Skip to content
Back to Work
featured2023

TraceBook

A privacy-conscious, location-sharing system for geo-social networks — built on an IEEE research paper.

Source

Background

Designed and implemented a full-stack web application for security-conscious location sharing in a geo-social network, based on the IEEE publication "Security-Conscious, Location-Sharing in a Geo-Social Network". Built as a final year undergraduate project at Jadavpur University under the mentorship of Dr. Munmun Bhattacharya.

The project gist and the full thesis are available for reference.

Architecture

The system was split into four independently deployable services:

  • A React frontend with Google Maps API and Material UI for real-time map rendering and privacy controls
  • A primary Express backend with MongoDB for user auth, profiles, and session management
  • A secondary Express backend with PostgreSQL and PostGIS for spatial queries and location storage
  • A WebSocket backend for real-time location broadcasting between connected users

The dual-database architecture was a deliberate choice — MongoDB for flexible document storage of user profiles, PostGIS for performant geospatial queries. A custom write-through layer kept the two databases in sync. The entire stack could be spun up with a single

docker compose up
.

Privacy Filtration

The core engineering challenge was the privacy filtration logic — users could share location with configurable precision, time-bounded access, and property-based filtering (age, gender, college). The PostGIS spatial function

nearby_privacy_entities
used
ST_Distance
and
ST_MakePoint
with SRID 4326 for geodesic distance calculations, returning filtered results ordered by proximity.

The privacy model ensured that visibility was not binary — users controlled who could see them, how precisely, and for how long. Each query passed through multiple filtration layers before any location data was returned.

API & Documentation

The entire API was documented with OpenAPI/Swagger. The system supported Google OAuth login, JWT-based session management, and secure backend intercommunication via shared secrets.

The architecture decisions — choosing PostGIS over MongoDB geospatial, WebSockets over polling, separate backends for separate concerns — were driven by the requirements of a system where latency, correctness, and privacy had to coexist.

Tech Stack

MERN
PostGIS
WebSockets
Redis
Kafka
Swagger