Skip to content

renilsonjr/vaultdocs

Repository files navigation

VaultDocs

A secure, full-stack document management platform built for hospitals, law firms, and enterprise teams.

Overview

VaultDocs provides two lanes:

  • Personal — individual document storage (3GB free, 50 docs)
  • Professional — multi-tenant org builder with department tree, RBAC, and compliance tools

Tech Stack

Backend

  • Python + Flask (factory pattern)
  • PostgreSQL + SQLAlchemy ORM
  • Flask-JWT-Extended (httpOnly cookies)
  • Flask-Limiter, Flask-WTF, Flask-Talisman
  • Marshmallow validation
  • pytest (TDD)

Frontend

  • Jinja2 + HTMX
  • Tailwind CSS
  • Vanilla JS (upload, tree, search, auth, drag-drop)

Infrastructure (Phase 3)

  • Azure App Service
  • Azure Blob Storage
  • Azure SQL Database
  • Azure Key Vault
  • Azure WAF

Features

  • 🔐 JWT authentication with httpOnly cookies
  • 🏢 Multi-tenant organization builder
  • 🌳 Adjacency list department tree (recursive CTE)
  • 📁 Document upload, download, delete
  • 👥 RBAC (Owner, Admin, Editor, Reader)
  • 📋 Audit logs (append-only)
  • 💳 Stripe billing with 3-day trial
  • 📦 Bulk import via Excel (Enterprise)
  • 🔒 HIPAA/CCPA compliance modes
  • 🤖 Azure AI OCR (Phase 4)

Project Structure

vaultdocs/ ├── app/ │ ├── blueprints/ │ │ ├── auth/ # Login, logout, MFA │ │ ├── documents/ # Upload, download, delete │ │ ├── nodes/ # Org tree CRUD │ │ ├── tenants/ # Organization management │ │ ├── files/ # File serving │ │ └── web/ # Jinja2 web routes │ ├── models/ # SQLAlchemy models │ ├── services/ # Business logic │ ├── templates/ # Jinja2 HTML templates │ └── static/ # CSS, JS assets ├── tests/ │ ├── unit/ │ └── integration/ ├── migrations/ # Alembic migrations └── docs/ # SDD, specs, decisions

Build Phases

Phase Goal Status
1 Local MVP — auth, org tree, document upload 🔨 In Progress
2 Search, RBAC, sharing, audit log UI ⏳ Planned
3 Azure migration — Blob, SQL, App Service, WAF ⏳ Planned
4 AI OCR, Stripe billing, bulk import ⏳ Planned
5 React Native mobile app ⏳ Planned

Getting Started

Prerequisites

  • Python 3.12+
  • PostgreSQL
  • pip

Setup

# Clone the repo
git clone https://github.com/renilsonjr/vaultdocs.git
cd vaultdocs

# Create virtual environment
python -m venv .venv
source .venv/bin/activate

# Install dependencies
pip install -r requirements.txt

# Copy environment variables
cp .env.example .env
# Edit .env with your values

# Run database migrations
flask db upgrade

# Start the server
flask run --port 5001

Environment Variables

SECRET_KEY= JWT_SECRET_KEY= DATABASE_URL= STRIPE_SECRET_KEY= STRIPE_PUBLISHABLE_KEY= STRIPE_WEBHOOK_SECRET= STRIPE_PRICE_ID= STORAGE_BACKEND=local STORAGE_BASE_PATH=/tmp/vaultdocs-uploads

Testing

pytest tests/ -v

Security

  • JWT tokens stored in httpOnly, SameSite=Lax cookies
  • CSRF protection on all forms
  • Rate limiting (5 login attempts/min)
  • Marshmallow input validation
  • SQLAlchemy parameterized queries
  • Soft delete + audit logs
  • Bandit + Semgrep SAST (Phase 1)
  • OWASP ZAP DAST (Phase 2)
  • Burp Suite pen test (Phase 3)

Author

Renilson Rodrigues Jr.


Built as a portfolio project demonstrating full-stack Python development, security engineering, and cloud architecture.

About

Document manager with mobile integration.

Resources

Stars

0 stars

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors