A document signing platform built with SvelteKit, SurrealDB, and JSignPDF. Upload PDF documents, send them to recipients for signing via email, and apply visible digital signatures with hand-drawn signature images.
- Frontend: SvelteKit (Svelte 5), Tailwind CSS, shadcn-svelte
- Database: SurrealDB with record-level access control
- Signing: JSignPDF 3.0.1 (Java-based PDF digital signatures)
- PDF Preview: pdf.js (pdfjs-dist)
- Email: Upyo SMTP (@upyo/core + @upyo/smtp)
- Runtime: Node.js (via Vite dev server)
- Package Manager: Bun
- User registration and authentication with JWT tokens
- Document upload and management dashboard
- Email-based signature request workflow
- PDF preview with page navigation
- Interactive signature placement (click-drag area selection)
- Hand-drawn signature capture (mouse and touch)
- Visible digital signatures applied via JSignPDF
- Signed document download for both signer and document owner
- Audit logging for all document actions
- Bun (v1.0+)
- SurrealDB (v2.0+)
- Java (JRE 11+ for JSignPDF)
- SMTP server (or MailHog for local development)
bun installsurreal start --user root --pass root file:signvault.dbsurreal import --conn http://127.0.0.1:8000 --user root --pass root --ns signvault --db signvault database.surqlCopy .env.example to .env (or create .env) with:
PUBLIC_SURREAL_URL=ws://127.0.0.1:8000
PUBLIC_SURREAL_NAMESPACE=signvault
PUBLIC_SURREAL_DATABASE=signvault
PUBLIC_SURREAL_ACCESS=user_access
SURREAL_USER=root
SURREAL_PASS=root
SMTP_HOST=localhost
SMTP_PORT=1025
SMTP_SECURE=false
SMTP_USER=
SMTP_PASS=
SMTP_FROM=noreply@signvault.app
PUBLIC_APP_URL=http://localhost:5173
SIGNING_CERT_PATH=src/lib/server/dev-cert.p12
SIGNING_CERT_PASSWORD=changeit
keytool -genkeypair -alias signvault -keyalg RSA -keysize 2048 \
-storetype PKCS12 -keystore src/lib/server/dev-cert.p12 \
-storepass changeit -validity 3650 \
-dname "CN=SignVault Dev, OU=Dev, O=SignVault, L=Dev, ST=Dev, C=US"bun run devThe app will be available at http://localhost:5173.
src/
lib/
api.ts # Client-side API helpers
auth.ts # Client-side auth (JWT + localStorage)
server/
auth.ts # Server-side JWT verification
surreal.ts # SurrealDB root connection
email.ts # SMTP email sending via Upyo
sign-pdf.ts # JSignPDF wrapper
jsignpdf-3.0.1/ # JSignPDF JAR
components/ui/ # shadcn-svelte components
routes/
+page.svelte # Landing page
(app)/
dashboard/+page.svelte # Document management dashboard
sign/[token]/+page.svelte # Signing flow (preview, place, draw, submit)
api/
documents/ # Upload and list documents
signature-requests/ # Create signature requests + send email
sign/[token]/ # Signing API (GET info, POST sign, PDF preview, download)
- A user uploads a PDF document from the dashboard
- They enter a recipient's email and send a signature request
- The recipient receives an email with a unique signing link
- The signing page shows a preview of the PDF
- The recipient selects where to place their signature on the document
- They draw their signature on a canvas
- The server applies the signature using JSignPDF with the drawn image
- Both the signer and the document owner can download the signed PDF
The SurrealDB schema (database.surql) defines the following tables:
- user — registered users with Argon2 hashed passwords
- user_key — cryptographic key pairs (for future use)
- document — uploaded documents with status tracking
- signature_request — pending/completed signature requests
- audit_log — immutable log of all document actions
All tables use row-level permissions tied to $auth.id.
This project was created for CPSC 449.