Giters

jaydn / rotnote

Self-destructing notes on Go with tiny secured client-side

Home Page:https://rotnote.com

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

self-destructing-messagesnotescryptographygolang

Tornote

Build Status Test Status Docker Image Go Doc License: Apache

Self-destructing notes written on Go with Stanford JS Crypto Library for client-side encryption/decryption.

Latest stable version deployed on https://tornote.herokuapp.com/

Security aspects

  • AES-256 encryption used with 27 bytes secret key (randomly generated on client).

  • All private data including secret not leaving a web-browser without encryption.

  • Server stored only anonymous encrypted data (without any reference to author or reader).

  • Note decrypted on the client-side via the SJCL and immediately deleted on server after reading.

If you have ideas to improve the our safety/security so far as possible please post the issue.

Settings

Configuration settings can be set with .env file or environment.

DATABASE_URL - Data source name (DSN) for PostgreSQL database.

SECRET_KEY - Server secret used for CSRF protection.

HTTPS_ONLY - HTTPS only traffic allowed (disabled by default).

Getting started

Deploy to Heroku cloud:

Deploy to Heroku

Build and run locally with Docker:

git clone https://github.com/osminogin/tornote
docker build -t tornote .
docker run -p 8000:8000 -e DATABASE_URL=... -e SECRET_KEY=... tornote

ChangeLog

CHANGELOG.md

License

See COPYING

About

Self-destructing notes on Go with tiny secured client-side

https://rotnote.com

self-destructing-messagesnotescryptographygolang

License:GNU Affero General Public License v3.0

Languages

Language:Go 63.1%Language:HTML 15.6%Language:JavaScript 15.4%Language:Makefile 2.4%Language:Dockerfile 1.9%Language:CSS 1.5%