SafeSend — A Secure One-Time File and Message Sharing Service

Project Overview SafeSend is a web application for one-time, secure transfer of files and text between users. The service allows users to upload files or messages, set a password, enable auto-deletion after viewing, and share a one-time link. It also includes a built-in chat, invitation system, and notifications.

User Flow

Upload: The user uploads a file or enters a message, optionally sets a password and auto-deletion setting. Link Generation: A unique link is generated for the recipient. Access: The recipient verifies access (enters the password if set) and can then view or download the content. Auto-Deletion: If enabled, the content is deleted after the first access. Chat: Users can create private chat rooms, invite others, exchange messages, and receive notifications.

Here's the full info about the project — check out the PDF at the link below.

Use Case Examples

• Send a password-protected archive to an accountant
• Share login credentials with a client
• Transfer documents without requiring registration
• Create a private chat room for confidential discussions

Security Highlights

• Data is encrypted before being stored and only decrypted on access.
• User passwords are never stored on the server.
• One-time links prevent repeated access.
• All actions are logged with IP address and User-Agent.

Features

• Upload files or secret text
• Optional password-protected encryption
• Send to specific users only
• Auto-delete after first open
• Encrypted files only (optional)
• Require decryption key to access
• Logs access to messages
• One-time download links
• Supports file or text sharing
• Real-time upload progress
• English interface
• Brute-force protection via django-axes
• CSRF protection enabled
• Login security & session protection

Key Features

• File and Text Sharing — via one-time links.
• Encryption — data is encrypted before storage and decrypted only upon access.
• Password Protection — users can set a password to access a file or message.
• Auto-Deletion — optional removal of content after the first view.
• Chat Rooms — users can communicate in private chat rooms.
• Chat Invitations — users can invite others by username or invitation link.
• Notifications — users receive notifications when invited to a room.
• Access Logs — IP address, browser, date, and time are logged.

Tech Stack

• Python 3.10+
• Django 4.2+
• Bootstrap 5
• Font Awesome 6
• PostgreSQL / SQLite
• django-axes (anti-brute-force)
• Custom JavaScript for UX

Requirements

• Python 3.10+
• Django 4.2+
• django-axes
• Bootstrap (CDN or static)
• fontawesome (CDN or static)

Usage

• Log in with your user credentials.
• Upload a file or enter secret text.
• Set optional password (decryption key).
• Choose:
  • Delete after opening
  • Require password
  • File only
• Share the generated secure link.

Security Notes

• All POST requests are protected by CSRF tokens
• Brute-force login protection via django-axes
• Passwords are never stored in plaintext
• Files can be deleted after first access
• Optional password requirement to decrypt
• HTTPS is recommended for production
• Auto-removal of opened messages/files

Project Architecture

• Language: Python 3.12
• Framework: Django 5.x
• Database: SQLite (can be replaced with PostgreSQL/MySQL)
• Frontend: Bootstrap 5, FontAwesome
• Encryption: Fernet (via the cryptography library)
• Authentication: Django Auth