The way businesses share files has changed completely.
Teams now work across borders, time zones, and devices, and they need a fast, secure file sharing app that works without limits.
With cloud-based collaboration becoming the default, companies expect tools that offer speed, security, scalability, access logs, expiring links, & reliable cloud storage security.
Traditional file-sharing methods simply can’t keep up.
Email attachments fail due to size limits. Public cloud folders often expose users to security risks.
Old systems don’t offer features like expiry links, download tracking, or secure cloud storage.
Most importantly, they struggle when users upload large files or need scalable file sharing for growing teams.
This is why more startups, SaaS companies, and enterprises are choosing to build custom file sharing systems using AWS S3, React, and Node.js.
Here in this blog, you will learn to build a SaaS file sharing app that is fast & secure.
Which Type of File Sharing Solution Are We Building?
We’re building a complete File Sharing SaaS, the same kind of system used by modern platforms like WeTransfer, Dropbox, and Google Drive.
But built with React, AWS S3, and Node.js for maximum control and performance. Here’s an overview of the system:
- Users upload files through a React UI.
- Files are securely stored in AWS S3.
- The backend (Node.js) creates pre-signed URLs for safe access.
- Users get one-click share links.
- Each shared link comes with an expiry time & access logs.
What Are the Core Features That Users Will Love?
- Fast uploads using React + S3: Your users get instant, smooth, and reliable upload performance using pre-signed URLs.
- Secure downloads with AWS S3 pre-signed URLs: The file stays private & only approved users can open the link.
- Expiring links for shared files: Links automatically stop working after a set time, improving security and preventing misuse.
- Access logs to track who downloaded what: Businesses can see when files were downloaded, by whom, and from which device/IP.
- One-click share links: Your system generates clean, simple URLs that users can instantly copy and share.
What is the Tech Stack Behind a Modern File Sharing System?
When building a secure file sharing SaaS, choosing the right tech stack matters. Here’s why these technologies are perfect:
- React: It is perfect for lightning-fast UIs.
- NodeJs: It is a robust backend for uploads & logs.
- AWS S3: Best for secure & scalable storage.
- AWS IAM Policies: They provide airtight cloud storage security.
- MongoDB / PostgreSQL: It can be used to store metadata & access logs.
Step 1: Setting Up AWS S3 for Secure File Storage
To build a reliable file sharing platform, AWS S3 is the perfect choice.
Create an S3 Bucket
- Go to AWS S3 → Create bucket
- Choose a unique bucket name
- Select the region closest to your users
Enable Correct IAM Policies
Attach this IAM policy to your backend user/role:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": ["s3:PutObject", "s3:GetObject"],
"Resource": "arn:aws:s3:::your-bucket-name/*"
}
]
}
This ensures secure file access.
Restrict Public Access
Keep everything private; only presigned URLs should allow access.
Enable CORS for React Uploads
[
{
"AllowedHeaders": ["*"],
"AllowedMethods": ["GET", "PUT"],
"AllowedOrigins": ["*"],
"ExposeHeaders": []
}
]
This allows React to upload files directly.
Cloud Storage Security Best Practices
- Never expose your AWS keys in frontend
- Always use presigned URLs
- Keep the bucket private
- Enforce HTTPS
- Use IAM least-privilege policy
Step 2: Building the Backend (Node.js + Express)
This backend handles:
- Upload URL generation
- Download URL generation
- Expiring links
- Metadata saving
- Access logs
Folder Structure
backend/
├── config/
│ └── s3.js
├── routes/
│ └── files.js
├── models/
│ └── File.js
├── server.js
Node.js Code
Install Dependencies
npm install express aws-sdk uuid cors mongoose
config/s3.js
const AWS = require("aws-sdk");
AWS.config.update({
region: "ap-south-1"
});
const s3 = new AWS.S3();
module.exports = s3;
models/File.js
const mongoose = require("mongoose");
const FileSchema = new mongoose.Schema({
fileName: String,
fileUrl: String,
expiryTime: Number,
size: Number,
logs: []
});
module.exports = mongoose.model("File", FileSchema);
routes/files.js
const router = require("express").Router();
const s3 = require("../config/s3");
const File = require("../models/File");
const { v4: uuid } = require("uuid");
router.post("/get-upload-url", async (req, res) => {
const fileName = `${uuid()}-${req.body.fileName}`;
const params = {
Bucket: "your-bucket-name",
Key: fileName,
Expires: 300,
ContentType: req.body.type
};
const uploadURL = await s3.getSignedUrlPromise("putObject", params);
res.json({ uploadURL, fileName });
});
router.post("/save-meta", async (req, res) => {
const file = await File.create(req.body);
res.json(file);
});
router.get("/download/:id", async (req, res) => {
const file = await File.findById(req.params.id);
if (Date.now() > file.expiryTime)
return res.status(410).json({ message: "Link expired" });
const downloadURL = await s3.getSignedUrlPromise("getObject", {
Bucket: "your-bucket-name",
Key: file.fileUrl,
Expires: 120
});
file.logs.push({
ip: req.ip,
browser: req.headers["user-agent"],
time: Date.now()
});
await file.save();
res.json({ downloadURL });
});
module.exports = router;
server.js
const express = require("express");
const mongoose = require("mongoose");
const cors = require("cors");
mongoose.connect("mongodb://localhost/files");
const app = express();
app.use(cors());
app.use(express.json());
app.use("/api/files", require("./routes/files"));
app.listen(5000, () => console.log("Server running on 5000"));
Step 3: Creating a Fast File Upload UI in React
Your React app must feel modern and snappy, like a real SaaS.
Features
- Drag-and-drop uploader
- File preview
- Real-time upload progress
- Save file metadata & expiry time
- One-click copy share link
Install Axios
npm install axios
React File Upload Component
import axios from "axios";
import { useState } from "react";
export default function Upload() {
const [progress, setProgress] = useState(0);
const [shareLink, setShareLink] = useState("");
const uploadFile = async (e) => {
const file = e.target.files[0];
const { data } = await axios.post(
"http://localhost:5000/api/files/get-upload-url",
{
fileName: file.name,
type: file.type
}
);
await axios.put(data.uploadURL, file, {
headers: { "Content-Type": file.type },
onUploadProgress: (p) =>
setProgress(Math.round((p.loaded * 100) / p.total))
});
const save = await axios.post(
"http://localhost:5000/api/files/save-meta",
{
fileName: file.name,
fileUrl: data.fileName,
size: file.size,
expiryTime: Date.now() + 1000 * 60 * 60 // 1 hour
}
);
setShareLink(`http://localhost:5000/download/${save.data._id}`);
};
return (
<div>
<input type="file" onChange={uploadFile} />
<div>Progress: {progress}%</div>
{shareLink && <p>Share Link: {shareLink}</p>}
</div>
);
}
Step 4: Implementing Expiring Download Links
How Expiry Time Is Saved
When saving metadata:
expiryTime: Date.now() + 3600000 // 1 hour
How Backend Validates Link Access
if (Date.now() > file.expiryTime) {
return res.status(410).json({ message: "Link expired" });
}
How to Revoke Access Manually
file.expiryTime = Date.now() - 1000;
await file.save();
Security Guidelines
- Never serve files directly from S3.
- Always check expiry before generating a download URL.
- Use short-lived presigned URLs.
- Avoid exposing file paths.
Step 5: Building an Access Log Tracker
Access logs make your File Sharing SaaS powerful and enterprise-ready.
How to Capture Download Activity
file.logs.push({
ip: req.ip,
browser: req.headers["user-agent"],
time: Date.now()
});
Store IP, Timestamp, Browser
Stored inside file.logs[].
Display Logs in Dashboard
Example React snippet:
{
file.logs.map((log) => (
{log.ip} - {log.browser} - {new Date(log.time).toLocaleString()}
))
}
Here’s the Complete GitHub Code to Build a File Sharing SaaS in React & NodeJS.
Our Expertise in File Sharing SaaS Development
- Built multiple cloud-based file sharing systems using React, AWS S3, and Node.js with enterprise-grade speed and security.
- Deep experience in presigned URL workflows, expiring links, and secure file download systems.
- Experts in cloud storage security, IAM policy setup, and S3 bucket hardening for maximum protection.
- Deliver SaaS apps with access logs, real-time tracking, and audit trails for complete visibility.
- Designed multiple drag-and-drop file upload UIs with progress tracking to improve user engagement.
What Are the Advanced Features That You Can Add to Make Your SaaS Production-Ready?
Once your base system is working, here are powerful upgrades to turn it into a fully production-ready SaaS platform:
- Add Multi-User Authentication: Let users manage their own files, folders, and permissions using JWT, OAuth, or AWS Cognito.
- Add File Encryption: Encrypt files before uploading to S3 for higher security, useful for healthcare, finance, and enterprise clients.
- Add Pay-Per-Storage Subscription: Charge users based on: Storage used File size, & Number of shared links, Perfect for SaaS monetization.
- Add an Admin Dashboard: Admins can monitor storage usage, track suspicious activity, manage users and files, & control access levels.
- Add File Analytics: Show insights like: total downloads, country-wise access, device/browser statistics, & most shared files, perfect for businesses.
What You Can Build Next?
You now understand how to build a fast, secure, and scalable File Sharing App using:
- React for a modern, smooth upload interface.
- Node.js for presigned URLs, expiry logic, and access logs.
- AWS S3 for secure and flexible cloud storage.
- IAM Policies for airtight security.
- Databases for metadata + logging.
This architecture gives you everything the modern world demands, secure file sharing, expiring links, access logs, fast uploads, and cloud storage security.
This system is a foundation for powerful SaaS products. You can expand it into:
- A complete enterprise file management platform.
- A file-sharing subscription SaaS.
- A secure document delivery tool.
- A cloud storage startup.
- A white-label file sharing service.
Your File Sharing SaaS is just the beginning, now you can take it to the next level.
FAQs
- You can use AWS SDK in Node.js to generate a presigned URL.
- The backend signs the request and returns a temporary URL for safe uploading or downloading. This keeps your S3 bucket private.
- Yes. AWS S3 is one of the most secure cloud storage services available.
- With IAM policies, bucket policies, encryption, and presigned URLs, you get industry-grade protection for file sharing.
- Use AWS S3 for storage, React for the UI, Node.js for API logic, and a database like MongoDB or PostgreSQL for metadata.
- Add caching, logging, expiry links, and use S3’s auto-scaling to handle large traffic.
- Yes. You can store an expiry timestamp and validate it before generating download URLs.