The backend API for secred.link app - a secure, self-destructing secret sharing service
🌐 Visit secred.link | Frontend Repository
This is the backend service powering secred.link, a secure platform for sharing sensitive information. It provides a RESTful API for creating, retrieving, and managing self-destructing secrets.
- 🔒 Secure secret sharing with encryption
- ⏱️ Configurable expiration times
- 🔥 Burn-on-read functionality
- 🚀 High-performance Fastify-based API
- 🛡️ Built-in rate limiting and security headers
- 📊 Usage metrics and analytics
- Node.js
- MongoDB database
- pnpm package manager
- Clone the repository:
git clone https://github.com/yerofey/api.secred.link.git
cd api.secred.link- Install dependencies:
pnpm install- Create a
.envfile with the following variables:
PORT=3000
MONGODB_URI=your_mongodb_connection_string
DB_COLLECTION_SECRETS=secrets
DB_COLLECTION_COUNTERS=countersStart the development server:
pnpm devDeploy using PM2:
pnpm startPOST /secret/create
Creates a new secret with the following properties:
content: The secret contentis_protected: Boolean indicating if the secret is password protectedis_burnable: Boolean indicating if the secret should be deleted after readingexpires_at: ISO date string for secret expiration
GET /secret/get/:accessKey
Retrieves a secret using its access key.
DELETE /secret/delete/:accessKey/:manageKey
Deletes a secret using its access key and management key.
GET /data/metrics
Returns usage statistics and metrics.
- Rate limiting (100 requests per minute)
- CORS protection
- Security headers via Helmet
- Input validation
- Automatic JSON parsing
- Fork the repository
- Create your feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add some amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
This project is licensed under the MIT License - see the LICENSE file for details.
Yerofey S. pm@yerofey.dev (https://github.com/yerofey)