Secure, one-time secret sharing made simple.
Built by @fadez in Cursor using Laravel, Vue.js and Tailwind CSS.
SneakPeek showcases my full-stack development skills and workflow, combining modern frameworks and best practices to deliver a secure, scalable, and production-quality web application.
- Laravel framework v12
- RESTful API using Laravel API Resources with clean controllers and rate-limited routes
- Eloquent ORM with custom scopes, accessors, and API Resources
- Database migrations with proper indexing for performance and integrity
- A scheduled command to permanently wipe expired secrets from the database
- Security-first design
- End-to-end privacy — no authentication, no logs
- Secrets can only be accessed once, then wiped permanently
- Encrypted content storage using Laravel's built-in encryption
- Optional hashed passphrase protection for secrets
- Optional expiration time for secrets
- Minimized framework exposure to prevent framework identification and targeted attacks
- API throttling (rate limiting) to prevent brute-force attacks
- Clean architecture
- Readable, maintainable code with scoped responsibilities
- SOLID principles applied throughout
- Quality Assurance (QA)
- A comprehensive suite of unit, feature, and browser tests using Pest, utilizing its native Playwright integration for E2E browser testing
- Strict code consistency and PSR-12 compliance, enforced by Laravel Pint
- Strict static analysis with maximum type safety across the entire codebase with PHPStan level 10, enforced by Larastan
- Vue.js v3.5
- Composition API with the
<script setup>syntax for clean components - Modular, component-based structure with reusable Single File Components (SFC)
- Single-page application (SPA) architecture powered by Vue Router
- Consistent naming conventions and directory organization for ease of navigation and scalability
- State-driven reactivity ensuring seamless user interaction
- Composition API with the
- Tailwind CSS v4.2
- Elegant, mobile-first responsive design
- Light and dark mode support with automatic switching
- Vite
- Lightning-fast builds and production optimization
- Continuous Integration (CI)
- Automated CI pipeline using Laravel Pint, PHPStan, Pest, and Playwright via GitHub Actions on every push
- Continuous Deployment (CD)
- Automated CD pipeline that deploys to a Google Cloud Compute Engine instance via SSH
- Secure SSH orchestration using encrypted GitHub Secrets and SSH key pairs for automated remote deployment
- Deployment
- Zero-friction deployment with included deployment script and nginx configuration template
- Developer Experience (DX)
- Automated onboarding via a single command that handles environment setup, SQLite database creation, and dependency installation
- Laravel Boost integration for Cursor via MCP (Model Context Protocol) server accelerates AI-assisted development by providing the essential context and structure that AI needs
- Automated linting and formatting using Prettier to ensure a standardized code style across all Vue and CSS files
Before beginning installation, make sure that your local machine has:
- PHP v8.3+
- Node.js and npm v20+
- Composer
- Git
I highly recommend using Laravel Herd as your local development environment.
Go to your Laravel Herd or Laravel Valet sites folder and run:
git clone https://github.com/fadez/sneakpeek.git && cd sneakpeek && composer setupIf you're using Laravel Herd or Laravel Valet, you can now access the app at sneakpeek.test.
You can run the full test suite, PHPStan and Laravel Pint with a single command:
composer test