Secure Data Provisioning Service
A secure intermediary service that connects to enterprise databases, extracts only approved tables and columns, and syncs them into a SQLite file for analysts, developers, or testers who need a lightweight, isolated dataset.
- Isolation: Enterprise DB never communicates directly with end users
- Least Privilege: Connector uses read-only credentials
- Data Masking: Support for redaction, hashing, randomization, and tokenization
- Encryption: TLS for data in transit, optional encryption at rest
- Web-based interface for configuration management
- Configure data sources with multiple database types support
- Select specific tables and columns to sync
- Set up data masking rules for sensitive fields
- Configure sync schedules (manual, hourly, daily, weekly, or cron)
- Full refresh or incremental sync modes
- Transactional integrity for consistent SQLite files
- Progress tracking and real-time status updates
- Automatic compression and encryption options
- Track every sync execution
- Log all configuration changes
- Monitor downloads and access
- Full audit trail for compliance
- Frontend: Next.js 14+ (App Router), React, TypeScript
- UI Components: Shadcn UI, Tailwind CSS
- Database: SQLite with Prisma ORM
- State Management: Zustand
- Icons: Lucide React
- Node.js 18+
- npm or yarn
- Clone the repository:
git clone <repository-url>
cd sentinel-connect- Install dependencies:
npm install- Set up the database:
npx prisma generate
npx prisma db push
npm run db:seed- Start the development server:
npm run dev-
Open http://localhost:3000 in your browser.
-
Login with OTP authentication:
- Enter email:
admin@sentinelconnect.local - Check console for OTP code (or configure SMTP in Settings)
- Enter the 6-digit OTP code
- Enter email:
Note: Without SMTP configured, OTP codes are logged to the console. Configure SMTP in Settings for email delivery.
sentinel-connect/
├── prisma/
│ └── schema.prisma # Database schema
├── src/
│ ├── app/ # Next.js app router pages
│ │ ├── api/ # API routes
│ │ ├── data-sources/ # Data source management
│ │ ├── sync-configs/ # Sync configuration
│ │ ├── jobs/ # Job monitoring
│ │ ├── audit-logs/ # Audit log viewer
│ │ └── settings/ # Application settings
│ ├── components/
│ │ ├── layout/ # Layout components
│ │ └── ui/ # Shadcn UI components
│ ├── lib/
│ │ ├── api.ts # API client functions
│ │ ├── db.ts # Prisma client
│ │ ├── store.ts # Zustand store
│ │ └── utils.ts # Utility functions
│ └── types/
│ └── index.ts # TypeScript definitions
└── output/ # Sync output files (gitignored)
Configure connections to enterprise databases (PostgreSQL, MySQL, SQL Server, Oracle). Each data source stores connection credentials securely and can be tested before use.
Define what data to sync from a data source:
- Select specific tables and columns
- Apply row filters with WHERE clauses
- Configure data masking rules
- Set up sync schedules
Track execution of sync configurations:
- View real-time progress
- Monitor rows and tables processed
- Download output files
- View error details for failed jobs
Comprehensive logging of all system activities:
- Configuration changes
- Sync executions
- Connection tests
- File downloads
GET /api/data-sources- List all data sourcesPOST /api/data-sources- Create a new data sourceGET /api/data-sources/:id- Get data source detailsPUT /api/data-sources/:id- Update a data sourceDELETE /api/data-sources/:id- Delete a data sourceGET /api/data-sources/:id/test- Test connectionGET /api/data-sources/:id/tables- Discover tables
GET /api/sync-configs- List all configurationsPOST /api/sync-configs- Create a new configurationGET /api/sync-configs/:id- Get configuration detailsPUT /api/sync-configs/:id- Update a configurationDELETE /api/sync-configs/:id- Delete a configurationPUT /api/sync-configs/:id/tables- Update table configsPOST /api/sync-configs/:id/run- Trigger a sync
GET /api/sync-jobs- List all jobsGET /api/sync-jobs/:id- Get job detailsPOST /api/sync-jobs/:id/cancel- Cancel a running job
GET /api/audit-logs- List audit logs
GET /api/users- List all usersPOST /api/users- Create a new userGET /api/users/:id- Get user detailsPUT /api/users/:id- Update a userDELETE /api/users/:id- Delete a user
GET /api/smtp- Get SMTP settingsPUT /api/smtp- Update SMTP settingsPOST /api/smtp/test- Test SMTP connection
POST /api/auth/request-otp- Request OTP codePOST /api/auth/[...nextauth]- NextAuth.js handlers
GET /api/dashboard/stats- Get dashboard statistics
Create a .env file in the root directory:
# Database
DATABASE_URL="file:./dev.db"
# Application
NEXT_PUBLIC_APP_NAME="SentinelConnect"
NEXT_PUBLIC_APP_URL="http://localhost:3000"
# Security (change in production!)
JWT_SECRET="your-super-secret-jwt-key"
ENCRYPTION_KEY="your-32-character-encryption-key"npm run devnpm run buildnpm startnpx prisma migrate devnpx prisma studio- User authentication with 6-digit OTP (passwordless)
- User management with admin approval workflow
- Role-based access control (Admin / Supervisor)
- Account expiry dates and suspension
- SMTP configuration for email delivery
- Real database connectors (PostgreSQL, MySQL, SQL Server)
- SQLite file generation with better-sqlite3
- Data masking (redact, hash, randomize, partial)
- Credential encryption (AES-256-GCM)
- Scheduled sync execution (node-cron)
- File download endpoint
- Comprehensive audit logging
| Role | Access |
|---|---|
| Admin | Full access: Data sources, sync configs, jobs, audit logs, user management, all settings |
| Supervisor | Limited access: Data sources, sync configs, jobs, audit logs, notification settings only |
- User enters email on login page
- System sends 6-digit OTP (valid for 10 minutes)
- User enters OTP to authenticate
- Session lasts 120 minutes
npx next dev --port 5555
- Cloud storage integration (Azure Blob, S3, GCS)
- Oracle database connector
- Incremental sync with change tracking
- API key authentication
- Rate limiting
MIT
Contributions are welcome! Please read our contributing guidelines before submitting a pull request.