgreSQL, JWT, and AES encryption.
Designed to provide end-to-end file protection, authentication, and efficient deployment through Docker Compose.
Zher is a secure RESTful API that allows users to upload, encrypt, store, and download files.
The project implements JWT-based authentication, role-based verification, and AES encryption to protect sensitive data — all within a containerized environment.
This project reflects my interests in:
- Cybersecurity — applied cryptography & secure design
- Distributed Systems & DevOps — using Docker & PostgreSQL
- Backend Engineering — writing clean and modular Go code
| Layer | Technology | Description |
|---|---|---|
| Backend Framework | Go (Gin Gonic) | Lightweight HTTP framework for building APIs |
| Database | PostgreSQL (via GORM ORM) | Structured data & relationship management |
| Security | JWT, bcrypt, AES | Token-based auth & encryption for files |
| Deployment | Docker & Docker Compose | Multi-container orchestration |
| Web Server (Reverse Proxy) | Nginx | Handles routing and proxying requests |
| Environment Management | .env + godotenv |
Configuration injection & portability |
zher/
├── .env → Environment variables
├── .env.example → Example env file for setup
├── README.md → Project documentation
├── Dockerfile → Docker build configuration
├── docker-compose.yml → Multi-container setup
├── go.mod / go.sum → Go module dependencies
├── main.go → App entry point
│
├── cmd/api/ → Entry command for API server
├── config/ → App & environment configuration
├── database/ → Database initialization & migration
├── models/ → Data models and ORM schemas
├── middleware/ → Authentication & logging middleware
├── handlers/ → Request handlers (controllers)
├── services/ → Core business logic (auth, crypto, file ops)
├── utils/ → Helper utilities (JWT, encryption, error handling)
└── uploads/ → Encrypted file storage git clone https://github.com/abiabdillahx/zher.git
cd zhercp .env.example .envLalu edit .env dengan config yang diperlukan
DB_HOST=zher-db
DB_USER=zher
DB_PASSWORD=zenzenshit
DB_NAME=zherdb
DB_PORT=5432
JWT_SECRET=your_super_secret_key
AES_SECRET=your_aes_32_char_key
docker compose builddocker compose up -dNow, the API runs at --> http://localhost:8080/api/v1
| Method | Endpoint | Description | Auth |
|---|---|---|---|
POST |
/api/v1/auth/register |
Register a new user | ❌ |
POST |
/api/v1/auth/login |
Login and get JWT token | ❌ |
PATCH |
/api/v1/admin/verify/:username |
Verify unverified users | ✅ Admin |
POST |
/api/v1/files/upload |
Upload & encrypt file | ✅ User |
GET |
/api/v1/files |
List uploaded files | ✅ User |
GET |
/api/v1/files/download/:id |
Download & decrypt file | ✅ User |
DELETE |
/api/v1/files/:id |
Delete uploaded file | ✅ User |
| Stage | Komponen | Status | Bobot | Keterangan |
|---|---|---|---|---|
| 1️⃣ | Docker & Env Setup | ✅ Done | 10% | Containerization, environment variables, and PostgreSQL setup |
| 2️⃣ | Database & Models | ✅ Done | 10% | Schema design, auto migration, and admin seeding |
| 3️⃣ | Auth System (Register / Login / Verify) | ✅ Done | 25% | Core user management and security layer completed |
| 4️⃣ | JWT Utility + Middleware | ✅ Done | 10% | Token generation, verification, and middleware protection |
| 5️⃣ | Admin Feature (Verify Endpoint) | ✅ Done | 10% | Role-based privilege and admin-only route implemented |
| 6️⃣ | File Sharing API (Upload / Download + AES Encryption) | ✅ Done | 25% | Main file-sharing logic with encryption |
| 7️⃣ | Testing & Documentation (Postman + README) | 🟨 In Progress | 10% | API specification and endpoint testing |
- Implement full Role-Based Access Control (RBAC)
- Migrate file storage to S3 / MinIO
(i'm broke af😭) - Integrate Grafana + Prometheus for API metrics
- CI/CD pipeline for production auto-deploy
(maybe next year)