mirror
/
staticrypt
kopia lustrzana https://github.com/robinmoisson/staticrypt
1
0
Forkuj 0
Kod Zgłoszenia Packages Projekty Wydania Wiki Aktywność

set remember checkbox as default behavior, add `--noremember` flag

pull/126/head v2.0.1
Robin Moisson 2022-02-10 19:58:07 +01:00
rodzic 645d7e1e96
commit 5c9bb04d20
4 zmienionych plików z 77 dodań i 95 usunięć
Pokaż statystyki Ściągnij plik aktualizacji Ściągnij plik porównania Expand all files Collapse all files

58
README.md
Wyświetl plik

@ -25,32 +25,36 @@ Staticrypt is available through npm as a CLI, install with `npm install -g stati
Usage: staticrypt <filename> <passphrase> [options]
Options:
--help Show help [boolean]
--version Show version number [boolean]
-e, --embed Whether or not to embed crypto-js in the page (or use
an external CDN)
--help Show help [boolean]
--version Show version number [boolean]
-e, --embed Whether or not to embed crypto-js in the page
(or use an external CDN).
[boolean] [default: true]
-o, --output File name / path for generated encrypted file
-o, --output File name / path for generated encrypted file.
[string] [default: null]
-t, --title Title for output HTML page
-t, --title Title for output HTML page.
[string] [default: "Protected Page"]
-i, --instructions Special instructions to display to the user.
[string] [default: null]
-f, --file-template Path to custom HTML template with password prompt.
[string] [default: "[...]/cli/password_template.html"]
-r, --remember Show a "Remember me" checkbox that will save the
(salted + hashed) passphrase in localStorage when
entered by the user.
You can set the expiration in days as value (no
value means "0", no expiration). [number]
--remember-label Label to use for the "Remember me" checkbox.
Default: "Remember me".
[string] [default: "Remember me"]
--passphrase-placeholder Placeholder to use for the passphrase input.
Default: "Passphrase".
[string] [default: "Passphrase"]
--decrypt-button Label to use for the decrypt button. Default:
"DECRYPT". [string] [default: "DECRYPT"]
-i, --instructions Special instructions to display to the user.
[string] [default: ""]
-f, --file-template Path to custom HTML template with passphrase
prompt.
[string] [default: "/geek/staticrypt/cli/password_template.html"]
-r, --remember Show a "Remember me" checkbox that will save the
(salted + hashed) passphrase in localStorage
when entered by the user.
You can set the expiration in days as value (no
value means "0", no expiration).
[number] [default: 0]
--noremember Set this flag to remove the "Remember me"
checkbox. [boolean] [default: false]
--remember-label Label to use for the "Remember me" checkbox.
Default: "Remember me".
[string] [default: "Remember me"]
--passphrase-placeholder Placeholder to use for the passphrase input.
Default: "Passphrase".
[string] [default: "Passphrase"]
--decrypt-button Label to use for the decrypt button. Default:
"DECRYPT". [string] [default: "DECRYPT"]
Example usages:
@ -59,9 +63,9 @@ Example usages:
You can use a custom template for the password prompt - just copy `cli/password_template.html` and modify it to suit your presentation style and point to your template file with the `-f` flag. Be careful to not break the encrypting javascript part, the variables replaced by staticrypt are between curly brackets: `{instructions}`.
### `--remember`
### "Remember me" checkbox
This will add a "Remember me" checkbox. If checked, when the user enters their passphrase its salted hashed value will be stored in localStorage. In case this value becomes compromised an attacker can decrypt the page, but this should hopefully protect against password reuse attack (of course please use a unique passphrase nonetheless).
By default, the CLI will add a "Remember me" checkbox on the password prompt. If checked, when the user enters their passphrase its salted hashed value will be stored in localStorage. In case this value becomes compromised an attacker can decrypt the page, but this should hopefully protect against password reuse attack (of course please use a unique passphrase nonetheless).
This allows encrypting multiple page on a single domain with the same password: if you check "Remember me", you'll have to enter you password once then all the pages on that domain will automatically decrypt their content.
@ -69,6 +73,10 @@ If no value is provided the stored passphrase doesn't expire, you can also give
You can clear the values in localStorage (effectively "login out") at any time by appending `staticrypt_logout` to the URL query paramets (`mysite.com?staticrypt_logout`).
#### `--noremember`
If you don't want the checkbox to be included, you can add the `--noremember` flag to disable it.
### `--embed` and crypto-js
If you do not embed crypto-js and serve it from a CDN, some adblockers see the `crypto-js.min.js`, think that's a crypto miner and block it.

58
cli/README.md
Wyświetl plik

@ -25,32 +25,36 @@ Staticrypt is available through npm as a CLI, install with `npm install -g stati
Usage: staticrypt <filename> <passphrase> [options]
Options:
--help Show help [boolean]
--version Show version number [boolean]
-e, --embed Whether or not to embed crypto-js in the page (or use
an external CDN)
--help Show help [boolean]
--version Show version number [boolean]
-e, --embed Whether or not to embed crypto-js in the page
(or use an external CDN).
[boolean] [default: true]
-o, --output File name / path for generated encrypted file
-o, --output File name / path for generated encrypted file.
[string] [default: null]
-t, --title Title for output HTML page
-t, --title Title for output HTML page.
[string] [default: "Protected Page"]
-i, --instructions Special instructions to display to the user.
[string] [default: null]
-f, --file-template Path to custom HTML template with password prompt.
[string] [default: "[...]/cli/password_template.html"]
-r, --remember Show a "Remember me" checkbox that will save the
(salted + hashed) passphrase in localStorage when
entered by the user.
You can set the expiration in days as value (no
value means "0", no expiration). [number]
--remember-label Label to use for the "Remember me" checkbox.
Default: "Remember me".
[string] [default: "Remember me"]
--passphrase-placeholder Placeholder to use for the passphrase input.
Default: "Passphrase".
[string] [default: "Passphrase"]
--decrypt-button Label to use for the decrypt button. Default:
"DECRYPT". [string] [default: "DECRYPT"]
-i, --instructions Special instructions to display to the user.
[string] [default: ""]
-f, --file-template Path to custom HTML template with passphrase
prompt.
[string] [default: "/geek/staticrypt/cli/password_template.html"]
-r, --remember Show a "Remember me" checkbox that will save the
(salted + hashed) passphrase in localStorage
when entered by the user.
You can set the expiration in days as value (no
value means "0", no expiration).
[number] [default: 0]
--noremember Set this flag to remove the "Remember me"
checkbox. [boolean] [default: false]
--remember-label Label to use for the "Remember me" checkbox.
Default: "Remember me".
[string] [default: "Remember me"]
--passphrase-placeholder Placeholder to use for the passphrase input.
Default: "Passphrase".
[string] [default: "Passphrase"]
--decrypt-button Label to use for the decrypt button. Default:
"DECRYPT". [string] [default: "DECRYPT"]
Example usages:
@ -59,9 +63,9 @@ Example usages:
You can use a custom template for the password prompt - just copy `cli/password_template.html` and modify it to suit your presentation style and point to your template file with the `-f` flag. Be careful to not break the encrypting javascript part, the variables replaced by staticrypt are between curly brackets: `{instructions}`.
### `--remember`
### "Remember me" checkbox
This will add a "Remember me" checkbox. If checked, when the user enters their passphrase its salted hashed value will be stored in localStorage. In case this value becomes compromised an attacker can decrypt the page, but this should hopefully protect against password reuse attack (of course please use a unique passphrase nonetheless).
By default, the CLI will add a "Remember me" checkbox on the password prompt. If checked, when the user enters their passphrase its salted hashed value will be stored in localStorage. In case this value becomes compromised an attacker can decrypt the page, but this should hopefully protect against password reuse attack (of course please use a unique passphrase nonetheless).
This allows encrypting multiple page on a single domain with the same password: if you check "Remember me", you'll have to enter you password once then all the pages on that domain will automatically decrypt their content.
@ -69,6 +73,10 @@ If no value is provided the stored passphrase doesn't expire, you can also give
You can clear the values in localStorage (effectively "login out") at any time by appending `staticrypt_logout` to the URL query paramets (`mysite.com?staticrypt_logout`).
#### `--noremember`
If you don't want the checkbox to be included, you can add the `--noremember` flag to disable it.
### `--embed` and crypto-js
If you do not embed crypto-js and serve it from a CDN, some adblockers see the `crypto-js.min.js`, think that's a crypto miner and block it.

54
cli/index.js
Wyświetl plik

@ -10,38 +10,6 @@ const Yargs = require('yargs');
const SCRIPT_URL = 'https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/crypto-js.min.js';
const SCRIPT_TAG = '<script src="' + SCRIPT_URL + '" integrity="sha384-lp4k1VRKPU9eBnPePjnJ9M2RF3i7PC30gXs70+elCVfgwLwx1tv5+ctxdtwxqZa7" crossorigin="anonymous"></script>';
/**
* Check if a particular option has been set by the user. Use case:
*
* // The "--remember" flag has a specific behavior: if the flag is included without value (like '-r'), the key is set with
* // the value 'undefined'. If it is included with a value, ('-r 100'), the key is set with that value. Both means
* // remember is enabled. If the flag is omitted by the user the key isn't set, meaning remember is disabled.
*
* From https://github.com/yargs/yargs/issues/513#issuecomment-221412008
*
* @param option
* @returns {boolean}
*/
function userSetOption(option) {
function searchForOption(option) {
return process.argv.indexOf(option) > -1;
}
if (searchForOption(`-${option}`) || searchForOption(`--${option}`)) {
return true;
}
// Handle aliases for same option
for (let aliasIndex in yargs.parsed.aliases[option]) {
const alias = yargs.parsed.aliases[option][aliasIndex];
if (searchForOption(`-${alias}`) || searchForOption(`--${alias}`))
return true;
}
return false;
}
/**
* Salt and encrypt a msg with a password.
* Inspired by https://github.com/adonespitogo
@ -80,7 +48,7 @@ function hashPassphrase(passphrase) {
};
}
const yargs = Yargs
const namedArgs = Yargs
.usage('Usage: staticrypt <filename> <passphrase> [options]')
.demandCommand(2)
.option('e', {
@ -113,12 +81,16 @@ const yargs = Yargs
describe: 'Path to custom HTML template with passphrase prompt.',
default: path.join(__dirname, 'password_template.html')
})
// do not give a default option to this 'remember' parameter - we want to see when the flag is included with no
// value and when it's not included at all
.option('r', {
alias: 'remember',
type: 'number',
describe: 'Show a "Remember me" checkbox that will save the (salted + hashed) passphrase in localStorage when entered by the user.\nYou can set the expiration in days as value (no value means "0", no expiration).',
default: 0,
})
.option('noremember', {
type: 'boolean',
describe: 'Set this flag to remove the "Remember me" checkbox.',
default: false,
})
.option('remember-label', {
type: 'string',
@ -134,8 +106,7 @@ const yargs = Yargs
type: 'string',
describe: 'Label to use for the decrypt button. Default: "DECRYPT".',
default: 'DECRYPT'
});
const namedArgs = yargs.argv;
}).argv;
if (namedArgs._.length !== 2) {
Yargs.showHelp();
@ -178,21 +149,16 @@ if (namedArgs.embed) {
}
}
const isRememberEnabled = userSetOption('r');
// give a default value here instead of in the yargs config, so we can distinguish when the flag is included with no
// value from when the flag isn't included
const rememberDurationInDays = namedArgs.remember ? namedArgs.remember : 0;
const data = {
crypto_tag: cryptoTag,
decrypt_button: namedArgs.decryptButton,
embed: namedArgs.embed,
encrypted: encryptedMessage,
instructions: namedArgs.instructions,
is_remember_enabled: isRememberEnabled ? 'true' : 'false',
is_remember_enabled: namedArgs.noremember ? 'false' : 'true',
output_file_path: namedArgs.output !== null ? namedArgs.output : input.replace(/\.html$/, '') + "_encrypted.html",
passphrase_placeholder: namedArgs.passphrasePlaceholder,
remember_duration_in_days: rememberDurationInDays,
remember_duration_in_days: namedArgs.remember,
remember_me: namedArgs.rememberLabel,
salt: salt,
title: namedArgs.title,

2
cli/package.json
Wyświetl plik

@ -1,6 +1,6 @@
{
"name": "staticrypt",
"version": "2.0.0",
"version": "2.0.1",
"description": "Based on the [crypto-js](https://github.com/brix/crypto-js) library, StatiCrypt uses AES-256 to encrypt your input with your passphrase and put it in a HTML file with a password prompt that can decrypted in-browser (client side).",
"main": "index.js",
"bin": {