Enterprise-grade community tool sharing platform with advanced security, payment processing, and bundle management.
Built with .NET 9 and Blazor WebAssembly, NeighborTools provides a complete solution for tool sharing communities with professional-grade features including comprehensive security systems, payment processing, dispute resolution, and regulatory compliance.
# Complete setup (backend + frontend)
./setup-complete.sh
# Or manual setup
cd backend && ./scripts/install.sh
cd frontend && dotnet run- Individual Tool Rentals - Complete rental lifecycle management
- Advanced Bundle System - Curated tool collections for complete project solutions
- Smart Availability - Coordinated booking across multiple tools
- Dynamic Pricing - Bundle discounts and real-time cost calculation
- Image Management - Multi-image upload with MinIO object storage
- PayPal Integration - Secure payment processing with webhook validation
- Security Deposits - Configurable deposit management
- Platform Commission - Automated fee calculation and collection
- Payout Management - Automated owner payments with configurable delays
- Receipt Generation - Professional PDF receipts with detailed breakdowns
- Fraud Detection - Advanced fraud prevention with velocity limits and suspicious activity monitoring
- Phase 3 Security System - Multi-layered security with advanced analytics
- Rate Limiting - Configurable per-endpoint rate limiting with Redis backend
- Brute Force Protection - Advanced attack detection and prevention
- IP Security - Geographic filtering and malicious IP blocking
- Session Management - Device fingerprinting and session hijacking detection
- Security Analytics - Real-time threat monitoring with admin dashboard
- GDPR Compliance - Complete data protection and privacy management
- Secure Messaging - Real-time communication with automated content moderation
- Dispute Resolution - Complete dispute management with evidence upload
- Mutual Closure - Collaborative dispute resolution system
- Email Notifications - Comprehensive email system with professional templates
- Favorites System - Save tools and bundles for quick access
- Public Profiles - User profiles with rental history and ratings
- Advanced Search - Powerful filtering and discovery tools
- Mobile Responsive - Optimized for all device sizes
- Dark Theme - Complete dark mode support
- Admin Dashboard - Comprehensive platform management
- Security Analytics - Real-time threat monitoring and alerting
- Performance Metrics - System health monitoring with CPU/memory tracking
- Sample Data Management - Controlled test data for development
- MinIO Management - File storage administration
- User Management - Complete user lifecycle administration
- Clean Architecture - Separation of Core, Infrastructure, and API layers
- CQRS Pattern - Command/Query separation for scalable operations
- Entity Framework Core - MySQL database with comprehensive migrations
- Mapster - High-performance object mapping
- MediatR - Mediator pattern for loose coupling
- Docker Support - Complete containerization with multi-stage builds
- Component Architecture - Reusable UI components with MudBlazor 8.x
- State Management - Centralized authentication and application state
- Service Layer - Clean API communication with automatic token handling
- Progressive Web App - Offline support and app-like experience
- MySQL 8.0 - Primary database with optimized indexes
- Redis 7 - Distributed caching and rate limiting
- MinIO - S3-compatible object storage for files and images
- Docker Compose - Complete development environment orchestration
| Component | Technology | Purpose |
|---|---|---|
| API | .NET 9, ASP.NET Core | RESTful API with OpenAPI documentation |
| Frontend | Blazor WebAssembly | Client-side web application |
| Database | MySQL 8.0 | Primary data storage |
| Cache | Redis 7 | Rate limiting and performance |
| Storage | MinIO | File and image storage |
| Authentication | JWT + ASP.NET Identity | Secure user authentication |
| Payments | PayPal API | Payment processing |
| Security | Custom middleware stack | Multi-layered security system |
| Monitoring | Performance metrics | System health monitoring |
# Backend with hot reload + Frontend
cd backend && ./start-watch.sh
# In another terminal:
cd frontend && dotnet run# Backend in Docker + Frontend
cd backend && ./start-production.sh
# In another terminal:
cd frontend && dotnet run# Start storage services only
cd backend && ./scripts/storage/start.sh
# Start API (choose one)
./scripts/api/start-local.sh # dotnet run
./scripts/api/start-watch.sh # hot reload
./scripts/api/start-docker.sh # Docker container| Service | URL | Purpose |
|---|---|---|
| Frontend | http://localhost:5000 | Main application |
| API | http://localhost:5002 | Backend services |
| Swagger | http://localhost:5002/swagger | API documentation |
| MinIO Console | http://localhost:9001 | File storage admin |
- Phase 1: Request filtering, IP security, security headers
- Phase 2: Advanced rate limiting with Redis backend
- Phase 3: Session security, brute force protection, analytics
- Geographic Filtering - Block/allow countries with IP geolocation
- Attack Detection - Velocity, distributed, and pattern-based attack detection
- Session Monitoring - Device fingerprinting and impossible travel detection
- Token Security - JWT blacklist and automatic rotation
- Content Moderation - Automated message content filtering
- GDPR Ready - Complete data protection compliance
- Cookie Consent - Configurable consent management
- Data Export - Automated personal data export
- Privacy Controls - User data management and deletion rights
- System Health - CPU, memory, response times
- Security Threats - Active threat detection and alerting
- Performance - Database queries, cache hit rates
- Geographic Activity - User location and threat mapping
- Security Dashboard - Comprehensive threat monitoring
- User Analytics - Registration trends and activity patterns
- System Status - Infrastructure health monitoring
- Alert Management - Configurable security alerts
- Email: [email protected]
- Password: Password123!
Test accounts available through admin panel sample data management.
- Rate limiting: 2,000 requests per hour per endpoint
- Redis authentication enabled by default
- Security headers enforced
- Content moderation active
- API Documentation: Available at
/swaggerwhen running - Bundle System: See
BUNDLE_SYSTEM_DOCUMENTATION.md - Security Configuration: See
backend/scripts/README.md - Development Guide: See
CLAUDE.md
# Complete interactive setup
./setup-complete.sh
# Backend configuration only
cd backend && ./scripts/install.sh
# View current configuration
cd backend && ./scripts/show-config.shAfter running the installation script, you can customize optional features by editing backend/src/ToolsSharing.API/config.json:
Configure PayPal integration for payment processing:
{
"Payment": {
"PayPal": {
"ClientId": "YOUR_PAYPAL_CLIENT_ID",
"ClientSecret": "YOUR_PAYPAL_CLIENT_SECRET",
"Mode": "sandbox", // or "live" for production
"WebhookId": "YOUR_WEBHOOK_ID",
"DisputeWebhookId": "YOUR_DISPUTE_WEBHOOK_ID",
"IsEnabled": true
}
}
}PayPal Setup:
- Create a PayPal Developer account at https://developer.paypal.com
- Create a new application to get Client ID and Secret
- Configure webhooks for payment and dispute events
- Update config.json with your credentials
Configure SMTP settings for email notifications:
{
"EmailSettings": {
"SmtpServer": "smtp.gmail.com",
"SmtpPort": "587",
"SmtpUsername": "[email protected]",
"SmtpPassword": "your-app-password",
"FromEmail": "[email protected]",
"FromName": "Your Platform Name"
}
}SMTP Providers:
- Gmail: smtp.gmail.com:587 (requires app password)
- Outlook: smtp-mail.outlook.com:587
- SendGrid: smtp.sendgrid.net:587
- Custom: Your SMTP provider settings
Leave SmtpServer empty to disable email sending (development mode).
Configure SightEngine API for automated content moderation:
{
"SightEngine": {
"ApiUser": "YOUR_SIGHTENGINE_USER",
"ApiSecret": "YOUR_SIGHTENGINE_SECRET",
"Thresholds": {
"NudityThreshold": 0.5,
"OffensiveThreshold": 0.6,
"ProfanityThreshold": 0.5
}
}
}SightEngine Setup:
- Sign up at https://sightengine.com/
- Get API credentials from your dashboard
- Configure detection thresholds (0.0-1.0)
- Leave credentials empty to disable (basic moderation still active)
Advanced security settings with sensible defaults:
{
"RateLimit": {
"EnableRateLimiting": true,
"EndpointPolicies": {
"/api/auth/login": { "RequestsPerWindow": 20 },
"/api/*": { "RequestsPerWindow": 2000 }
}
},
"IPSecurity": {
"EnableIPBlocking": true,
"BlockedCountries": ["CN", "RU"], // ISO country codes
"KnownMaliciousIPs": []
},
"BruteForceProtection": {
"MaxFailedAttemptsBeforeLockout": 5,
"AccountLockoutDuration": "00:15:00"
}
}Financial fraud prevention with configurable limits:
{
"FraudDetection": {
"DailyAmountLimit": 5000.00,
"HighRiskAmountThreshold": 2000.00,
"AutoBlockRiskScore": 85.0
}
}Privacy and data protection settings:
{
"GDPR": {
"DataRetentionPeriodYears": 7,
"CookieConsentExpiryDays": 365,
"PrivacyPolicyVersion": "1.0"
}
}After editing config.json, restart the backend to apply changes:
cd backend
./scripts/api/stop.sh
./scripts/api/start-local.sh # or start-watch.shConfiguration Tips:
- Essential services (MySQL, Redis, MinIO) are configured during installation
- Payment processing requires PayPal developer account
- Email notifications require SMTP provider or service
- Content moderation requires SightEngine API account
- Security features work with default settings
- All optional features can be disabled by leaving credentials empty
NeighborTools includes enterprise-grade features for production deployment:
- Security: Multi-layered security system with threat detection
- Scalability: Redis caching and optimized database queries
- Monitoring: Performance metrics and health checks
- Compliance: GDPR-ready privacy and data protection
- Reliability: Comprehensive error handling and logging
- Maintenance: Automated database migrations and seeding
- Fork the repository
- Create a feature branch
- Run GitLeaks setup:
./setup-gitleaks.sh - Make your changes with comprehensive tests
- Submit a pull request
MIT License - see LICENSE file for details.