42 lines
1.4 KiB
Markdown
42 lines
1.4 KiB
Markdown
The webapp is a web server that displays a shiny interface.
|
|
|
|
## security
|
|
|
|
* Listen only to localhost. **done**
|
|
* Instruct the user's web browser to open an url that contains a secret
|
|
token. This guards against other users on the same system. **done**
|
|
(I would like to avoid passwords or other authentication methods,
|
|
it's your local system.)
|
|
* Don't pass the url with secret token directly to the web browser,
|
|
as that exposes it to `ps`. Instead, write a html file only the user can read,
|
|
that redirects to the webapp. **done**
|
|
* Alternative for Linux at least would be to write a small program using
|
|
GTK+ Webkit, that runs the webapp, and can know what user ran it, avoiding
|
|
needing authentication.
|
|
|
|
## interface
|
|
|
|
* list of files uploading and downloading **done**
|
|
* progress bars for each file
|
|
* drag and drop to reorder
|
|
* cancel and pause
|
|
* button to open file browser on repo (`xdg-open $DIR`)
|
|
* keep it usable w/o javascript, and accessible to blind, etc
|
|
|
|
## other features
|
|
|
|
* there could be a UI to export a file, which would make it be served up
|
|
over http by the web app
|
|
* Display any relevant warning messages. One is the `inotify max_user_watches`
|
|
exceeded message.
|
|
|
|
## first start
|
|
|
|
* make git repo
|
|
|
|
## implementation
|
|
|
|
* possibly lose the ugly auth= token past the first page,
|
|
and use a client-side session. It could be encrypted using the token
|
|
as the `encryptKey`. Note: Would need to set the session duration
|
|
to infinite (how?)
|