FileFleet
A production-grade full-stack cloud storage SaaS — built from scratch with custom auth, real-time upload tracking, and zero orphaned files
What is it?
FileFleet is a full-stack cloud storage SaaS application I designed and built entirely from scratch. It lets users securely upload, organise, preview, and manage files from any device — with a clean, auto-categorised interface that keeps everything accessible. Think a lightweight, developer-crafted alternative to Google Drive — with full control over every layer of the MERN stack, custom JWT authentication built without any third-party auth library, and a server-side download proxy that handles every file type correctly.
What I Did
I was the sole developer — from system design to Vercel deployment. I architected the full backend REST API, designed the MongoDB schema, implemented the complete authentication system from scratch, built the file upload engine with real-time progress, and crafted the responsive React frontend. Every product decision, every technical tradeoff, and every line of code was mine.
Custom Auth System — No Third-Party Libraries
Built a complete authentication flow from scratch — email OTP verification on signup, JWT-based session management for protected routes, and a secure password reset system using short-lived JWT tokens with expiry enforcement. No Clerk, no Firebase Auth, no shortcuts.
Real-Time File Upload Engine
Engineered a file upload pipeline with real-time progress tracking using Axios upload events. Enforced hard storage limits at both per-file level (100 MB) and per-account level (1 GB) with server-side validation before any bytes hit Cloudinary — protecting both users and infrastructure.
Auto-Categorised Cloud Storage
Integrated Cloudinary as the storage backend and MongoDB for metadata persistence. Files are automatically categorised into Documents, Images, Videos/Audio, and Others on upload — making browsing fast and intuitive without manual sorting.
In-Browser File Preview
Implemented native in-browser preview for PDFs and images using direct Cloudinary URLs. For Office formats (DOCX, XLSX, PPTX), integrated Google Docs Viewer to render files in the browser without any download required.
Server-Side Download Proxy
Solved a tricky browser limitation by routing all downloads through a server-side proxy that sets correct Content-Disposition headers — ensuring every file type downloads with the right filename and format instead of opening in the browser tab.
Atomic Delete & Data Integrity
Built automatic Cloudinary cleanup triggered on file deletion — removing a file from the database also destroys the Cloudinary asset, preventing orphaned files and wasted storage. Ownership checks are enforced server-side on every mutation.
- Per-Account Storage
- 1 GB
- With enforced server-side limits and real-time usage tracking
- Per-File Upload Limit
- 100 MB
- Dual-layer validation on both client and server before Cloudinary upload
- Auto-Sorted File Categories
- 4
- Documents, Images, Videos/Audio, Others — categorised automatically on upload
- Orphaned Storage Files
- 0
- Atomic Cloudinary cleanup on every file deletion — zero data leaks
- Email OTP verification on signup — no third-party auth library
- Secure password reset via short-lived JWT tokens
- Real-time file upload progress tracking with Axios
- 100 MB per-file and 1 GB per-account storage limits enforced server-side
- Auto-categorised file browsing (Documents, Images, Video/Audio, Others)
- In-browser PDF and image preview via Cloudinary URLs
- Google Docs Viewer for Office formats (DOCX, XLSX, PPTX)
- Server-proxied downloads with correct Content-Disposition headers
- File renaming and deletion with server-side ownership enforcement
- Automatic Cloudinary cleanup on file deletion — zero orphaned assets
- Dashboard with storage usage breakdown by category
- Protected routes with JWT session management
- Fully responsive across all devices
Built complete auth from scratch with OTP + short-lived JWT — no Clerk, no Firebase
Server-side download proxy fixes Content-Disposition across all file types
Dual-layer storage enforcement (client + server) before any Cloudinary call
Atomic delete: MongoDB record + Cloudinary asset destroyed together — zero orphans
Google Docs Viewer integration for Office file preview without downloading
Ready to build something amazing?
Interested in learning more about this project or starting a new full-stack development journey? Let's talk.