The webapp is a web server that displays a shiny interface. ## security * Listen only to localhost. **done** * Instruct the user's web browser to open an url that contains a secret token. This guards against other users on the same system. **done** (I would like to avoid passwords or other authentication methods, it's your local system.) * Don't pass the url with secret token directly to the web browser, as that exposes it to `ps`. Instead, write a html file only the user can read, that redirects to the webapp. **done** * Alternative for Linux at least would be to write a small program using GTK+ Webkit, that runs the webapp, and can know what user ran it, avoiding needing authentication. ## interface * list of files uploading and downloading **done** * progress bars for each file * drag and drop to reorder * cancel and pause * button to open file browser on repo (`xdg-open $DIR`) * keep it usable w/o javascript, and accessible to blind, etc ## other features * there could be a UI to export a file, which would make it be served up over http by the web app * Display any relevant warning messages. One is the `inotify max_user_watches` exceeded message. * possibly add a desktop file to the top of the repository that can be used to open the webapp (rather than using the menus). Would be complicated some by the path to git-annex sometimes needing to be hardcoded and varying across systems, so it would need to be a symlink to `.git/annex/desktop` which would be per-system. ## first start * make git repo **done** * generate a nice description like "joey@hostname Desktop/annex" * record repository that was made, and use it next time run * write a pid file, to prevent more than one first-start process running at once ## implementation * possibly lose the ugly auth= token past the first page, and use a client-side session. It could be encrypted using the token as the `encryptKey`. Note: Would need to set the session duration to infinite (how?)