passed/README.md

# PassED
[Discord](https://discord.gg/NuGxJKtDKS) [Demo](https://passed.1e99.eu/)

EMail, but for passwords.

Did you ever run into the issue of needing to share a password with someone in a secure manner and you did not know how?

You want to send it to them by EMail, but there it will surely get logged along the way.

You want to write it send it to them over WhatsApp, but that's not that secure.

You want to write it on paper, but everyone can read that.

PassED solves these issues by allowing you to generate single-use URLs that contain your password.

## How it works
When you create a password URL, PassED firstly encrypts the password in your browser using `AES-GCM`. It then uploads the encrypted password to the server, which responds with an ID that uniquely identifies that password. The AES Key and IV (Initialization vector) is then stored in the URL, along with the ID.

When someone views the password, PassED looks at the URL. It knows the password ID, AES Key and IV. It reaches out to the server, asks for a password with the ID from the URL, and then decrypts it with the AES Key and IV.

This model ensures that a malicous host can not read the passwords.

## Installation
Installation can be done with docker compose or from source. As the website uses the [Web Crypto API](https://developer.mozilla.org/en-US/docs/Web/API/Web_Crypto_API) it needs to be in a [secure context](https://developer.mozilla.org/en-US/docs/Web/Security/Secure_Contexts). That means that you will need to access the website via "localhost" or HTTPS.
### Docker Compose
```yaml
services:
  "passed":
    build: "https://git.1e99.eu/1e99/passed.git"
    volumes:
      - "./passed:/etc/passed"
    environment:
      - "PASSED_STORE_TYPE=dir"
      - "PASSED_STORE_DIR_PATH=/etc/passed"
    ports:
      - "3000:3000"
```

### Source
1. Download the source code
```sh
git clone https://git.1e99.eu/1e99/passed.git
```
2. Ensure that you have go installed, if not follow this [guide](https://go.dev/doc/install).
3. Build the project
```sh
go build -o passed .
```
4. Run the project
```sh
PASSED_STORE_TYPE=dir ./passed
```

## Configuration
Configuration is done with environment variables.
- `PASSED_ADDRESS`: Specifies the address that PassED should listen on, defaults to `:3000`.
- `PASSED_LOG_REQUESTS`: Specifies wether HTTP requests should be logged or not, defaults to `true`.
- `PASSED_MAX_LENGTH`: Specifies the maximum password length in bytes, defaults to `12288` (12KiB).
- `PASSED_STORE_TYPE`: Specify which store is used to save passwords, defaults to `ram`:
  - `ram`: Stores all passwords in RAM, they are lost on restart.
  - `dir`: Stores all passwords in a directory. Requires `PASSED_STORE_DIR_PATH` to be set to the directory, defaults to `passwords`. PassED will **not** create the directory.
- `PASSED_STORE_CLEAR_INTERVAL`: Specifies the delay in seconds to wait between clearing expired passwords, defaults to `30`.
first commit 2024-10-29 23:08:11 +00:00			`# PassED`
add discord and demo to readme 2024-10-30 09:20:37 +00:00			`[Discord](https://discord.gg/NuGxJKtDKS) [Demo](https://passed.1e99.eu/)`

first commit 2024-10-29 23:08:11 +00:00			`EMail, but for passwords.`

			`Did you ever run into the issue of needing to share a password with someone in a secure manner and you did not know how?`

			`You want to send it to them by EMail, but there it will surely get logged along the way.`

			`You want to write it send it to them over WhatsApp, but that's not that secure.`

			`You want to write it on paper, but everyone can read that.`

			`PassED solves these issues by allowing you to generate single-use URLs that contain your password.`

			`## How it works`
add iv definition 2024-11-08 15:11:49 +00:00			When you create a password URL, PassED firstly encrypts the password in your browser using `AES-GCM`. It then uploads the encrypted password to the server, which responds with an ID that uniquely identifies that password. The AES Key and IV (Initialization vector) is then stored in the URL, along with the ID.
first commit 2024-10-29 23:08:11 +00:00
			`When someone views the password, PassED looks at the URL. It knows the password ID, AES Key and IV. It reaches out to the server, asks for a password with the ID from the URL, and then decrypts it with the AES Key and IV.`

			`This model ensures that a malicous host can not read the passwords.`
document installation 2024-10-30 16:05:12 +00:00
			`## Installation`
mention secure context in readme 2024-11-04 22:25:09 +00:00			`Installation can be done with docker compose or from source. As the website uses the [Web Crypto API](https://developer.mozilla.org/en-US/docs/Web/API/Web_Crypto_API) it needs to be in a [secure context](https://developer.mozilla.org/en-US/docs/Web/Security/Secure_Contexts). That means that you will need to access the website via "localhost" or HTTPS.`
add instructions for building from source 2024-10-30 16:17:29 +00:00			`### Docker Compose`
document installation 2024-10-30 16:05:12 +00:00			```yaml
			`services:`
			`"passed":`
			`build: "https://git.1e99.eu/1e99/passed.git"`
			`volumes:`
			`- "./passed:/etc/passed"`
			`environment:`
			`- "PASSED_STORE_TYPE=dir"`
			`- "PASSED_STORE_DIR_PATH=/etc/passed"`
			`ports:`
			`- "3000:3000"`
			```

add instructions for building from source 2024-10-30 16:17:29 +00:00			`### Source`
			`1. Download the source code`
			```sh
			`git clone https://git.1e99.eu/1e99/passed.git`
			```
			`2. Ensure that you have go installed, if not follow this [guide](https://go.dev/doc/install).`
			`3. Build the project`
			```sh
			`go build -o passed .`
			```
			`4. Run the project`
			```sh
			`PASSED_STORE_TYPE=dir ./passed`
			```

document installation 2024-10-30 16:05:12 +00:00			`## Configuration`
			`Configuration is done with environment variables.`
document new env variables 2024-11-08 15:06:59 +00:00			- `PASSED_ADDRESS`: Specifies the address that PassED should listen on, defaults to `:3000`.
			- `PASSED_LOG_REQUESTS`: Specifies wether HTTP requests should be logged or not, defaults to `true`.
			- `PASSED_MAX_LENGTH`: Specifies the maximum password length in bytes, defaults to `12288` (12KiB).
			- `PASSED_STORE_TYPE`: Specify which store is used to save passwords, defaults to `ram`:
			- `ram`: Stores all passwords in RAM, they are lost on restart.
			- `dir`: Stores all passwords in a directory. Requires `PASSED_STORE_DIR_PATH` to be set to the directory, defaults to `passwords`. PassED will not create the directory.
			- `PASSED_STORE_CLEAR_INTERVAL`: Specifies the delay in seconds to wait between clearing expired passwords, defaults to `30`.