git-annex/doc/design/assistant/webapp.mdwn

The webapp is a web server that displays a shiny interface.

## security

* Listen only to localhost. **done**
* Instruct the user's web browser to open an url that contains a secret
  token. This guards against other users on the same system. **done**
  (I would like to avoid passwords or other authentication methods,
  it's your local system.)
* Don't pass the url with secret token directly to the web browser,
  as that exposes it to `ps`. Instead, write a html file only the user can read,
  that redirects to the webapp. **done**
* Alternative for Linux at least would be to write a small program using
  GTK+ Webkit, that runs the webapp, and can know what user ran it, avoiding
  needing authentication.

## interface

* list of files uploading and downloading **done**
* progress bars for each file
* drag and drop to reorder
* cancel and pause
* button to open file browser on repo (`xdg-open $DIR`)
* keep it usable w/o javascript, and accessible to blind, etc

## other features

* there could be a UI to export a file, which would make it be served up
  over http by the web app
* Display any relevant warning messages. One is the `inotify max_user_watches`
  exceeded message.
* possibly add a desktop file to the top of the repository that can be used
  to open the webapp (rather than using the menus). Would be complicated
  some by the path to git-annex sometimes needing to be hardcoded and varying
  across systems, so it would need to be a symlink to `.git/annex/desktop`
  which would be per-system.

## first start

* make git repo **done**
* generate a nice description like "joey@hostname Desktop/annex"
* record repository that was made, and use it next time run
* write a pid file, to prevent more than one first-start process running
  at once

## implementation

* possibly lose the ugly auth= token past the first page,
  and use a client-side session. It could be encrypted using the token
  as the `encryptKey`. Note: Would need to set the session duration
  to infinite (how?)
add preliminary design 2012-05-27 01:11:19 +00:00			`The webapp is a web server that displays a shiny interface.`

			`## security`

updae 2012-07-26 09:21:05 +00:00			`* Listen only to localhost. done`
add preliminary design 2012-05-27 01:11:19 +00:00			`* Instruct the user's web browser to open an url that contains a secret`
updae 2012-07-26 09:21:05 +00:00			`token. This guards against other users on the same system. done`
updae 2012-07-26 09:22:17 +00:00			`(I would like to avoid passwords or other authentication methods,`
			`it's your local system.)`
update 2012-07-26 17:47:41 +00:00			`* Don't pass the url with secret token directly to the web browser,`
			as that exposes it to `ps`. Instead, write a html file only the user can read,
			`that redirects to the webapp. done`
update 2012-05-31 19:48:26 +00:00			`* Alternative for Linux at least would be to write a small program using`
			`GTK+ Webkit, that runs the webapp, and can know what user ran it, avoiding`
			`needing authentication.`
add preliminary design 2012-05-27 01:11:19 +00:00
			`## interface`

blog for the day Wow, what a nice productive day this was! 2012-07-29 01:53:04 +00:00			`* list of files uploading and downloading done`
add preliminary design 2012-05-27 01:11:19 +00:00			`* progress bars for each file`
			`* drag and drop to reorder`
			`* cancel and pause`
update 2012-07-31 20:13:19 +00:00			* button to open file browser on repo (`xdg-open $DIR`)
updates 2012-05-29 23:17:38 +00:00			`* keep it usable w/o javascript, and accessible to blind, etc`
add preliminary design 2012-05-27 01:11:19 +00:00
update 2012-05-31 19:28:04 +00:00			`## other features`

			`* there could be a UI to export a file, which would make it be served up`
			`over http by the web app`
update 2012-06-06 20:54:39 +00:00			* Display any relevant warning messages. One is the `inotify max_user_watches`
update 2012-07-29 17:45:56 +00:00			`exceeded message.`
done 2012-08-03 13:00:03 +00:00			`* possibly add a desktop file to the top of the repository that can be used`
			`to open the webapp (rather than using the menus). Would be complicated`
			`some by the path to git-annex sometimes needing to be hardcoded and varying`
			across systems, so it would need to be a symlink to `.git/annex/desktop`
			`which would be per-system.`
update 2012-05-31 19:28:04 +00:00
update 2012-07-31 20:13:19 +00:00			`## first start`

todo 2012-08-02 01:38:12 +00:00			`* make git repo done`
			`* generate a nice description like "joey@hostname Desktop/annex"`
			`* record repository that was made, and use it next time run`
			`* write a pid file, to prevent more than one first-start process running`
			`at once`
update 2012-07-31 20:13:19 +00:00
add preliminary design 2012-05-27 01:11:19 +00:00			`## implementation`

update 2012-07-26 15:53:18 +00:00			`* possibly lose the ugly auth= token past the first page,`
			`and use a client-side session. It could be encrypted using the token`
			as the `encryptKey`. Note: Would need to set the session duration
			`to infinite (how?)`