An ethical OSINT platform for digital footprint analysis and cyber risk assessment using Groq AI.
(short description)
| Layer | Technology | Purpose |
|---|---|---|
| Frontend | React 18 + Vite | Modern SPA with fast build times |
| UI | CSS3 (Cyberpunk theme) | Neon effects, glitch text, glassmorphism |
| API Client | Axios | HTTP requests with auto token injection |
| Backend | Node.js + Express | Scalable REST API |
| Database | MongoDB Atlas | Cloud document storage |
| Auth | JWT + bcrypt | Secure authentication & password hashing |
| OAuth | Google Sign-In | Third-party authentication |
| AI | Groq API (Mixtral 8x7b) | Fast LLM inference for risk analysis |
| Deployment | Vercel + Render | Production-grade hosting |
- Node.js 18+
- MongoDB Atlas account (free tier ok)
- Groq API key (free tier available)
- Google OAuth credentials (optional, for Google login)
cd OpenTrace
npm run install:allBackend β server/.env
PORT=5000
MONGODB_URI=mongodb+srv://user:password@cluster.mongodb.net/opentrace?retryWrites=true&w=majority
JWT_SECRET=your_super_secret_jwt_key_here_change_in_production
CLIENT_URL=http://localhost:5173
GROQ_API_KEY=gsk_xxxxx
GOOGLE_CLIENT_ID=xxxxx.apps.googleusercontent.com
GOOGLE_CLIENT_SECRET=xxxxx
Frontend β frontend/.env
VITE_API_URL=http://localhost:5000/api
VITE_GOOGLE_CLIENT_ID=xxxxx.apps.googleusercontent.com
npm run devFrontend: http://localhost:5173
Backend API: http://localhost:5000
Health Check: http://localhost:5000/health
- Go to https://www.mongodb.com/cloud/atlas
- Create free cluster
- Add IP to whitelist (0.0.0.0/0 for development)
- Create database user
- Copy connection string into
server/.env
- Go to https://console.groq.com
- Create free account and get API key
- Add to
server/.envasGROQ_API_KEY - Free tier includes 30 requests/minute (sufficient for demos)
- Go to https://console.cloud.google.com
- Create new project
- Enable Google+ API
- Create OAuth 2.0 credentials (Web application)
- Add authorized redirect URIs:
http://localhost:5173http://localhost:5000/api/auth/google/callback
- Copy Client ID and Secret to
.envfiles
graph TD
A[User Browser] --> B[React + Vite Frontend]
B --> C[Express Backend API]
C --> D[(MongoDB Atlas)]
C --> E[Groq AI API]
C --> F[Google OAuth]
C --> G[GitHub API]
C --> H[Reddit API]
C --> I[Gravatar API]
B --> J[Vercel Hosting]
C --> K[Render Hosting]
opentrace/
βββ frontend/ # React + Vite
β βββ src/
β β βββ App.jsx # Main component (40KB - all-in-one)
β β βββ main.jsx # Entry point with GoogleOAuthProvider
β β βββ services/
β β β βββ api.js # Axios API client with interceptors
β β βββ assets/
β βββ index.html
β βββ vite.config.js
β βββ package.json
β βββ .env.example
β
βββ server/ # Node.js + Express
β βββ models/
β β βββ User.js # User schema (JWT + Google OAuth)
β β βββ ScanResult.js # Scan data persistence
β βββ routes/
β β βββ auth.js # /auth endpoints
β β βββ scan.js # /scan endpoints
β βββ controllers/
β β βββ authController.js # Auth logic (register/login/google)
β β βββ scanController.js # Scan logic (start/analyze/history)
β βββ services/
β β βββ platformService.js # GitHub, Reddit, Gravatar API calls
β β βββ anthropicService.js # Anthropic AI integration
β βββ middleware/
β β βββ auth.js # JWT verification
β β βββ rateLimit.js # Rate limiting
β βββ utils/
β β βββ generateToken.js # JWT token generation
β β βββ riskScorer.js # Risk calculation algorithm
β βββ config/
β β βββ db.js # MongoDB connection
β βββ server.js # Express app setup
β βββ package.json
β βββ .env.example
β
βββ package.json # Root scripts
βββ README.md
User Input β /auth/register or /auth/login
β
Password hashed with bcrypt
β
User stored in MongoDB
β
JWT token generated (7-day expiry)
β
Token stored in localStorage
β
Subsequent requests include: Authorization: Bearer {token}
Google Login Button β GoogleOAuthProvider wrapper
β
Google authentication
β
Credential token β /auth/google endpoint
β
Token decoded, googleId extracted
β
User created or linked in MongoDB
β
JWT token issued
β
Redirected to Dashboard
POST /api/auth/register
Body: { email, password, name }
Returns: { token, user }
POST /api/auth/login
Body: { email, password }
Returns: { token, user }
POST /api/auth/google
Body: { googleId, email, name, picture }
Returns: { token, user }
GET /api/auth/user (Protected)
Headers: Authorization: Bearer {token}
Returns: { user }
POST /api/scan/start (Protected)
Body: { username }
Returns: { scan: { id, username, results, riskScore, platformsFound } }
POST /api/scan/analyze (Protected)
Body: { scanId }
Returns: { analysis }
GET /api/scan/history (Protected)
Returns: { scans: [{id, username, riskScore, platformsFound, date}] }
GET /api/scan/:scanId (Protected)
Returns: { scan }
β User Authentication
- Email/password registration with bcrypt hashing
- JWT-based login (7-day token expiry)
- Google OAuth integration
- Secure token storage in localStorage
β Platform Scanning
- GitHub API (real-time user lookup)
- Reddit API (simulated for demo)
- Gravatar MD5 hashing
- Avatar fetching and display
β Risk Analysis
- Configurable risk scoring algorithm
- Platform-based weighting
- Exposure rate calculation
- Real-time score generation
β AI Recommendations
- Groq API integration (Lightning-fast LLM inference)
- Dynamic prompt generation based on scan results
- Real-time risk analysis and recommendations
- Markdown-formatted output
- Fallback analysis if API unavailable
β Data Persistence
- MongoDB storage of users
- Scan history with timestamps
- AI analysis caching
- User dashboard
β UI/UX
- Cyberpunk design with neon effects
- Glitch text animations
- Matrix rain background
- Glassmorphism cards
- Responsive layout
- Real-time scanning animations
Go to http://localhost:5173
Click "ENTER SYSTEM" β "REGISTER"
Fill in name, email, password
Submit β Should redirect to Dashboard
On Auth page, click "SIGN IN WITH GOOGLE"
Complete Google authentication
Should redirect to Dashboard with user profile
Go to Dashboard β "INITIATE SCAN"
Enter username (e.g., "github-username")
Click "SCAN TARGET"
Wait for GitHub/Reddit/Gravatar checks
View results, risk score, and AI analysis
Return to Dashboard
Scroll down to "SCAN HISTORY LOG"
Should show all previous scans with risk scores
MongoDB Atlas β Collections
opentrace database should have:
- users collection (with your account)
- scanresults collection (with scan history)
- Frontend: https://open-trace-six.vercel.app
- Status: β Production Ready
- Push to GitHub
- Vercel auto-deploys on every push
- Done! (1-2 min deployment time)
cd frontend
vercel --prodEnvironment Variables in Vercel Dashboard:
VITE_API_URL= Backend API URL (e.g., https://opentrace-backend.onrender.com/api)VITE_GOOGLE_CLIENT_ID= Your Google OAuth Client ID
Authorized Origins in Google Cloud Console:
https://open-trace-six.vercel.apphttp://localhost:5173(for local development)
-
Create Render Web Service:
- Go to https://render.com
- New β Web Service
- Connect GitHub repository
-
Configure Service:
- Name:
opentrace-api - Root Directory:
server/ - Runtime: Node
- Build Command:
npm install - Start Command:
npm start - Plan: Free or Paid
- Name:
-
Add Environment Variables:
PORT=3000 MONGODB_URI=mongodb+srv://... JWT_SECRET=your_strong_secret_key GROQ_API_KEY=gsk_xxxxx CLIENT_URL=https://open-trace-six.vercel.app GOOGLE_CLIENT_ID=xxxxx GOOGLE_CLIENT_SECRET=xxxxx -
Deploy: Click "Deploy" and wait 2-5 minutes
Frontend deployment fails:
- Check
VITE_API_URLis reachable - Verify
.envvariables in Vercel dashboard - Check build logs: Vercel Dashboard β Deployments
Backend deployment fails:
- Ensure
server/directory has package.json - Check MONGODB_URI is valid
- Verify all required env vars are set in Render
Google OAuth not working in production:
- Ensure
https://open-trace-six.vercel.appis in Google Console - Verify
VITE_GOOGLE_CLIENT_IDmatches frontend - Check
GOOGLE_CLIENT_IDandGOOGLE_CLIENT_SECRETin backend
- Never commit
.envfiles β use.env.example - Change JWT_SECRET in production β use strong random string
- Use HTTPS only in production
- Set MongoDB IP whitelist appropriately
- Rate limiting enabled on auth endpoints (5 attempts/15min)
- Passwords hashed with bcrypt (10 salt rounds)
- Google OAuth requires secure callback URLs
OpenTrace is for educational and cybersecurity awareness purposes only.
It uses only public APIs and does not engage in illegal surveillance, scraping, or data harvesting.
Always respect platform Terms of Service and privacy laws.
cd server && npm install- Check connection string in
server/.env - Verify IP whitelist in MongoDB Atlas
- Ensure database credentials are correct
- Verify
VITE_GOOGLE_CLIENT_IDmatches config - Check authorized JavaScript origins in Google Cloud Console
- No trailing slash in origin URLs:
https://domain.comnothttps://domain.com/ - Ensure
.envfiles are loaded (restart dev server) - Check browser popup blocker settings (Chrome/Firefox)
- Clear browser cache and cookies before testing
- This is browser security, not a code issue
- Chrome: Click lock icon β Site settings β Popups β Allow
- Firefox: Preferences β Privacy β Pop-ups β Exceptions
- Clear cache and try again
- Check token is stored in localStorage
- Verify JWT_SECRET matches between frontend and backend
- Clear localStorage and re-login
MIT Β© 2026 OpenTrace
This is an educational project. Feel free to fork, modify, and enhance for learning purposes.
For issues, check:
- Environment variables are correctly set
- MongoDB Atlas cluster is running
- Backend is accessible on http://localhost:5000/health
- Ports 5000 and 5173 are not in use


