First commit

2024-06-10 20:40:22 +05:30 · 2024-06-10 20:40:22 +05:30 · 3c244e7c05
commit 3c244e7c05
20 changed files with 2996 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1,3 @@
 __pycache__
 .vscode
 database/*
--- a/auth.py
+++ b/auth.py
@ -0,0 +1,82 @@
 import datetime
 import json
 import os
 from typing import Any, Union
 import bcrypt
 import jwt
 from fastapi import Depends, HTTPException, status
 from fastapi.security import HTTPBearer
 from jwt.exceptions import InvalidTokenError
 ACCESS_TOKEN_EXPIRE_MINUTES = 30  # 30 minutes
 ALGORITHM = "HS256"
 JWT_SECRET_KEY = 'abcdefghijklmnopqrstuvwxyz'
 security = HTTPBearer()
 def create_access_token(subject: str|int, encryption_key: str, expires_delta: int = None) -> str:
    """Creates a jwt token for the logged in user"""
    if expires_delta is not None:
        expires_delta = datetime.datetime.now(datetime.timezone.utc) + expires_delta
    else:
        expires_delta = datetime.datetime.now(datetime.timezone.utc) + datetime.timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
    to_encode = {"exp": expires_delta, "sub": subject, "key": encryption_key}
    encoded_jwt = jwt.encode(to_encode, JWT_SECRET_KEY, ALGORITHM)
    return encoded_jwt
 def get_current_user(token: str = Depends(security)) -> dict:
    """Parses a jwt token and if it's valid, returns the user ID from it"""
    credentials_exception = HTTPException(
        status_code=status.HTTP_401_UNAUTHORIZED,
        detail="Could not validate credentials",
        headers={'WWW-Authenticate': 'Bearer'}
    )
    credential = token.credentials
    try:
        payload = jwt.decode(credential, JWT_SECRET_KEY, algorithms=[ALGORITHM])
        user_id: str = payload.get("sub")
        if user_id is None:
            raise credentials_exception
    except InvalidTokenError:
        raise credentials_exception
    with open('database/users.json', 'r') as f:
        text = f.read()
        if text:
            data = json.loads(text)
        else:
            raise credentials_exception
    user = [i for i in data if i['id']==user_id]
    if not user:
        raise credentials_exception
    cur_user = {'id': user_id}
    cur_user['username'] = user[0]['username']
    cur_user['encryption_key'] = payload['key']
    return cur_user
 class Hasher:
    """Class for hashing and verifying passwords"""
    @staticmethod
    def verify_password(plain_password: str, hashed_password: str) -> bool:
        encoded_password = plain_password.encode('utf-8')
        encoded_hash = hashed_password.encode('utf-8')
        return bcrypt.checkpw(encoded_password, encoded_hash)
    @staticmethod
    def get_password_hash(password: str) -> str:
        salt = bcrypt.gensalt()
        encoded_password = password.encode('utf-8')
        hash = bcrypt.hashpw(encoded_password, salt)
        return hash.decode('utf-8')
--- a/crypto.py
+++ b/crypto.py
@ -0,0 +1,42 @@
 import base64
 import os
 from cryptography.fernet import Fernet
 from cryptography.hazmat.primitives.kdf.scrypt import Scrypt
 def fernet_encrypt(value: bytes, key: bytes) -> bytes:
    f = Fernet(key)
    token = f.encrypt(value)
    return token
 def fernet_decrypt(value, key, return_bytes=False):
    f = Fernet(key)
    msg = f.decrypt(value)
    if return_bytes:
        return msg
    return msg.decode("utf-8")
 def generate_user_passkey(password: str, salt: bytes = None) -> tuple[bytes, bytes]:
    if salt is None:
        salt = os.urandom(128)
    kdf = Scrypt(salt=salt, length=32, n=2**14, r=8, p=1)
    user_passkey = kdf.derive(password.encode("utf-8"))
    return salt, base64.b64encode(user_passkey)
 def generate_random_encryption_key():
    return Fernet.generate_key()
 def serialize_bytes(byte_value):
    byte_value = base64.b64encode(byte_value)
    return byte_value.decode("utf-8")
 def deserialize_into_bytes(string):
    string = string.encode("utf-8")
    return base64.b64decode(string)
--- a/frontend/.eslintrc.cjs
+++ b/frontend/.eslintrc.cjs
@ -0,0 +1,14 @@
 /* eslint-env node */
 require('@rushstack/eslint-patch/modern-module-resolution')
 module.exports = {
  root: true,
  'extends': [
    'plugin:vue/vue3-essential',
    'eslint:recommended',
    '@vue/eslint-config-prettier/skip-formatting'
  ],
  parserOptions: {
    ecmaVersion: 'latest'
  }
 }
--- a/frontend/.gitignore
+++ b/frontend/.gitignore
@ -0,0 +1,30 @@
 # Logs
 logs
 *.log
 npm-debug.log*
 yarn-debug.log*
 yarn-error.log*
 pnpm-debug.log*
 lerna-debug.log*
 node_modules
 .DS_Store
 dist
 dist-ssr
 coverage
 *.local
 /cypress/videos/
 /cypress/screenshots/
 # Editor directories and files
 .vscode/*
 !.vscode/extensions.json
 .idea
 *.suo
 *.ntvs*
 *.njsproj
 *.sln
 *.sw?
 *.tsbuildinfo
--- a/frontend/.prettierrc.json
+++ b/frontend/.prettierrc.json
@ -0,0 +1,8 @@
 {
  "$schema": "https://json.schemastore.org/prettierrc",
  "semi": false,
  "tabWidth": 2,
  "singleQuote": true,
  "printWidth": 100,
  "trailingComma": "none"
 }
--- a/frontend/README.md
+++ b/frontend/README.md
@ -0,0 +1,35 @@
 # frontend
 This template should help get you started developing with Vue 3 in Vite.
 ## Recommended IDE Setup
 [VSCode](https://code.visualstudio.com/) + [Volar](https://marketplace.visualstudio.com/items?itemName=Vue.volar) (and disable Vetur).
 ## Customize configuration
 See [Vite Configuration Reference](https://vitejs.dev/config/).
 ## Project Setup
 ```sh
 npm install
 ```
 ### Compile and Hot-Reload for Development
 ```sh
 npm run dev
 ```
 ### Compile and Minify for Production
 ```sh
 npm run build
 ```
 ### Lint with [ESLint](https://eslint.org/)
 ```sh
 npm run lint
 ```
--- a/frontend/index.html
+++ b/frontend/index.html
@ -0,0 +1,13 @@
 <!DOCTYPE html>
 <html lang="en">
  <head>
    <meta charset="UTF-8">
    <link rel="icon" href="/favicon.ico">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Vite App</title>
  </head>
  <body>
    <div id="app"></div>
    <script type="module" src="/src/main.js"></script>
  </body>
 </html>
--- a/frontend/jsconfig.json
+++ b/frontend/jsconfig.json
@ -0,0 +1,8 @@
 {
  "compilerOptions": {
    "paths": {
      "@/*": ["./src/*"]
    }
  },
  "exclude": ["node_modules", "dist"]
 }
--- a/frontend/package-lock.json
+++ b/frontend/package-lock.json
--- a/frontend/package.json
+++ b/frontend/package.json
@ -0,0 +1,25 @@
 {
  "name": "frontend",
  "version": "0.0.0",
  "private": true,
  "type": "module",
  "scripts": {
    "dev": "vite",
    "build": "vite build",
    "preview": "vite preview",
    "lint": "eslint . --ext .vue,.js,.jsx,.cjs,.mjs --fix --ignore-path .gitignore",
    "format": "prettier --write src/"
  },
  "dependencies": {
    "vue": "^3.4.21"
  },
  "devDependencies": {
    "@rushstack/eslint-patch": "^1.8.0",
    "@vitejs/plugin-vue": "^5.0.4",
    "@vue/eslint-config-prettier": "^9.0.0",
    "eslint": "^8.57.0",
    "eslint-plugin-vue": "^9.23.0",
    "prettier": "^3.2.5",
    "vite": "^5.2.8"
  }
 }
--- a/frontend/public/favicon.ico
+++ b/frontend/public/favicon.ico
--- a/frontend/src/App.vue
+++ b/frontend/src/App.vue
@ -0,0 +1,15 @@
 <script setup>
 import HelloWorld from "./components/HelloWorld.vue";
 </script>
 <template>
  <div>
    <header>
      <div class="wrapper">
        <HelloWorld msg="You did it!" />
      </div>
    </header>
  </div>
 </template>
 <style scoped></style>
--- a/frontend/src/assets/base.css
+++ b/frontend/src/assets/base.css
@ -0,0 +1,86 @@
 /* color palette from <https://github.com/vuejs/theme> */
 :root {
  --vt-c-white: #ffffff;
  --vt-c-white-soft: #f8f8f8;
  --vt-c-white-mute: #f2f2f2;
  --vt-c-black: #181818;
  --vt-c-black-soft: #222222;
  --vt-c-black-mute: #282828;
  --vt-c-indigo: #2c3e50;
  --vt-c-divider-light-1: rgba(60, 60, 60, 0.29);
  --vt-c-divider-light-2: rgba(60, 60, 60, 0.12);
  --vt-c-divider-dark-1: rgba(84, 84, 84, 0.65);
  --vt-c-divider-dark-2: rgba(84, 84, 84, 0.48);
  --vt-c-text-light-1: var(--vt-c-indigo);
  --vt-c-text-light-2: rgba(60, 60, 60, 0.66);
  --vt-c-text-dark-1: var(--vt-c-white);
  --vt-c-text-dark-2: rgba(235, 235, 235, 0.64);
 }
 /* semantic color variables for this project */
 :root {
  --color-background: var(--vt-c-white);
  --color-background-soft: var(--vt-c-white-soft);
  --color-background-mute: var(--vt-c-white-mute);
  --color-border: var(--vt-c-divider-light-2);
  --color-border-hover: var(--vt-c-divider-light-1);
  --color-heading: var(--vt-c-text-light-1);
  --color-text: var(--vt-c-text-light-1);
  --section-gap: 160px;
 }
@media (prefers-color-scheme: dark) {
  :root {
    --color-background: var(--vt-c-black);
    --color-background-soft: var(--vt-c-black-soft);
    --color-background-mute: var(--vt-c-black-mute);
    --color-border: var(--vt-c-divider-dark-2);
    --color-border-hover: var(--vt-c-divider-dark-1);
    --color-heading: var(--vt-c-text-dark-1);
    --color-text: var(--vt-c-text-dark-2);
  }
 }
 *,
 *::before,
 *::after {
  box-sizing: border-box;
  margin: 0;
  font-weight: normal;
 }
 body {
  min-height: 100vh;
  color: var(--color-text);
  background: var(--color-background);
  transition:
    color 0.5s,
    background-color 0.5s;
  line-height: 1.6;
  font-family:
    Inter,
    -apple-system,
    BlinkMacSystemFont,
    'Segoe UI',
    Roboto,
    Oxygen,
    Ubuntu,
    Cantarell,
    'Fira Sans',
    'Droid Sans',
    'Helvetica Neue',
    sans-serif;
  font-size: 15px;
  text-rendering: optimizeLegibility;
  -webkit-font-smoothing: antialiased;
  -moz-osx-font-smoothing: grayscale;
 }
--- a/frontend/src/assets/main.css
+++ b/frontend/src/assets/main.css
@ -0,0 +1,35 @@
@import './base.css';
 #app {
  max-width: 1280px;
  margin: 0 auto;
  padding: 2rem;
  font-weight: normal;
 }
 a,
 .green {
  text-decoration: none;
  color: hsla(160, 100%, 37%, 1);
  transition: 0.4s;
  padding: 3px;
 }
@media (hover: hover) {
  a:hover {
    background-color: hsla(160, 100%, 37%, 0.2);
  }
 }
@media (min-width: 1024px) {
  body {
    display: flex;
    place-items: center;
  }
  #app {
    display: grid;
    grid-template-columns: 1fr 1fr;
    padding: 0 2rem;
  }
 }
--- a/frontend/src/components/HelloWorld.vue
+++ b/frontend/src/components/HelloWorld.vue
@ -0,0 +1,44 @@
 <script setup>
 defineProps({
  msg: {
    type: String,
    required: true
  }
 })
 </script>
 <template>
  <div class="greetings">
    <h1 class="green">{{ msg }}</h1>
    <h3>
      You’ve successfully created a project with
      <a href="https://vitejs.dev/" target="_blank" rel="noopener">Vite</a> +
      <a href="https://vuejs.org/" target="_blank" rel="noopener">Vue 3</a>.
    </h3>
  </div>
 </template>
 <style scoped>
 h1 {
  font-weight: 500;
  font-size: 2.6rem;
  position: relative;
  top: -10px;
 }
 h3 {
  font-size: 1.2rem;
 }
 .greetings h1,
 .greetings h3 {
  text-align: center;
 }
@media (min-width: 1024px) {
  .greetings h1,
  .greetings h3 {
    text-align: left;
  }
 }
 </style>
--- a/frontend/src/main.js
+++ b/frontend/src/main.js
@ -0,0 +1,6 @@
 import './assets/main.css'
 import { createApp } from 'vue'
 import App from './App.vue'
 createApp(App).mount('#app')
--- a/frontend/vite.config.js
+++ b/frontend/vite.config.js
@ -0,0 +1,16 @@
 import { fileURLToPath, URL } from 'node:url'
 import { defineConfig } from 'vite'
 import vue from '@vitejs/plugin-vue'
 // https://vitejs.dev/config/
 export default defineConfig({
  plugins: [
    vue(),
  ],
  resolve: {
    alias: {
      '@': fileURLToPath(new URL('./src', import.meta.url))
    }
  }
 })
--- a/main.py
+++ b/main.py
@ -0,0 +1,162 @@
 import json
 from fastapi import Depends, FastAPI, HTTPException
 from fastapi.encoders import jsonable_encoder
 from fastapi.middleware.cors import CORSMiddleware
 from fastapi.security import OAuth2PasswordBearer
 from auth import Hasher, create_access_token, get_current_user
 from crypto import (
    deserialize_into_bytes,
    fernet_decrypt,
    fernet_encrypt,
    generate_random_encryption_key,
    generate_user_passkey,
    serialize_bytes,
 )
 from models import Secret, User, UserLogin
 app = FastAPI()
 origins = [
    'http://localhost',
    'http://localhost:5173',
    "*"
 ]
 app.add_middleware(
    CORSMiddleware,
    allow_origins=origins,
    allow_credentials=True,
    allow_methods=['*'],
    allow_headers=['*']
 )
@app.get("/")
 async def root():
    return {"'message'": "Hello World"}
@app.post('/register')
 async def register(user: User):
    """Registers a user"""
    users = []
    with open('database/users.json', 'r') as f:
        text = f.read()
        if text:
            users = json.loads(text)
    if user.id is not None:
        raise HTTPException(
            status_code=400,
            detail="User id shall be auto generated, cannot be provided in request"
        )
    if not users:
        user.id = 0
    else:
        max_user_id = max([i['id'] for i in users])
        user.id = max_user_id + 1
    user_exists = [i for i in users if i['username'] == user.username]
    if user_exists:
        raise HTTPException(status_code=400, detail="Username already in use")
    encryption_key = generate_random_encryption_key()
    salt, master_key = generate_user_passkey(user.password)
    encrypted_encryption_key = fernet_encrypt(encryption_key, master_key)
    user.password = Hasher.get_password_hash(user.password)
    user.encryption_key = encrypted_encryption_key.decode('utf-8')
    user.salt = serialize_bytes(salt)
    users.append(jsonable_encoder(user))
    # print(f"{salt=}\n{user.salt=}\n{encrypted_encryption_key=}\n{user.encryption_key=}\n{master_key=}")
    with open('database/users.json', 'w') as f:
        json.dump(users, f)
    return {'user_id': user.id}
@app.post('/login')
 async def login(user: UserLogin):
    """logs in the user"""
    users = []
    with open('database/users.json', 'r') as f:
        text = f.read()
        if text:
            users.extend(json.loads(text))
    cur_user = [i for i in users if i['username']==user.username]
    if not cur_user:
        return {'message': "username or password is incorrect"}
    else:
        cur_user = cur_user[0]
    password_match = Hasher.verify_password(user.password, cur_user['password'])
    if not password_match:
        return {'message': "username or password is incorrect"}
    encrypted_encryption_key = cur_user['encryption_key'].encode()
    salt = deserialize_into_bytes(cur_user['salt'])
    _, master_key = generate_user_passkey(user.password, salt)
    encryption_key = fernet_decrypt(encrypted_encryption_key, master_key)
    access_token = create_access_token(subject=cur_user['id'], encryption_key=encryption_key)
    response = {
        'message': 'authenticated',
        'accessToken': access_token
    }
    return response
@app.post("/secret")
 async def create_secret(secret: Secret, current_user: dict = Depends(get_current_user)):
    """
    Stores and encrypted secret for the user.
    The encrypted secret is unreadable on the server and is encrypted on the front-end
    """
    data = []
    with open('database/secrets.json', 'r') as f:
        text = f.read()
        if text:
            data.extend(json.loads(text))
    secret.user_id = current_user['id']
    encryption_key = current_user['encryption_key'].encode()
    encrypted_data = fernet_encrypt(secret.data.encode(), encryption_key)
    secret.data = encrypted_data.decode('utf-8')
    data.append(jsonable_encoder(secret))
    with open('database/secrets.json', 'w') as f:
        json.dump(data, f)
    return secret
@app.get('/secret')
 async def list_secret(current_user: dict = Depends(get_current_user)):
    """Returns the encrypted secrets of the user."""
    data = []
    with open('database/secrets.json', 'r') as f:
        text = f.read()
        if text:
            data.extend(json.loads(text))
    user_id = current_user['id']
    encryption_key = current_user['encryption_key'].encode()
    user_secrets = [i for i in data if i['user_id']==user_id]
    for secret in user_secrets:
        cur_data = secret['data']
        decrypted_data = fernet_decrypt(cur_data, encryption_key)
        secret['data'] = decrypted_data
    return user_secrets
--- a/models.py
+++ b/models.py
@ -0,0 +1,26 @@
 import datetime
 from pydantic import BaseModel
 class User(BaseModel):
    id: int = None
    username: str
    password: str
    encryption_key: str = None
    salt: str = None
    created_on: str = datetime.datetime.now(datetime.timezone.utc).isoformat()
    active: bool = True
 class UserLogin(BaseModel):
    username: str
    password: str
 class Secret(BaseModel):
    user_id: int = None
    data: str
    salt: str = None
    notes: str = None
    added_on: str = datetime.datetime.now(datetime.timezone.utc).isoformat()
    modified_on: str = None
    active: bool = True