calibur
Back to Inventory
ShippedProductivity / Cloud Architecture

UniDrive

One dashboard, infinite storage — manage 30+ Google Drives from a single command center.

SvelteKit 2Svelte 5Tailwind 4MongoDBPrismaLucia v3Google OAuth 2.0AES Encryption
View SourceLive Demo

The Problem

Power users juggle a dozen Gmail accounts, each with its own Drive, each constantly hitting 'Storage Full'. Logging in and out to find that one file across accounts is a daily friction tax — and there's no native way to search, transfer, or audit storage across them.

The Solution

UniDrive aggregates dozens of Google accounts into a single, unified file explorer with full CRUD support across drives. AES-encrypted refresh tokens, an LRU image proxy, and intelligent API budgeting let it scale to 30+ accounts without ever exhausting Google's quotas — and never storing decrypted secrets at rest.

Key Features

  • Unified file explorer aggregating 30+ Google Drives at once
  • Full CRUD: browse, upload, download, search, star, rename, delete, share
  • AES-encrypted OAuth token storage — never decrypted at rest
  • LRU-cached image proxy with 7-day Cache-Control for thumbnails
  • Promise.allSettled fan-out for graceful partial-failure handling
  • Rate-limit-aware API budgeting prevents Google quota bans
  • Modern dark/light theme with CSS-variable-driven design tokens

Technical Challenges

01 · The N+1 API Quota Problem

Fetching storage and thumbnail data for 30 accounts simultaneously would burn through Google's API quotas in seconds. Solution: storage data is fetched only on link or stale (>1hr) refresh, and a custom /api/img proxy with in-process LRU cache + 7-day Cache-Control collapses thumbnail requests by orders of magnitude.

02 · High Availability with Partial Failures

If one of 30 linked accounts has an expired token, the dashboard should not break for the other 29. Solution: every cross-account fetch uses Promise.allSettled so the UI gracefully degrades, rendering healthy accounts and isolating errors to the offending one.

03 · Securing Sensitive OAuth Tokens

Storing dozens of highly-privileged Google refresh tokens is a massive breach risk. Solution: AES encryption (tokens.js) wraps every token before it touches the database; decryption happens only in-memory inside server-side handlers — zero plaintext at rest.

Future Scope

  • Unified Gmail inbox across all linked accounts
  • Google Calendar and Photos aggregation
  • Cross-account drag-and-drop file transfers
← All projectsDiscuss this project