Skip to content

README.md

Latest commit

 

History

History
149 lines (119 loc) · 4.26 KB

README.md

File metadata and controls

149 lines (119 loc) · 4.26 KB

SecureEdu — React + TypeScript + Node.js + MongoDB with 2-Level AES Encryption

A full-stack student management system featuring Login & Registration forms with CRUD operations, protected by 2-level AES encryption.

🚀 Setup Instructions

Prerequisites

  • Node.js v18+
  • MongoDB (local or MongoDB Atlas)
  • npm

1. Clone the repository

git clone <your-repo-url>
cd task-react-node-typescript

2. Setup Backend

cd server
cp .env.example .env
# Edit .env and set your MONGODB_URI and secret keys
npm install
npm run dev

3. Setup Frontend (new terminal)

cd client
npm install
npm start

The app will open at http://localhost:3000. Backend runs at http://localhost:5000.

🛠 Tech Stack

Layer Technology
Frontend React 18 + TypeScript
Backend Node.js + Express + TypeScript
Database MongoDB + Mongoose
Encryption AES via crypto-js (2 levels)
Styling Custom CSS (Dark Theme)

🔐 How Encryption is Implemented

This system implements 2-level AES encryption to protect all student data end-to-end.

Encryption Keys

Key Purpose
FRONTEND_KEY Known by frontend + backend — used for Level 1
BACKEND_KEY Known by backend only — used for Level 2

Data Flow

📤 Storing Data (Client → Server → MongoDB)

Plaintext
  → [Level 1 Encrypt] by Frontend (FRONTEND_KEY)
  → Sent over HTTPS to Backend
  → [Level 1 Decrypt] by Backend (FRONTEND_KEY)     ← backend strips level 1
  → [Level 2 Encrypt] by Backend (BACKEND_KEY)      ← backend adds level 2
  → Stored in MongoDB (doubly encrypted ciphertext)

📥 Fetching Data (MongoDB → Server → Client)

MongoDB (Level-2 encrypted)
  → [Level 2 Decrypt] by Backend (BACKEND_KEY)      ← backend strips level 2
  → [Level 1 Encrypt] by Backend (FRONTEND_KEY)     ← backend adds level 1
  → Sent over HTTPS to Frontend
  → [Level 1 Decrypt] by Frontend (FRONTEND_KEY)    ← frontend strips level 1
  → Plaintext displayed to user

Why 2 Levels?

  • Level 1 protects data in transit — only encrypted values travel between client and server
  • Level 2 protects data at rest — even if MongoDB is compromised, data is encrypted with a backend-only key

Files

File Role
client/src/utils/crypto.ts Frontend AES encrypt/decrypt (Level 1)
server/src/utils/crypto.ts Backend pipeline (Level 1 ↔ Level 2 conversion)
server/src/controllers/studentController.ts Uses crypto utils for all DB operations

📁 Folder Structure

task-react-node-typescript/
├── client/                    # React frontend
│   └── src/
│       ├── components/
│       │   ├── LoginForm.tsx
│       │   ├── StudentForm.tsx
│       │   └── StudentList.tsx
│       └── utils/
│           ├── crypto.ts      # Frontend encryption (Level 1)
│           └── api.ts         # API calls with auto-encrypt/decrypt
├── server/                    # Node.js + Express backend
│   └── src/
│       ├── routes/
│       │   └── studentRoutes.ts
│       ├── controllers/
│       │   └── studentController.ts
│       ├── models/
│       │   └── Student.ts
│       ├── utils/
│       │   └── crypto.ts      # Backend encryption (Level 2 pipeline)
│       ├── app.ts
│       └── server.ts
└── README.md

📡 API Routes

Method Route Description
POST /api/register Register new student
POST /api/login Login student
GET /api/students Get all students
PUT /api/student/:id Update student
DELETE /api/student/:id Delete student

All request/response bodies contain Level-1 AES encrypted field values.

✨ Features

  • 🔐 2-Level AES encryption on all student data
  • 📝 Student registration form with 7 fields + validation
  • 🔑 Login form with email/password validation
  • 📋 Student list with search, edit, delete
  • ⚡ Real-time CRUD operations
  • 🌑 Dark theme with responsive design
  • 🛡️ Encryption status indicators in UI