blob: 7df93cf4017724c508db3a6e7770b714e7a88581 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
|
The webapp is a web server that displays a shiny interface.
## security
* Listen only to localhost. **done**
* Instruct the user's web browser to open an url that contains a secret
token. This guards against other users on the same system. **done**
(I would like to avoid passwords or other authentication methods,
it's your local system.)
* Don't pass the url with secret token directly to the web browser,
as that exposes it to `ps`. Instead, write a html file only the user can read,
that redirects to the webapp. **done**
* Alternative for Linux at least would be to write a small program using
GTK+ Webkit, that runs the webapp, and can know what user ran it, avoiding
needing authentication.
## interface
* list of files uploading and downloading **done**
* progress bars for each file
* drag and drop to reorder
* cancel and pause
* button to open file browser on repo (`xdg-open $DIR`)
* keep it usable w/o javascript, and accessible to blind, etc
## other features
* there could be a UI to export a file, which would make it be served up
over http by the web app
* Display any relevant warning messages. One is the `inotify max_user_watches`
exceeded message.
## first start
* make git repo **done**
* generate a nice description like "joey@hostname Desktop/annex"
* record repository that was made, and use it next time run
* write a pid file, to prevent more than one first-start process running
at once
## implementation
* possibly lose the ugly auth= token past the first page,
and use a client-side session. It could be encrypted using the token
as the `encryptKey`. Note: Would need to set the session duration
to infinite (how?)
|
