Building a P2P LAN Chat & File Sharing System with FastAPI (opens in new tab)

dev.to·11w·DEV·Open original (opens in new tab)

A learning journey into WebSockets, JWT authentication, and peer-to-peer architecture

3-4 minute read | View on GitHub

The Challenge

Modern chat applications rely heavily on centralized servers that handle everything—messages, files, user management. But what if you wanted to build something different? What if files could transfer directly between users while still having the convenience of a central coordination point?

That’s exactly what I set out to explore while learning FastAPI.

The Vision: Hybrid Architecture

Instead of building yet another fully centralized chat app, I designed a hybrid system that combines the best of both worlds:

  • Centralized coordination for user discovery and message routing
  • Decentralized file transfers for speed and efficiency

Think of it like a LAN party where one computer acts as the "lobby" (the server), but when you want to share a game save or file, you transfer it directly to your friend’s machine.

Why This Approach?

The Problem with Pure Centralization

When you upload a 500MB file to a chat app, it typically goes:

Your computer → Server → Friend's computer

This means:

  • The server needs massive storage
  • Upload happens twice (you upload, friend downloads)
  • Server becomes a bottleneck
  • Privacy concerns (server has all your files)

The P2P Solution

My system works differently:

Your computer → Friend's computer (direct)
Server only shares: "Hey, Alice has a file available at 192.168.1.100:8001"

Benefits:

  • LAN-speed transfers (100+ MB/s instead of internet speeds)
  • No server storage needed (server only handles metadata)
  • Privacy-friendly (files never touch the central server)
  • Scalable (server handles lightweight messages, not heavy files)

Technical Implementation

The Server Stack

Built with FastAPI and WebSockets, the server handles:

  1. JWT Authentication: Secure, stateless auth with access and refresh tokens
  2. User Registry: Tracks who’s online via WebSocket connections
  3. Message Routing: Broadcasts or private message delivery
  4. Metadata Exchange: Shares file locations between peers
# The server never sees actual files
await conn.send_json({
"type": "file",
"from_user": "alice",
"file_name": "document.pdf",
"p2p_ip": "192.168.1.100:8001"  # Direct to peer
})

The Client Design

Each client is actually two servers in one:

  1. WebSocket Client: Connects to central server
  2. Local HTTP Server: Serves shared files to other peers

When you share a file:

  1. Your client adds the path to an allowlist
  2. Sends metadata to the central server
  3. Server routes metadata to recipient(s)
  4. Recipients connect directly to YOUR HTTP server
  5. File transfers peer-to-peer

Security Considerations

Path Validation: Clients only serve explicitly shared files

Loading more...

Keyboard Shortcuts

Navigation
Next / previous item
j/k
Open post
oorEnter
Preview post
v
Post Actions
Love post
a
Like post
l
Dislike post
d
Undo reaction
u
Save / unsave
s
Recommendations
Add interest / feed
Enter
Not interested
x
Go to
Home
gh
Interests
gi
Feeds
gf
Likes
gl
History
gy
Changelog
gc
Settings
gs
Browse
gb
Search
/
General
Show this help
?
Submit feedback
!
Close modal / unfocus
Esc

Press ? anytime to show this help