Merge pull request #90 from cupcakearmy/feature/52-Add-note-id-size-option

feat: add note id size option

.dockerignore

@@ -1,15 +1,15 @@
 *
 
-!/packages/backend/src
-!/packages/backend/Cargo.lock
-!/packages/backend/Cargo.toml
+!/packages
+!/package.json
+!/pnpm-lock.yaml
+!/pnpm-workspace.yaml
 
-!/packages/frontend/locales
-!/packages/frontend/src
-!/packages/frontend/static
-!/packages/frontend/.npmrc
-!/packages/frontend/package.json
-!/packages/frontend/pnpm-lock.yaml
-!/packages/frontend/svelte.config.js
-!/packages/frontend/tsconfig.json
-!/packages/frontend/vite.config.js
+**/target
+**/node_modules
+**/dist
+**/bin
+**/*.tsbuildinfo
+**/build
+**/.svelte
+**/.svelte-kit

.github/workflows/docker.yml

@@ -1,38 +0,0 @@
-name: Publish
-
-on:
-  workflow_dispatch:
-  push:
-    tags:
-      - "v*.*.*"
-
-jobs:
-  docker:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v1
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
-        with:
-          install: true
-      - name: Docker Labels
-        id: meta
-        uses: crazy-max/ghaction-docker-meta@v2
-        with:
-          images: cupcakearmy/cryptgeon
-          tags: |
-            type=semver,pattern={{version}}
-            type=semver,pattern={{major}}.{{minor}}
-            type=semver,pattern={{major}}
-      - name: Login to DockerHub
-        uses: docker/login-action@v1
-        with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
-      - name: Build and push
-        uses: docker/build-push-action@v2
-        with:
-          platforms: linux/amd64,linux/arm64
-          push: true
-          tags: ${{ steps.meta.outputs.tags }}

.github/workflows/release.yml

@@ -0,0 +1,58 @@
+name: Publish
+
+on:
+  workflow_dispatch:
+  push:
+    tags:
+      - 'v*.*.*'
+
+jobs:
+  cli:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+
+      - uses: pnpm/action-setup@v2
+      - uses: actions/setup-node@v3
+        with:
+          cache: 'pnpm'
+          node-version-file: '.nvmrc'
+          registry-url: 'https://registry.npmjs.org'
+
+      - run: |
+          pnpm install --frozen-lockfile
+          pnpm run build
+
+      - run: npm publish
+        working-directory: ./packages/cli
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+
+  docker:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: docker/setup-qemu-action@v2
+      - uses: docker/setup-buildx-action@v2
+        with:
+          install: true
+      - name: Docker Labels
+        id: meta
+        uses: docker/metadata-action@v4
+        with:
+          images: cupcakearmy/cryptgeon
+          tags: |
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=semver,pattern={{major}}
+      - name: Login to DockerHub
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      - name: Build and push
+        uses: docker/build-push-action@v4
+        with:
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}

.github/workflows/test.yaml

@@ -10,27 +10,30 @@ jobs:
   test:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-node@v2
-        with:
-          node-version: "16"
+      - uses: actions/checkout@v3
 
-      - uses: docker/setup-qemu-action@v1
-      - uses: docker/setup-buildx-action@v1
+      # Node
+      - uses: pnpm/action-setup@v2
+      - uses: actions/setup-node@v3
+        with:
+          cache: 'pnpm'
+          node-version-file: '.nvmrc'
+
+      # Docker
+      - uses: docker/setup-qemu-action@v2
+      - uses: docker/setup-buildx-action@v2
         with:
           install: true
-      - name: Build docker image
-        run: npm run test:prepare
 
       - name: Prepare
         run: |
-          npm install playwright
-          npx playwright install --with-deps
+          pnpm install --frozen-lockfile
+          pnpm exec playwright install --with-deps
+          pnpm run test:prepare
 
       - name: Run your tests
-        run: npm test
-      - uses: actions/upload-artifact@v2
-        if: always()
+        run: pnpm test
+      - uses: actions/upload-artifact@v3
         with:
           name: test-results
           path: test-results

.gitignore

@@ -1,14 +1,10 @@
+.env
+*.tsbuildinfo
+node_modules
+dist
+bin
 
-# Backend
 target
 
-# Client
-.DS_Store
-node_modules
-/.svelte
-/build
-/functions
-.env
-
-General
+# Testing
 test-results

.nvmrc

@@ -0,0 +1 @@
+v18.16

CHANGELOG.md

@@ -5,7 +5,17 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
-## [2.2.0] - 2023-01-14
+## [2.3.0] - 2023-05-30
+
+### Added
+
+- New CLI 🎉.
+- Russian language.
+- Option for reducing note id size (`ID_LENGTH`).
+
+### Changed
+
+- Moved to monorepo.
 
 ### Changed
 

Cryptgeon.postman_collection.json

@@ -0,0 +1,593 @@
+{
+	"info": {
+		"_postman_id": "52d9e661-2d99-47f8-b09a-40b6a1c0b364",
+		"name": "Cryptgeon",
+		"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
+	},
+	"item": [
+		{
+			"name": "Notes",
+			"item": [
+				{
+					"name": "Preview",
+					"request": {
+						"method": "GET",
+						"header": [],
+						"url": {
+							"raw": "{{BASE}}/notes/:id",
+							"host": [
+								"{{BASE}}"
+							],
+							"path": [
+								"notes",
+								":id"
+							],
+							"variable": [
+								{
+									"key": "id",
+									"value": "{{NOTE_ID}}",
+									"description": "Id of the Note"
+								}
+							]
+						},
+						"description": "This endpoint is to query wether a note exists, without actually opening it. No view limits are used here, as contents of the note are not available, only the `meta` field is returned, which is public."
+					},
+					"response": [
+						{
+							"name": "200",
+							"originalRequest": {
+								"method": "GET",
+								"header": [],
+								"url": {
+									"raw": "{{BASE}}/notes/:id",
+									"host": [
+										"{{BASE}}"
+									],
+									"path": [
+										"notes",
+										":id"
+									],
+									"variable": [
+										{
+											"key": "id",
+											"value": "{{NOTE_ID}}",
+											"description": "Id of the Note"
+										}
+									]
+								}
+							},
+							"status": "OK",
+							"code": 200,
+							"_postman_previewlanguage": "json",
+							"header": [
+								{
+									"key": "transfer-encoding",
+									"value": "chunked"
+								},
+								{
+									"key": "connection",
+									"value": "close"
+								},
+								{
+									"key": "content-type",
+									"value": "application/json"
+								},
+								{
+									"key": "content-encoding",
+									"value": "gzip"
+								},
+								{
+									"key": "vary",
+									"value": "accept-encoding"
+								},
+								{
+									"key": "date",
+									"value": "Tue, 23 May 2023 05:24:29 GMT"
+								}
+							],
+							"cookie": [],
+							"body": "{}"
+						},
+						{
+							"name": "404",
+							"originalRequest": {
+								"method": "GET",
+								"header": [],
+								"url": {
+									"raw": "{{BASE}}/notes/:id",
+									"host": [
+										"{{BASE}}"
+									],
+									"path": [
+										"notes",
+										":id"
+									],
+									"variable": [
+										{
+											"key": "id",
+											"value": "{{NOTE_ID}}",
+											"description": "Id of the Note"
+										}
+									]
+								}
+							},
+							"status": "Not Found",
+							"code": 404,
+							"_postman_previewlanguage": "plain",
+							"header": [
+								{
+									"key": "transfer-encoding",
+									"value": "chunked"
+								},
+								{
+									"key": "connection",
+									"value": "close"
+								},
+								{
+									"key": "vary",
+									"value": "accept-encoding"
+								},
+								{
+									"key": "content-encoding",
+									"value": "gzip"
+								},
+								{
+									"key": "date",
+									"value": "Tue, 23 May 2023 05:25:26 GMT"
+								}
+							],
+							"cookie": [],
+							"body": null
+						}
+					]
+				},
+				{
+					"name": "Create",
+					"event": [
+						{
+							"listen": "test",
+							"script": {
+								"exec": [
+									"const jsonData = pm.response.json();",
+									"pm.collectionVariables.set('NOTE_ID', jsonData.id)",
+									""
+								],
+								"type": "text/javascript"
+							}
+						}
+					],
+					"request": {
+						"method": "POST",
+						"header": [],
+						"body": {
+							"mode": "raw",
+							"raw": "{\n    \"contents\": \"Some encrypted content\",\n    \"views\": 1,\n    \"meta\": \"{\\\"type\\\":\\\"text\\\"}\"\n}",
+							"options": {
+								"raw": {
+									"language": "json"
+								}
+							}
+						},
+						"url": {
+							"raw": "{{BASE}}/notes/",
+							"host": [
+								"{{BASE}}"
+							],
+							"path": [
+								"notes",
+								""
+							]
+						}
+					},
+					"response": [
+						{
+							"name": "Simple",
+							"originalRequest": {
+								"method": "POST",
+								"header": [],
+								"body": {
+									"mode": "raw",
+									"raw": "{\n    \"contents\": \"Some encrypted content\",\n    \"views\": 1,\n    \"meta\": \"{\\\"type\\\":\\\"text\\\"}\"\n}",
+									"options": {
+										"raw": {
+											"language": "json"
+										}
+									}
+								},
+								"url": {
+									"raw": "{{BASE}}/notes/",
+									"host": [
+										"{{BASE}}"
+									],
+									"path": [
+										"notes",
+										""
+									]
+								}
+							},
+							"status": "OK",
+							"code": 200,
+							"_postman_previewlanguage": "json",
+							"header": [
+								{
+									"key": "transfer-encoding",
+									"value": "chunked"
+								},
+								{
+									"key": "connection",
+									"value": "close"
+								},
+								{
+									"key": "content-encoding",
+									"value": "gzip"
+								},
+								{
+									"key": "content-type",
+									"value": "application/json"
+								},
+								{
+									"key": "vary",
+									"value": "accept-encoding"
+								},
+								{
+									"key": "date",
+									"value": "Tue, 23 May 2023 05:31:54 GMT"
+								}
+							],
+							"cookie": [],
+							"body": "{\n    \"id\": \"1QeEWDQbQY9dOo8cDDQjykaEjouqugTR6A78sjgn4VMv\"\n}"
+						},
+						{
+							"name": "5 Minutes",
+							"originalRequest": {
+								"method": "POST",
+								"header": [],
+								"body": {
+									"mode": "raw",
+									"raw": "{\n    \"contents\": \"Some encrypted content\",\n    \"expiration\": 5,\n    \"meta\": \"{\\\"type\\\":\\\"text\\\"}\"\n}",
+									"options": {
+										"raw": {
+											"language": "json"
+										}
+									}
+								},
+								"url": {
+									"raw": "{{BASE}}/notes/",
+									"host": [
+										"{{BASE}}"
+									],
+									"path": [
+										"notes",
+										""
+									]
+								}
+							},
+							"status": "OK",
+							"code": 200,
+							"_postman_previewlanguage": "json",
+							"header": [
+								{
+									"key": "transfer-encoding",
+									"value": "chunked"
+								},
+								{
+									"key": "connection",
+									"value": "close"
+								},
+								{
+									"key": "content-encoding",
+									"value": "gzip"
+								},
+								{
+									"key": "content-type",
+									"value": "application/json"
+								},
+								{
+									"key": "vary",
+									"value": "accept-encoding"
+								},
+								{
+									"key": "date",
+									"value": "Tue, 23 May 2023 05:31:54 GMT"
+								}
+							],
+							"cookie": [],
+							"body": "{\n    \"id\": \"1QeEWDQbQY9dOo8cDDQjykaEjouqugTR6A78sjgn4VMv\"\n}"
+						},
+						{
+							"name": "3 Views",
+							"originalRequest": {
+								"method": "POST",
+								"header": [],
+								"body": {
+									"mode": "raw",
+									"raw": "{\n    \"contents\": \"Some encrypted content\",\n    \"views\": 3,\n    \"meta\": \"{\\\"type\\\":\\\"text\\\"}\"\n}",
+									"options": {
+										"raw": {
+											"language": "json"
+										}
+									}
+								},
+								"url": {
+									"raw": "{{BASE}}/notes/",
+									"host": [
+										"{{BASE}}"
+									],
+									"path": [
+										"notes",
+										""
+									]
+								}
+							},
+							"status": "OK",
+							"code": 200,
+							"_postman_previewlanguage": "json",
+							"header": [
+								{
+									"key": "transfer-encoding",
+									"value": "chunked"
+								},
+								{
+									"key": "connection",
+									"value": "close"
+								},
+								{
+									"key": "content-encoding",
+									"value": "gzip"
+								},
+								{
+									"key": "content-type",
+									"value": "application/json"
+								},
+								{
+									"key": "vary",
+									"value": "accept-encoding"
+								},
+								{
+									"key": "date",
+									"value": "Tue, 23 May 2023 05:31:54 GMT"
+								}
+							],
+							"cookie": [],
+							"body": "{\n    \"id\": \"1QeEWDQbQY9dOo8cDDQjykaEjouqugTR6A78sjgn4VMv\"\n}"
+						}
+					]
+				},
+				{
+					"name": "Read",
+					"request": {
+						"method": "DELETE",
+						"header": [],
+						"url": {
+							"raw": "{{BASE}}/notes/:id",
+							"host": [
+								"{{BASE}}"
+							],
+							"path": [
+								"notes",
+								":id"
+							],
+							"variable": [
+								{
+									"key": "id",
+									"value": "{{NOTE_ID}}"
+								}
+							]
+						},
+						"description": "This endpoint gets the actual contents of a note. It's a `DELETE` endpoint, es it decreases the `view` counter, and deletes the note if `0` is reached."
+					},
+					"response": [
+						{
+							"name": "200",
+							"originalRequest": {
+								"method": "DELETE",
+								"header": [],
+								"url": {
+									"raw": "{{BASE}}/notes/:id",
+									"host": [
+										"{{BASE}}"
+									],
+									"path": [
+										"notes",
+										":id"
+									],
+									"variable": [
+										{
+											"key": "id",
+											"value": "{{NOTE_ID}}"
+										}
+									]
+								}
+							},
+							"status": "OK",
+							"code": 200,
+							"_postman_previewlanguage": "json",
+							"header": [
+								{
+									"key": "transfer-encoding",
+									"value": "chunked"
+								},
+								{
+									"key": "connection",
+									"value": "close"
+								},
+								{
+									"key": "content-type",
+									"value": "application/json"
+								},
+								{
+									"key": "vary",
+									"value": "accept-encoding"
+								},
+								{
+									"key": "content-encoding",
+									"value": "gzip"
+								},
+								{
+									"key": "date",
+									"value": "Tue, 23 May 2023 05:59:07 GMT"
+								}
+							],
+							"cookie": [],
+							"body": "{\n    \"meta\": \"{\\\"type\\\":\\\"text\\\"}\",\n    \"contents\": \"Some encrypted content\"\n}"
+						},
+						{
+							"name": "404",
+							"originalRequest": {
+								"method": "DELETE",
+								"header": [],
+								"url": {
+									"raw": "{{BASE}}/notes/:id",
+									"host": [
+										"{{BASE}}"
+									],
+									"path": [
+										"notes",
+										":id"
+									],
+									"variable": [
+										{
+											"key": "id",
+											"value": "{{NOTE_ID}}"
+										}
+									]
+								}
+							},
+							"status": "Not Found",
+							"code": 404,
+							"_postman_previewlanguage": "plain",
+							"header": [
+								{
+									"key": "transfer-encoding",
+									"value": "chunked"
+								},
+								{
+									"key": "connection",
+									"value": "close"
+								},
+								{
+									"key": "vary",
+									"value": "accept-encoding"
+								},
+								{
+									"key": "content-encoding",
+									"value": "gzip"
+								},
+								{
+									"key": "date",
+									"value": "Tue, 23 May 2023 05:59:15 GMT"
+								}
+							],
+							"cookie": [],
+							"body": null
+						}
+					]
+				}
+			]
+		},
+		{
+			"name": "Status",
+			"item": [
+				{
+					"name": "Get",
+					"request": {
+						"method": "GET",
+						"header": [],
+						"url": {
+							"raw": "{{BASE}}/status/",
+							"host": [
+								"{{BASE}}"
+							],
+							"path": [
+								"status",
+								""
+							]
+						}
+					},
+					"response": [
+						{
+							"name": "200",
+							"originalRequest": {
+								"method": "GET",
+								"header": [],
+								"url": {
+									"raw": "{{BASE}}/status/",
+									"host": [
+										"{{BASE}}"
+									],
+									"path": [
+										"status",
+										""
+									]
+								}
+							},
+							"status": "OK",
+							"code": 200,
+							"_postman_previewlanguage": "json",
+							"header": [
+								{
+									"key": "transfer-encoding",
+									"value": "chunked"
+								},
+								{
+									"key": "connection",
+									"value": "close"
+								},
+								{
+									"key": "content-encoding",
+									"value": "gzip"
+								},
+								{
+									"key": "vary",
+									"value": "accept-encoding"
+								},
+								{
+									"key": "content-type",
+									"value": "application/json"
+								},
+								{
+									"key": "date",
+									"value": "Tue, 23 May 2023 05:56:45 GMT"
+								}
+							],
+							"cookie": [],
+							"body": "{\n    \"version\": \"2.3.0-beta.4\",\n    \"max_size\": 10485760,\n    \"max_views\": 100,\n    \"max_expiration\": 360,\n    \"allow_advanced\": true,\n    \"theme_image\": \"\",\n    \"theme_text\": \"\",\n    \"theme_page_title\": \"\",\n    \"theme_favicon\": \"\"\n}"
+						}
+					]
+				}
+			]
+		}
+	],
+	"event": [
+		{
+			"listen": "prerequest",
+			"script": {
+				"type": "text/javascript",
+				"exec": [
+					""
+				]
+			}
+		},
+		{
+			"listen": "test",
+			"script": {
+				"type": "text/javascript",
+				"exec": [
+					""
+				]
+			}
+		}
+	],
+	"variable": [
+		{
+			"key": "BASE",
+			"value": "http://localhost:1234/api",
+			"type": "default"
+		},
+		{
+			"key": "NOTE_ID",
+			"value": "",
+			"type": "default"
+		}
+	]
+}

Dockerfile

@@ -1,31 +1,28 @@
 # FRONTEND
-FROM node:16-alpine as client 
+FROM node:18-alpine as client 
 WORKDIR /tmp
-RUN npm install -g pnpm@7
-COPY ./packages/frontend ./
-RUN pnpm install
-RUN pnpm exec svelte-kit sync
+RUN npm install -g pnpm@8
+COPY . .
+RUN pnpm install --frozen-lockfile
 RUN pnpm run build
 
 
 # BACKEND
-FROM rust:1.64-alpine as backend
+FROM rust:1.69-alpine as backend
 WORKDIR /tmp
 RUN apk add libc-dev openssl-dev alpine-sdk
 COPY ./packages/backend/Cargo.* ./
-# https://blog.rust-lang.org/2022/06/22/sparse-registry-testing.html
-RUN rustup update nightly
-ENV CARGO_UNSTABLE_SPARSE_REGISTRY=true
-RUN cargo +nightly fetch
+ENV CARGO_REGISTRIES_CRATES_IO_PROTOCOL=sparse
+RUN cargo fetch
 COPY ./packages/backend ./
-RUN cargo +nightly build --release
+RUN cargo build --release
 
 
 # RUNNER
 FROM alpine
 WORKDIR /app
 COPY --from=backend /tmp/target/release/cryptgeon .
-COPY --from=client /tmp/build ./frontend
+COPY --from=client /tmp/packages/frontend/build ./frontend
 ENV FRONTEND_PATH="./frontend"
 ENV REDIS="redis://redis/"
 EXPOSE 8000

README.md

@@ -18,7 +18,8 @@ EN | [简体中文](README_zh-CN.md)
 
 ## About?
 
-_cryptgeon_ is a secure, open source sharing note or file service inspired by [_PrivNote_](https://privnote.com)
+_cryptgeon_ is a secure, open source sharing note or file service inspired by [_PrivNote_](https://privnote.com).
+It includes a server, a web page and a CLI client.
 
 > 🌍 If you want to translate the project feel free to reach out to me.
 >
@@ -26,10 +27,21 @@ _cryptgeon_ is a secure, open source sharing note or file service inspired by [_
 
 ## Live Service / Demo
 
+### Web
+
 Check out the live service / demo and see for yourself [cryptgeon.org](https://cryptgeon.org)
 
+### CLI
+
+```
+npx cryptgeon send text "This is a secret note"
+```
+
+For more documentation about the CLI see the [readme](./packages/cli/README.md).
+
 ## Features
 
+- send text or files
 - server cannot decrypt contents due to client side encryption
 - view or time constraints
 - in memory, no persistence
@@ -57,6 +69,7 @@ of the notes even if it tried to.
 | `MAX_VIEWS`        | `100`            | Maximal number of views.                                                                                                                                                                                      |
 | `MAX_EXPIRATION`   | `360`            | Maximal expiration in minutes.                                                                                                                                                                                |
 | `ALLOW_ADVANCED`   | `true`           | Allow custom configuration. If set to `false` all notes will be one view only.                                                                                                                                |
+| `ID_LENGTH`        | `32`             | Set the size of the note `id` in bytes. By default this is `32` bytes. This is useful for reducing link size. _This setting does not affect encryption strength_.                                             |
 | `VERBOSITY`        | `warn`           | Verbosity level for the backend. [Possible values](https://docs.rs/env_logger/latest/env_logger/#enabling-logging) are: `error`, `warn`, `info`, `debug`, `trace`                                             |
 | `THEME_IMAGE`      | `""`             | Custom image for replacing the logo. Must be publicly reachable                                                                                                                                               |
 | `THEME_TEXT`       | `""`             | Custom text for replacing the description below the logo                                                                                                                                                      |
@@ -112,6 +125,7 @@ There is a [guide](https://mariushosting.com/how-to-install-cryptgeon-on-your-sy
 
 ### YouTube Guides
 
+- English by [Webnestify](https://www.youtube.com/watch?v=XAyD42I7wyI)
 - English by [DB Tech](https://www.youtube.com/watch?v=S0jx7wpOfNM) [Previous Video](https://www.youtube.com/watch?v=JhpIatD06vE)
 - German by [ApfelCast](https://www.youtube.com/watch?v=84ZMbE9AkHg)
 
@@ -120,14 +134,13 @@ There is a [guide](https://mariushosting.com/how-to-install-cryptgeon-on-your-sy
 **Requirements**
 
 - `pnpm`: `>=6`
-- `node`: `>=16`
+- `node`: `>=18`
 - `rust`: edition `2021`
 
 **Install**
 
 ```bash
 pnpm install
-pnpm --prefix frontend install
 
 # Also you need cargo watch if you don't already have it installed.
 # https://lib.rs/crates/cargo-watch
@@ -147,19 +160,19 @@ Running `pnpm run dev` in the root folder will start the following things:
 - redis docker container
 - rust backend
 - client
+- cli
 
 You can see the app under [localhost:1234](http://localhost:1234).
 
-## Tests
+> There is a Postman collection with some example requests [available in the repo](./Cryptgeon.postman_collection.json)
+
+### Tests
 
 Tests are end to end tests written with Playwright.
 
 ```sh
 pnpm run test:prepare
-docker compose up redis -d
-pnpm run test:server
 
-# In another terminal.
 # Use the test or test:local script. The local version only runs in one browser for quicker development.
 pnpm run test:local
 ```
@@ -168,7 +181,9 @@ pnpm run test:local
 
 Please refer to the security section [here](./SECURITY.md).
 
-###### Attributions
+---
+
+_Attributions_
 
 - Test data:
   - Text for tests [Nietzsche Ipsum](https://nietzsche-ipsum.com/)

cryptgeon.code-workspace

@@ -5,12 +5,19 @@
     },
     {
       "path": "packages/backend"
+    },
+    {
+      "path": "packages/frontend"
+    },
+    {
+      "path": "packages/cli"
+    },
+    {
+      "path": "packages/shared"
     }
   ],
   "settings": {
-    "cSpell.words": ["ciphertext", "cryptgeon"],
-    "i18n-ally.enabledFrameworks": ["svelte"],
-    "i18n-ally.keystyle": "nested",
-    "i18n-ally.localesPaths": ["packages/frontend/locales"]
+    "i18n-ally.localesPaths": ["locales"],
+    "cSpell.words": ["cryptgeon"]
   }
 }

docker-compose.dev.yaml

@@ -10,7 +10,6 @@ services:
       - 6379:6379
 
   app:
-    image: cupcakearmy/cryptgeon:test
     build: .
     env_file: .dev.env
     depends_on:

package.json

@@ -1,18 +1,21 @@
 {
+  "packageManager": "pnpm@8.5.1",
   "scripts": {
     "dev:docker": "docker-compose -f docker-compose.dev.yaml up redis",
     "dev:packages": "pnpm --parallel run dev",
-    "dev:proxy": "node proxy.mjs",
     "dev": "run-p dev:*",
+    "docker:up": "docker compose -f docker-compose.dev.yaml up",
+    "docker:build": "docker compose -f docker-compose.dev.yaml build",
     "test": "playwright test --project chrome firefox safari",
-    "test:local": "playwright test --project local",
-    "test:server": "docker compose -f docker-compose.dev.yaml up",
-    "test:prepare": "docker compose -f docker-compose.dev.yaml build"
+    "test:local": "playwright test --project chrome",
+    "test:server": "run-s docker:up",
+    "test:prepare": "run-p build docker:build",
+    "build": "pnpm run --recursive --filter=!@cryptgeon/backend build"
   },
   "devDependencies": {
-    "@playwright/test": "^1.29.2",
-    "@types/node": "^16.18.11",
-    "http-proxy": "^1.18.1",
-    "npm-run-all": "^4.1.5"
+    "@playwright/test": "^1.33.0",
+    "@types/node": "^20.1.3",
+    "npm-run-all": "^4.1.5",
+    "shelljs": "^0.8.5"
   }
 }

packages/backend/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "cryptgeon"
-version = "2.2.0"
+version = "2.3.0"
 authors = ["cupcakearmy <hi@nicco.io>"]
 edition = "2021"
 
@@ -8,8 +8,6 @@ edition = "2021"
 name = "cryptgeon"
 path = "src/main.rs"
 
-# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
-
 [dependencies]
 actix-web = "4"
 actix-files = "0.6"

packages/backend/package.json

@@ -1,6 +1,6 @@
 {
-  "name": "backend",
   "private": true,
+  "name": "@cryptgeon/backend",
   "scripts": {
     "dev": "cargo watch -x 'run --bin cryptgeon'",
     "build": "cargo build --release",

packages/backend/src/config.rs

@@ -30,6 +30,10 @@ lazy_static! {
     .unwrap_or("true".to_string())
     .parse()
     .unwrap();
+  pub static ref ID_LENGTH: u32 = std::env::var("ID_LENGTH")
+    .unwrap_or("32".to_string())
+    .parse()
+    .unwrap();
 }
 
 // THEME

packages/backend/src/note/model.rs

@@ -2,6 +2,8 @@ use bs62;
 use ring::rand::SecureRandom;
 use serde::{Deserialize, Serialize};
 
+use crate::config;
+
 #[derive(Serialize, Deserialize, Clone)]
 pub struct Note {
     pub meta: String,
@@ -11,7 +13,9 @@ pub struct Note {
 }
 
 #[derive(Serialize, Deserialize, Clone)]
-pub struct NoteInfo {}
+pub struct NoteInfo {
+    pub meta: String,
+}
 
 #[derive(Serialize, Deserialize, Clone)]
 pub struct NotePublic {
@@ -20,8 +24,13 @@ pub struct NotePublic {
 }
 
 pub fn generate_id() -> String {
-    let mut id: [u8; 32] = [0; 32];
+    let mut result = "".to_owned();
+    let mut id: [u8; 1] = [0; 1];
     let sr = ring::rand::SystemRandom::new();
+
+    for _ in 0..*config::ID_LENGTH {
         let _ = sr.fill(&mut id);
-    return bs62::encode_data(&id);
+        result.push_str(&bs62::encode_data(&id));
+    }
+    return result;
 }

packages/backend/src/note/routes.rs

@@ -24,7 +24,7 @@ async fn one(path: web::Path<NotePath>) -> impl Responder {
     let note = store::get(&p.id);
 
     match note {
-        Ok(Some(_)) => HttpResponse::Ok().json(NoteInfo {}),
+        Ok(Some(n)) => HttpResponse::Ok().json(NoteInfo { meta: n.meta }),
         Ok(None) => HttpResponse::NotFound().finish(),
         Err(e) => HttpResponse::InternalServerError().body(e.to_string()),
     }

packages/cli/README.md

@@ -0,0 +1,54 @@
+# Cryptgeon CLI
+
+The CLI is a functionally identical way to interact with cryptgeon notes.
+It supports text, files, expiration, password, etc.
+
+## Installation
+
+```bash
+npx cryptgeon
+
+# Or install globally
+npm -g install cryptgeon
+cryptgeon
+```
+
+## Examples
+
+```bash
+# Create simple note
+cryptgeon send text "Foo bar"
+
+# Send two files
+cryptgeon send file my.pdf picture.png
+
+# 3 views
+cryptgeon send text "My message" --views 3
+
+# 10 minutes
+cryptgeon send text "My message" --minutes 10
+
+# Custom password
+cryptgeon send text "My message" --password "1337"
+
+# Password from stdin
+echo "1337" | cryptgeon send text "My message"
+
+# Open a link
+cryptgeon open https://cryptgeon.org/note/16gOIkxWjCxYNuXM8tCqMUzl...
+```
+
+## Options
+
+### Custom server
+
+The default server is `cryptgeon.org`, however you can use any cryptgeon server by passing the `-s` or `--server` option, or by setting the `CRYPTGEON_SERVER` environment variable.
+
+### Password
+
+Optionally, just like in the web ui, you can choose to use a manual password. You can do that by passing the `-p` or `--password` options, or by piping it into stdin.
+
+```bash
+echo "my pw" | cryptgeon send text "my text"
+cat pass.txt | cryptgeon send text "my text"
+```

packages/cli/package.json

@@ -0,0 +1,43 @@
+{
+  "version": "2.3.0",
+  "name": "cryptgeon",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/cupcakearmy/cryptgeon.git",
+    "directory": "packages/cli"
+  },
+  "homepage": "https://github.com/cupcakearmy/cryptgeon",
+  "type": "module",
+  "engines": {
+    "node": ">=18"
+  },
+  "scripts": {
+    "dev": "./scripts/build.js --watch",
+    "build": "./scripts/build.js",
+    "package": "./scripts/package.js",
+    "bin": "run-s build package",
+    "prepublishOnly": "run-s build"
+  },
+  "main": "./dist/index.cjs",
+  "bin": {
+    "cryptgeon": "./dist/index.cjs"
+  },
+  "files": [
+    "dist"
+  ],
+  "devDependencies": {
+    "@commander-js/extra-typings": "^10.0.3",
+    "@cryptgeon/shared": "workspace:*",
+    "@types/inquirer": "^9.0.3",
+    "@types/mime": "^3.0.1",
+    "@types/node": "^20.1.3",
+    "commander": "^10.0.1",
+    "esbuild": "^0.17.19",
+    "inquirer": "^9.2.2",
+    "mime": "^3.0.0",
+    "occulto": "^2.0.1",
+    "pkg": "^5.8.1",
+    "pretty-bytes": "^6.1.0",
+    "typescript": "^5.0.4"
+  }
+}

packages/cli/scripts/build.js

@@ -0,0 +1,17 @@
+#!/usr/bin/env node
+
+import { build, context } from 'esbuild'
+import pkg from '../package.json' assert { type: 'json' }
+
+const options = {
+  entryPoints: ['./src/index.ts'],
+  bundle: true,
+  minify: true,
+  platform: 'node',
+  outfile: './dist/index.cjs',
+  define: { VERSION: `"${pkg.version}"` },
+}
+
+const watch = process.argv.slice(2)[0] === '--watch'
+if (watch) (await context(options)).watch()
+else await build(options)

packages/cli/scripts/package.js

@@ -0,0 +1,17 @@
+#!/usr/bin/env node
+
+import { exec } from 'pkg'
+
+const targets = [
+  'node18-macos-arm64',
+  'node18-macos-x64',
+  'node18-linux-arm64',
+  'node18-linux-x64',
+  'node18-win-arm64',
+  'node18-win-x64',
+]
+
+for (const target of targets) {
+  console.log(`🚀 Building ${target}`)
+  await exec(['./dist/index.cjs', '--target', target, '--output', `./bin/${target.replace('node18', 'cryptgeon')}`])
+}

packages/cli/src/download.ts

@@ -0,0 +1,86 @@
+import { Adapters, get, info, setBase } from '@cryptgeon/shared'
+import inquirer from 'inquirer'
+import { access, constants, writeFile } from 'node:fs/promises'
+import { basename, resolve } from 'node:path'
+import { AES, Hex } from 'occulto'
+import pretty from 'pretty-bytes'
+
+import { exit } from './utils'
+
+export async function download(url: URL, all: boolean, suggestedPassword?: string) {
+  setBase(url.origin)
+  const id = url.pathname.split('/')[2]
+  const preview = await info(id).catch(() => exit('Note does not exist or is expired'))
+
+  // Password
+  let password: string
+  const derivation = preview?.meta.derivation
+  if (derivation) {
+    if (suggestedPassword) {
+      password = suggestedPassword
+    } else {
+      const response = await inquirer.prompt([
+        {
+          type: 'password',
+          message: 'Note password',
+          name: 'password',
+        },
+      ])
+      password = response.password
+    }
+  } else {
+    password = url.hash.slice(1)
+  }
+
+  const key = derivation ? (await AES.derive(password, derivation))[0] : Hex.decode(password)
+  const note = await get(id)
+
+  const couldNotDecrypt = () => exit('Could not decrypt note. Probably an invalid password')
+  switch (note.meta.type) {
+    case 'file':
+      const files = await Adapters.Files.decrypt(note.contents, key).catch(couldNotDecrypt)
+      if (!files) {
+        exit('No files found in note')
+        return
+      }
+
+      let selected: typeof files
+      if (all) {
+        selected = files
+      } else {
+        const { names } = await inquirer.prompt([
+          {
+            type: 'checkbox',
+            message: 'What files should be saved?',
+            name: 'names',
+            choices: files.map((file) => ({
+              value: file.name,
+              name: `${file.name} - ${file.type} - ${pretty(file.size, { binary: true })}`,
+              checked: true,
+            })),
+          },
+        ])
+        selected = files.filter((file) => names.includes(file.name))
+      }
+
+      if (!selected.length) exit('No files selected')
+      await Promise.all(
+        selected.map(async (file) => {
+          let filename = resolve(file.name)
+          try {
+            // If exists -> prepend timestamp to not overwrite the current file
+            await access(filename, constants.R_OK)
+            filename = resolve(`${Date.now()}-${file.name}`)
+          } catch {}
+          await writeFile(filename, file.contents)
+          console.log(`Saved: ${basename(filename)}`)
+        })
+      )
+
+      break
+    case 'text':
+      const plaintext = await Adapters.Text.decrypt(note.contents, key).catch(couldNotDecrypt)
+      console.log(plaintext)
+      break
+  }
+}

packages/cli/src/index.ts

@@ -0,0 +1,104 @@
+#!/usr/bin/env node
+
+import { Argument, Option, program } from '@commander-js/extra-typings'
+import { setBase, status } from '@cryptgeon/shared'
+import prettyBytes from 'pretty-bytes'
+
+import { download } from './download.js'
+import { parseFile, parseNumber } from './parsers.js'
+import { getStdin } from './stdin.js'
+import { upload } from './upload.js'
+import { exit } from './utils.js'
+
+const defaultServer = process.env['CRYPTGEON_SERVER'] || 'https://cryptgeon.org'
+const server = new Option('-s --server <url>', 'the cryptgeon server to use').default(defaultServer)
+const files = new Argument('<file...>', 'Files to be sent').argParser(parseFile)
+const text = new Argument('<text>', 'Text content of the note')
+const password = new Option('-p --password <string>', 'manually set a password')
+const all = new Option('-a --all', 'Save all files without prompt').default(false)
+const url = new Argument('<url>', 'The url to open')
+const views = new Option('-v --views <number>', 'Amount of views before getting destroyed').argParser(parseNumber)
+const minutes = new Option('-m --minutes <number>', 'Minutes before the note expires').argParser(parseNumber)
+
+// Node 18 guard
+parseInt(process.version.slice(1).split(',')[0]) < 18 && exit('Node 18 or higher is required')
+
+// @ts-ignore
+const version: string = VERSION
+
+async function checkConstrains(constrains: { views?: number; minutes?: number }) {
+  const { views, minutes } = constrains
+  if (views && minutes) exit('cannot set view and minutes constrains simultaneously')
+  if (!views && !minutes) constrains.views = 1
+
+  const response = await status()
+  if (views && views > response.max_views)
+    exit(`Only a maximum of ${response.max_views} views allowed. ${views} given.`)
+  if (minutes && minutes > response.max_expiration)
+    exit(`Only a maximum of ${response.max_expiration} minutes allowed. ${minutes} given.`)
+}
+
+program.name('cryptgeon').version(version).configureHelp({ showGlobalOptions: true })
+
+program
+  .command('info')
+  .description('show information about the server')
+  .addOption(server)
+  .action(async (options) => {
+    setBase(options.server)
+    const response = await status()
+    const formatted = {
+      ...response,
+      max_size: prettyBytes(response.max_size),
+    }
+    for (const key of Object.keys(formatted)) {
+      if (key.startsWith('theme_')) delete formatted[key as keyof typeof formatted]
+    }
+    console.table(formatted)
+  })
+
+const send = program.command('send').description('send a note')
+send
+  .command('file')
+  .addArgument(files)
+  .addOption(server)
+  .addOption(views)
+  .addOption(minutes)
+  .addOption(password)
+  .action(async (files, options) => {
+    setBase(options.server!)
+    await checkConstrains(options)
+    options.password ||= await getStdin()
+    await upload(files, { views: options.views, expiration: options.minutes, password: options.password })
+  })
+send
+  .command('text')
+  .addArgument(text)
+  .addOption(server)
+  .addOption(views)
+  .addOption(minutes)
+  .addOption(password)
+  .action(async (text, options) => {
+    setBase(options.server!)
+    await checkConstrains(options)
+    options.password ||= await getStdin()
+    await upload(text, { views: options.views, expiration: options.minutes, password: options.password })
+  })
+
+program
+  .command('open')
+  .description('open a link with text or files inside')
+  .addArgument(url)
+  .addOption(password)
+  .addOption(all)
+  .action(async (note, options) => {
+    try {
+      const url = new URL(note)
+      options.password ||= await getStdin()
+      await download(url, options.all, options.password)
+    } catch {
+      exit('Invalid URL')
+    }
+  })
+
+program.parse()

packages/cli/src/parsers.ts

@@ -0,0 +1,27 @@
+import { InvalidArgumentError, InvalidOptionArgumentError } from '@commander-js/extra-typings'
+import { accessSync, constants } from 'node:fs'
+import { resolve } from 'node:path'
+
+export function parseFile(value: string, before: string[] = []) {
+  try {
+    const file = resolve(value)
+    accessSync(file, constants.R_OK)
+    return [...before, file]
+  } catch {
+    throw new InvalidArgumentError('cannot access file')
+  }
+}
+
+export function parseURL(value: string, _: URL): URL {
+  try {
+    return new URL(value)
+  } catch {
+    throw new InvalidArgumentError('is not a valid url')
+  }
+}
+
+export function parseNumber(value: string, _: number): number {
+  const n = parseInt(value, 10)
+  if (isNaN(n)) throw new InvalidOptionArgumentError('invalid number')
+  return n
+}

packages/cli/src/stdin.ts

@@ -0,0 +1,24 @@
+export function getStdin(timeout: number = 10): Promise<string> {
+  return new Promise<string>((resolve, reject) => {
+    // Store the data from stdin in a buffer
+    let buffer = ''
+    let t: NodeJS.Timeout
+
+    const dataHandler = (d: Buffer) => (buffer += d.toString())
+    const endHandler = () => {
+      clearTimeout(t)
+      resolve(buffer.trim())
+    }
+
+    // Stop listening for data after the timeout, otherwise hangs indefinitely
+    t = setTimeout(() => {
+      process.stdin.removeListener('data', dataHandler)
+      process.stdin.removeListener('end', endHandler)
+      process.stdin.pause()
+      resolve('')
+    }, timeout)
+
+    process.stdin.on('data', dataHandler)
+    process.stdin.on('end', endHandler)
+  })
+}

packages/cli/src/upload.ts

@@ -0,0 +1,51 @@
+import { readFile, stat } from 'node:fs/promises'
+import { basename } from 'node:path'
+
+import { Adapters, BASE, create, FileDTO, Note, NoteMeta } from '@cryptgeon/shared'
+import mime from 'mime'
+import { AES, Hex, TypedArray } from 'occulto'
+
+import { exit } from './utils.js'
+
+type UploadOptions = Pick<Note, 'views' | 'expiration'> & { password?: string }
+
+export async function upload(input: string | string[], options: UploadOptions) {
+  try {
+    const { password, ...noteOptions } = options
+    const derived = options.password ? await AES.derive(options.password) : undefined
+    const key = derived ? derived[0] : await AES.generateKey()
+
+    let contents: string
+    let type: NoteMeta['type']
+    if (typeof input === 'string') {
+      contents = await Adapters.Text.encrypt(input, key)
+      type = 'text'
+    } else {
+      const files: FileDTO[] = await Promise.all(
+        input.map(async (path) => {
+          const data = new Uint8Array(await readFile(path))
+          const stats = await stat(path)
+          const extension = path.substring(path.indexOf('.') + 1)
+          const type = mime.getType(extension) ?? 'application/octet-stream'
+          return {
+            name: basename(path),
+            size: stats.size,
+            contents: data,
+            type,
+          } satisfies FileDTO
+        })
+      )
+      contents = await Adapters.Files.encrypt(files, key)
+      type = 'file'
+    }
+
+    // Create the actual note and upload it.
+    const note: Note = { ...noteOptions, contents, meta: { type, derivation: derived?.[1] } }
+    const result = await create(note)
+    let url = `${BASE}/note/${result.id}`
+    if (!derived) url += `#${Hex.encode(key)}`
+    console.log(`Note created:\n\n${url}`)
+  } catch {
+    exit('Could not create note')
+  }
+}

packages/cli/src/utils.ts

@@ -0,0 +1,6 @@
+import { exit as exitNode } from 'node:process'
+
+export function exit(message: string) {
+  console.error(message)
+  exitNode(1)
+}

packages/cli/tsconfig.json

@@ -0,0 +1,10 @@
+{
+  "compilerOptions": {
+    "target": "es2022",
+    "module": "es2022",
+    "moduleResolution": "node",
+    "noEmit": true,
+    "strict": true,
+    "allowSyntheticDefaultImports": true
+  }
+}

packages/frontend/.npmrc

@@ -1 +0,0 @@
-engine-strict=true

packages/frontend/locales/de.json

@@ -16,7 +16,8 @@
 		"decrypting": "entschlüsselt",
 		"uploading": "hochladen",
 		"downloading": "wird heruntergeladen",
-		"qr_code": "qr-code"
+		"qr_code": "qr-code",
+		"password": "Passwort"
 	},
 	"home": {
 		"intro": "Senden Sie ganz einfach <i>vollständig verschlüsselte</i>, sichere Notizen oder Dateien mit einem Klick. Erstellen Sie einfach eine Notiz und teilen Sie den Link.",
@@ -31,6 +32,10 @@
 		},
 		"messages": {
 			"note_created": "notiz erstellt."
+		},
+		"advanced": {
+			"explanation": "Standardmäßig wird für jede Notiz ein sicher generiertes Passwort verwendet. Sie können jedoch auch ein eigenes Kennwort wählen, das nicht in dem Link enthalten ist.",
+			"custom_password": "benutzerdefiniertes Passwort"
 		}
 	},
 	"show": {

packages/frontend/locales/en.json

@@ -16,7 +16,8 @@
 		"decrypting": "decrypting",
 		"uploading": "uploading",
 		"downloading": "downloading",
-		"qr_code": "qr code"
+		"qr_code": "qr code",
+		"password": "password"
 	},
 	"home": {
 		"intro": "Easily send <i>fully encrypted</i>, secure notes or files with one click. Just create a note and share the link.",
@@ -31,6 +32,10 @@
 		},
 		"messages": {
 			"note_created": "note created."
+		},
+		"advanced": {
+			"explanation": "By default, a securely generated password is used for each note. You can however also choose your own password, which is not included in the link.",
+			"custom_password": "custom password"
 		}
 	},
 	"show": {

packages/frontend/locales/es.json

@@ -16,7 +16,8 @@
 		"decrypting": "descifrando",
 		"uploading": "cargando",
 		"downloading": "descargando",
-		"qr_code": "código qr"
+		"qr_code": "código qr",
+		"password": "contraseña"
 	},
 	"home": {
 		"intro": "Envía fácilmente notas o archivos <i>totalmente encriptados</i> y seguros con un solo clic. Solo tienes que crear una nota y compartir el enlace.",
@@ -31,6 +32,10 @@
 		},
 		"messages": {
 			"note_created": "nota creada."
+		},
+		"advanced": {
+			"explanation": "Por defecto, se utiliza una contraseña generada de forma segura para cada nota. No obstante, también puede elegir su propia contraseña, que no se incluye en el enlace.",
+			"custom_password": "contraseña personalizada"
 		}
 	},
 	"show": {
@@ -41,7 +46,7 @@
 		},
 		"explanation": "pulse abajo para mostrar y borrar la nota si el contador ha llegado a su límite",
 		"show_note": "mostrar nota",
-		"warning_will_not_see_again": " <b>no</b> tendrás la oportunidad de volver a ver la nota.",
+		"warning_will_not_see_again": "<b>no</b> tendrás la oportunidad de volver a ver la nota.",
 		"download_all": "descargar todo"
 	},
 	"file_upload": {

packages/frontend/locales/fr.json

@@ -16,7 +16,8 @@
 		"decrypting": "déchiffrer",
 		"uploading": "téléchargement",
 		"downloading": "téléchargement",
-		"qr_code": "code qr"
+		"qr_code": "code qr",
+		"password": "mot de passe"
 	},
 	"home": {
 		"intro": "Envoyez facilement des notes ou des fichiers <i>entièrement cryptés</i> et sécurisés en un seul clic. Il suffit de créer une note et de partager le lien.",
@@ -31,6 +32,10 @@
 		},
 		"messages": {
 			"note_created": "note créée."
+		},
+		"advanced": {
+			"explanation": "Par défaut, un mot de passe généré de manière sécurisée est utilisé pour chaque note. Vous pouvez toutefois choisir votre propre mot de passe, qui n'est pas inclus dans le lien.",
+			"custom_password": "mot de passe personnalisé"
 		}
 	},
 	"show": {

packages/frontend/locales/it.json

@@ -16,7 +16,8 @@
 		"decrypting": "decifrando",
 		"uploading": "caricamento",
 		"downloading": "scaricando",
-		"qr_code": "codice qr"
+		"qr_code": "codice qr",
+		"password": "password"
 	},
 	"home": {
 		"intro": "Invia facilmente note o file <i>completamente criptati</i> e sicuri con un solo clic. Basta creare una nota e condividere il link.",
@@ -31,6 +32,10 @@
 		},
 		"messages": {
 			"note_created": "nota creata."
+		},
+		"advanced": {
+			"explanation": "Per impostazione predefinita, per ogni nota viene utilizzata una password generata in modo sicuro. È tuttavia possibile scegliere la propria password, che non è inclusa nel link.",
+			"custom_password": "password personalizzata"
 		}
 	},
 	"show": {
@@ -41,7 +46,7 @@
 		},
 		"explanation": "clicca sotto per mostrare e cancellare la nota se il contatore ha raggiunto il suo limite",
 		"show_note": "mostra la nota",
-		"warning_will_not_see_again": " <b>non</b> avrete la possibilità di rivedere la nota.",
+		"warning_will_not_see_again": "<b>non</b> avrete la possibilità di rivedere la nota.",
 		"download_all": "scarica tutti"
 	},
 	"file_upload": {

packages/frontend/locales/ja.json

@@ -0,0 +1,56 @@
+{
+	"common": {
+		"note": "新しいメモ",
+		"file": "ファイル",
+		"advanced": "アドバンスド",
+		"create": "作成",
+		"loading": "読み込み中",
+		"mode": "モード",
+		"views": "{n, plural, =0 {表示可能な時間} =1 { 1 ビュー} other {#ビュー}}",
+		"minutes": "{n, plural, =0 {有効期間(分)} =1 {1 分} other {# 分}}",
+		"max": "マックス",
+		"share_link": "共有リンク",
+		"copy_clipboard": "クリップボードにコピーする",
+		"copied_to_clipboard": "クリップボードにコピーされました",
+		"encrypting": "暗号化",
+		"decrypting": "復号化",
+		"uploading": "アップロード中",
+		"downloading": "ダウンロード中",
+		"qr_code": "QRコード",
+		"password": "暗号"
+	},
+	"home": {
+		"intro": "<i>完全に暗号化された</i> 、安全なメモやファイルをワンクリックで簡単に送信できます。メモを作成してリンクを共有するだけです。",
+		"explanation": "メモは{type}後に期限切れになり、破棄されます。",
+		"new_note": "新しいメモ",
+		"new_note_notice": "<b>可用性: </b> <br />すべてが RAM に保持されるため、メモが保存されるとは限りません。いっぱいになると、最も古いメモが削除されます。 <br /> (大丈夫だと思いますが、ご了承ください。)",
+		"errors": {
+			"note_to_big": "メモを作成できませんでした。メモが大きすぎる",
+			"note_error": "メモを作成できませんでした。もう一度お試しください。",
+			"max": "最大ファイルサイズ: {n}",
+			"empty_content": "メモは空です。"
+		},
+		"messages": {
+			"note_created": "メモが作成されました。"
+		},
+		"advanced": {
+			"explanation": "デフォルトでは、安全に生成されたパスワードが各ノートに使用されます。しかし、リンクに含まれない独自のパスワードを選択することもできます。",
+			"custom_password": "カスタムパスワード"
+		}
+	},
+	"show": {
+		"errors": {
+			"not_found": "メモが見つからないか、既に削除されています。",
+			"decryption_failed": "パスワードエラー！不完全なリンクを貼り付けたり、暗号を解読しようとしたりしている可能性があります！しかし、いずれにしても、この暗号は破棄されました！",
+			"unsupported_type": "サポートされていないメモ タイプです。"
+		},
+		"explanation": "カウンターが上限に達した場合、ノートの表示と削除を行うには、以下をクリックします。",
+		"show_note": "メモを表示",
+		"warning_will_not_see_again": "あなた <b>できません</b> このノートをもう一度見る",
+		"download_all": "すべてダウンロード"
+	},
+	"file_upload": {
+		"selected_files": "選択したファイル",
+		"no_files_selected": "ファイルが選択されていません"
+	}
+}

packages/frontend/locales/ru.json

@@ -0,0 +1,56 @@
+{
+	"common": {
+		"note": "заметка",
+		"file": "файл",
+		"advanced": "расширенные",
+		"create": "создать",
+		"loading": "загрузка",
+		"mode": "режим",
+		"views": "{n, plural, =0 {просмотры} =1 {1 просмотр} other {# просмотры}}",
+		"minutes": "{n, plural, =0 {минут} =1 {1 минута} other {# минуты}}",
+		"max": "макс",
+		"share_link": "поделиться ссылкой",
+		"copy_clipboard": "скопировать в буфер обмена",
+		"copied_to_clipboard": "скопировано в буфер обмена",
+		"encrypting": "шифрование",
+		"decrypting": "расшифровка",
+		"uploading": "загрузка",
+		"downloading": "скачивание",
+		"qr_code": "qr код",
+		"password": "пароль"
+	},
+	"home": {
+		"intro": "Легко отправляйте <i>полностью зашифрованные</i> защищенные заметки или файлы одним щелчком мыши. Просто создайте заметку и поделитесь ссылкой.",
+		"explanation": "заметка истечет и будет уничтожена после {type}.",
+		"new_note": "новая заметка",
+		"new_note_notice": "<b>availability:</b><br />the note is not guaranteed to be stored as everything is kept in ram, if it fills up the oldest notes will be removed.<br />(you probably will be fine, just be warned.)",
+		"errors": {
+			"note_to_big": "нельзя создать новую заметку. заметка слишком большая",
+			"note_error": "нельзя создать новую заметку. пожалйста попробуйте позднее.",
+			"max": "макс: {n}",
+			"empty_content": "пустая заметка."
+		},
+		"messages": {
+			"note_created": "заметка создана."
+		},
+		"advanced": {
+			"explanation": "По умолчанию для каждой заметки используется безопасно сгенерированный пароль. Однако вы также можете выбрать свой собственный пароль, который не включен в ссылку.",
+			"custom_password": "пользовательский пароль"
+		}
+	},
+	"show": {
+		"errors": {
+			"not_found": "заметка не найдена или была удалена.",
+			"decryption_failed": "неправильный пароль. не смог расшифровать. возможно ссылка битая. записка уничтожена.",
+			"unsupported_type": "неподдерживаемый тип заметки."
+		},
+		"explanation": "щелкните ниже, чтобы показать и удалить примечание, если счетчик достиг предела",
+		"show_note": "показать заметку",
+		"warning_will_not_see_again": "вы <b>не сможете</b> больше просмотреть заметку.",
+		"download_all": "скачать всё"
+	},
+	"file_upload": {
+		"selected_files": "Выбранные файлы",
+		"no_files_selected": "Файлы не выбраны"
+	}
+}

packages/frontend/locales/zh.json

@@ -6,42 +6,47 @@
 		"create": "创建",
 		"loading": "加载中",
 		"mode": "模式",
-		"views": "{n, plural, =0 {可查看次数} =1 {1 次查看} other {# 次查看}}",
-		"minutes": "{n, plural, =0 {有效期(分钟)} =1 {1 分钟} other {# 分钟}}",
+		"views": "{n, plural, =0 {可读次数} =1 {1 次查看} other {# 次查看}}",
+		"minutes": "{n, plural, =0 {有效期（分钟）} =1 {1 分钟} other {# 分钟}}",
 		"max": "最大值",
 		"share_link": "分享链接",
-		"copy_clipboard": "复制到剪切版",
-		"copied_to_clipboard": "已复制到剪切板",
+		"copy_clipboard": "复制到粘贴板",
+		"copied_to_clipboard": "已成功复制到粘贴板",
 		"encrypting": "加密",
 		"decrypting": "解密",
 		"uploading": "上传",
 		"downloading": "下载",
-		"qr_code": "二维码"
+		"qr_code": "二维码",
+		"password": "密码"
 	},
 	"home": {
-		"intro": "一键轻松发送 <i>完全加密的</i> 密信或者文件。只需创建一个密信然后分享链接。",
+		"intro": "飞鸽传书，一键传输完全加密的密信或文件，阅后即焚。",
 		"explanation": "该密信会在{type}后失效。",
 		"new_note": "新建密信",
-		"new_note_notice": "<b>可用性警示：</b><br />由于加密鸽的所有数据是全部保存在内存中的，所以如果加密鸽的可用内存被用光了那么它将会删除最早的密信以释放内存，因此不保证该密信的可用性。<br />(一般情况下是您应该是不会遇到这个问题，只是警示一下。)",
+		"new_note_notice": "<b>提醒：</b><br>密信保存在内存中，如果内存满了，则最早的密信将被删除以释放内存，因此不保证该密信的可用性。一般不会出现这种情况，无需担心。",
 		"errors": {
-			"note_to_big": "无法创建密信，这个密信太大了！",
-			"note_error": "无法创建密信，请再试一遍。",
-			"max": "最大文件大小: {n}",
-			"empty_content": "密信为空！"
+			"note_to_big": "创建失败，密信过大。",
+			"note_error": "创建失败，请稍后重试。",
+			"max": "次数上限：{n}",
+			"empty_content": "密信不能为空。"
 		},
 		"messages": {
-			"note_created": "注释创建。"
+			"note_created": "密信创建成功。"
+		},
+		"advanced": {
+			"explanation": "默认情况下，每个笔记都使用安全生成的密码。但是，您也可以选择您自己的密码，该密码未包含在链接中。",
+			"custom_password": "自定义密码"
 		}
 	},
 	"show": {
 		"errors": {
-			"not_found": "该密信无法被找到或者它已经被删除了！",
-			"decryption_failed": "密钥错误！您可能不小心粘贴了一个不完整的链接或者正在尝试破解该密信！但无论如何，该密信已被销毁！",
-			"unsupported_type": "不支持的票据类型。"
+			"not_found": "密信不存在，可能已被查看或删除。",
+			"decryption_failed": "密钥错误，无法查看。",
+			"unsupported_type": "不支持的类型。"
 		},
-		"explanation": "点击下方的按钮可以查看密信，如果它到达了限制将会被删除",
+		"explanation": "点击下方按钮即可查看密信，阅后即焚。",
 		"show_note": "查看密信",
-		"warning_will_not_see_again": "您将<b>无法</b>再次查看该密信",
+		"warning_will_not_see_again": "你将<b>无法</b>再次查看该密信，请尽快复制到粘贴板。",
 		"download_all": "下载全部"
 	},
 	"file_upload": {

packages/frontend/package.json

@@ -1,6 +1,8 @@
 {
 	"private": true,
+	"name": "@cryptgeon/web",
 	"scripts": {
+		"postinstall": "svelte-kit sync",
 		"dev": "vite dev",
 		"build": "vite build",
 		"preview": "vite preview",
@@ -11,29 +13,29 @@
 	},
 	"type": "module",
 	"devDependencies": {
-		"@lokalise/node-api": "^9.5.0",
-		"@sveltejs/adapter-static": "^1.0.2",
-		"@sveltejs/kit": "^1.1.0",
-		"@types/dompurify": "^2.4.0",
+		"@lokalise/node-api": "^9.8.0",
+		"@sveltejs/adapter-static": "^2.0.2",
+		"@sveltejs/kit": "^1.16.3",
+		"@types/dompurify": "^3.0.2",
 		"@types/file-saver": "^2.0.5",
-		"@zerodevx/svelte-toast": "^0.7.2",
+		"@zerodevx/svelte-toast": "^0.9.3",
 		"adm-zip": "^0.5.10",
 		"dotenv": "^16.0.3",
-		"svelte": "^3.55.1",
-		"svelte-check": "^2.10.3",
-		"svelte-intl-precompile": "^0.10.1",
-		"svelte-preprocess": "^4.10.7",
-		"tslib": "^2.4.1",
-		"typescript": "^4.9.4",
-		"vite": "^4.0.4"
+		"svelte": "^3.59.1",
+		"svelte-check": "^3.3.2",
+		"svelte-intl-precompile": "^0.12.1",
+		"tslib": "^2.5.0",
+		"typescript": "^5.0.4",
+		"vite": "^4.3.5"
 	},
 	"dependencies": {
+		"@cryptgeon/shared": "workspace:*",
 		"@fontsource/fira-mono": "^4.5.10",
 		"copy-to-clipboard": "^3.3.3",
-		"dompurify": "^2.4.3",
+		"dompurify": "^3.0.3",
 		"file-saver": "^2.0.5",
-		"occulto": "2.0.0",
-		"pretty-bytes": "^6.0.0",
+		"occulto": "^2.0.1",
+		"pretty-bytes": "^6.1.0",
 		"qrious": "^4.0.2"
 	}
 }

packages/frontend/scripts/locale.js

@@ -5,10 +5,15 @@ import https from 'https'
 
 dotenv.config()
 
+function exit(msg) {
+	console.error(msg)
+	process.exit(1)
+}
+
 const apiKey = process.env.LOKALISE_API_KEY
 const project_id = process.env.LOKALISE_PROJECT
-if (!apiKey) throw new Error('No API Key set for Lokalize! Set with "LOKALISE_API_KEY"')
-if (!project_id) throw new Error('No project id set for Lokalize! Set with "LOKALISE_PROJECT"')
+if (!apiKey) exit('No API Key set for Lokalize! Set with "LOKALISE_API_KEY"')
+if (!project_id) exit('No project id set for Lokalize! Set with "LOKALISE_PROJECT"')
 const client = new LokaliseApi({ apiKey })
 
 const WGet = (url) =>

packages/frontend/src/app.css

@@ -92,7 +92,7 @@ button {
 }
 
 *:disabled,
-*[disabled='true'] {
+.disabled {
 	opacity: 0.5;
 }
 
@@ -126,3 +126,13 @@ fieldset {
 .tr {
 	text-align: right;
 }
+
+hr {
+	border: none;
+	border-bottom: 2px solid var(--ui-bg-1);
+	margin: 1rem 0;
+}
+
+p {
+	margin: 0;
+}

packages/frontend/src/app.d.ts

@@ -0,0 +1,9 @@
+// See https://kit.svelte.dev/docs/types#app
+// for information about these interfaces
+// and what to do when importing types
+declare namespace App {
+	// interface Error {}
+	// interface Locals {}
+	// interface PageData {}
+	// interface Platform {}
+}

packages/frontend/src/global.d.ts

@@ -1,3 +0,0 @@
-/// <reference types="@sveltejs/kit" />
-/// <reference types="svelte" />
-/// <reference types="vite/client" />

packages/frontend/src/lib/adapters.ts

@@ -1,60 +0,0 @@
-import { AES, Bytes, type TypedArray } from 'occulto'
-import type { EncryptedFileDTO, FileDTO } from './api'
-
-abstract class CryptAdapter<T> {
-	abstract encrypt(plaintext: T, key: TypedArray): Promise<string>
-	abstract decrypt(ciphertext: string, key: TypedArray): Promise<T>
-}
-
-class CryptTextAdapter implements CryptAdapter<string> {
-	async encrypt(plaintext: string, key: TypedArray) {
-		return await AES.encrypt(Bytes.encode(plaintext), key)
-	}
-	async decrypt(ciphertext: string, key: TypedArray) {
-		return Bytes.decode(await AES.decrypt(ciphertext, key))
-	}
-}
-
-class CryptBlobAdapter implements CryptAdapter<Blob> {
-	async encrypt(plaintext: Blob, key: TypedArray) {
-		return await AES.encrypt(new Uint8Array(await plaintext.arrayBuffer()), key)
-	}
-
-	async decrypt(ciphertext: string, key: TypedArray) {
-		const plaintext = await AES.decrypt(ciphertext, key)
-		return new Blob([plaintext], { type: 'application/octet-stream' })
-	}
-}
-
-class CryptFilesAdapter implements CryptAdapter<FileDTO[]> {
-	async encrypt(plaintext: FileDTO[], key: TypedArray) {
-		const adapter = new CryptBlobAdapter()
-		const data: Promise<EncryptedFileDTO>[] = plaintext.map(async (file) => ({
-			name: file.name,
-			size: file.size,
-			type: file.type,
-			contents: await adapter.encrypt(file.contents, key),
-		}))
-		return JSON.stringify(await Promise.all(data))
-	}
-
-	async decrypt(ciphertext: string, key: TypedArray) {
-		const adapter = new CryptBlobAdapter()
-		const data: EncryptedFileDTO[] = JSON.parse(ciphertext)
-		const files: FileDTO[] = await Promise.all(
-			data.map(async (file) => ({
-				name: file.name,
-				size: file.size,
-				type: file.type,
-				contents: await adapter.decrypt(file.contents, key),
-			}))
-		)
-		return files
-	}
-}
-
-export const Adapters = {
-	Text: new CryptTextAdapter(),
-	Blob: new CryptBlobAdapter(),
-	Files: new CryptFilesAdapter(),
-}

packages/frontend/src/lib/api.ts

@@ -1,78 +0,0 @@
-export type NoteMeta = { type: 'text' | 'file' }
-
-export type Note = {
-	contents: string
-	meta: NoteMeta
-	views?: number
-	expiration?: number
-}
-export type NoteInfo = {}
-export type NotePublic = Pick<Note, 'contents' | 'meta'>
-export type NoteCreate = Omit<Note, 'meta'> & { meta: string }
-
-export type FileDTO = Pick<File, 'name' | 'size' | 'type'> & {
-	contents: Blob
-}
-
-export type EncryptedFileDTO = Omit<FileDTO, 'contents'> & {
-	contents: string
-}
-
-type CallOptions = {
-	url: string
-	method: string
-	body?: any
-}
-
-export class PayloadToLargeError extends Error {}
-
-export async function call(options: CallOptions) {
-	const response = await fetch('/api/' + options.url, {
-		method: options.method,
-		body: options.body === undefined ? undefined : JSON.stringify(options.body),
-		mode: 'cors',
-		headers: {
-			'Content-Type': 'application/json',
-		},
-	})
-
-	if (!response.ok) {
-		if (response.status === 413) throw new PayloadToLargeError()
-		else throw new Error('API call failed')
-	}
-	return response.json()
-}
-
-export async function create(note: Note) {
-	const { meta, ...rest } = note
-	const body: NoteCreate = {
-		...rest,
-		meta: JSON.stringify(meta),
-	}
-	const data = await call({
-		url: 'notes/',
-		method: 'post',
-		body,
-	})
-	return data as { id: string }
-}
-
-export async function get(id: string): Promise<NotePublic> {
-	const data = await call({
-		url: `notes/${id}`,
-		method: 'delete',
-	})
-	const { contents, meta } = data
-	return {
-		contents,
-		meta: JSON.parse(meta) as NoteMeta,
-	}
-}
-
-export async function info(id: string): Promise<NoteInfo> {
-	const data = await call({
-		url: `notes/${id}`,
-		method: 'get',
-	})
-	return data
-}

packages/frontend/src/lib/stores/status.ts

@@ -1,24 +1,8 @@
-import { call } from '$lib/api'
+import { status as getStatus, type Status } from '@cryptgeon/shared'
 import { writable } from 'svelte/store'
 
-export type Status = {
-	version: string
-	max_size: number
-	max_views: number
-	max_expiration: number
-	allow_advanced: boolean
-	theme_image: string
-	theme_text: string
-	theme_favicon: string
-	theme_page_title: string
-}
-
 export const status = writable<null | Status>(null)
 
 export async function init() {
-	const data = await call({
-		url: 'status/',
-		method: 'get',
-	})
-	status.set(data)
+	status.set(await getStatus())
 }

packages/frontend/src/lib/ui/AdvancedParameters.svelte

@@ -1,16 +1,22 @@
 <script lang="ts">
 	import { t } from 'svelte-intl-precompile'
 
-	import type { Note } from '$lib/api'
 	import { status } from '$lib/stores/status'
 	import Switch from '$lib/ui/Switch.svelte'
 	import TextInput from '$lib/ui/TextInput.svelte'
+	import type { Note } from '@cryptgeon/shared'
 
 	export let note: Note
 	export let timeExpiration = false
+	export let customPassword: string | null = null
+
+	let hasCustomPassword = false
+
+	$: if (!hasCustomPassword) customPassword = null
 </script>
 
-<div class="fields">
+<div class="flex col">
+	<div class="flex">
 		<TextInput
 			data-testid="field-views"
 			type="number"
@@ -23,14 +29,12 @@
 				($status && v <= $status?.max_views && v > 0) ||
 				$t('home.errors.max', { values: { n: $status?.max_views ?? 0 } })}
 		/>
-	<div class="middle-switch">
 		<Switch
 			data-testid="switch-advanced-toggle"
 			label={$t('common.mode')}
 			bind:value={timeExpiration}
 			color={false}
 		/>
-	</div>
 		<TextInput
 			data-testid="field-expiration"
 			type="number"
@@ -42,14 +46,37 @@
 				($status && v < $status?.max_expiration) ||
 				$t('home.errors.max', { values: { n: $status?.max_expiration ?? 0 } })}
 		/>
+	</div>
+	<div class="flex">
+		<Switch
+			data-testid="custom-password"
+			bind:value={hasCustomPassword}
+			label={$t('home.advanced.custom_password')}
+		/>
+		<TextInput
+			data-testid="password"
+			type="password"
+			bind:value={customPassword}
+			label={$t('common.password')}
+			disabled={!hasCustomPassword}
+			random
+		/>
+	</div>
+	<div>
+		{$t('home.advanced.explanation')}
+	</div>
 </div>
 
 <style>
-	.middle-switch {
-		margin: 0 1rem;
+	.flex {
+		display: flex;
+		align-items: flex-end;
+		gap: 1rem;
+		width: 100%;
 	}
 
-	.fields {
-		display: flex;
+	.col {
+		gap: 1.5rem;
+		flex-direction: column;
 	}
 </style>

packages/frontend/src/lib/ui/Canvas.svelte

@@ -1,4 +1,5 @@
 <script lang="ts">
+	// @ts-ignore
 	import QR from 'qrious'
 	import { t } from 'svelte-intl-precompile'
 

packages/frontend/src/lib/ui/FileUpload.svelte

@@ -1,26 +1,27 @@
 <script lang="ts">
 	import { t } from 'svelte-intl-precompile'
 
-	import type { FileDTO } from '$lib/api'
 	import Button from '$lib/ui/Button.svelte'
 	import MaxSize from '$lib/ui/MaxSize.svelte'
+	import type { FileDTO } from '@cryptgeon/shared'
 
 	export let label: string = ''
 	export let files: FileDTO[] = []
 
-	function fileToDTO(file: File): FileDTO {
+	async function fileToDTO(file: File): Promise<FileDTO> {
 		return {
 			name: file.name,
 			size: file.size,
 			type: file.type,
-			contents: file,
+			contents: new Uint8Array(await file.arrayBuffer()),
 		}
 	}
 
 	async function onInput(e: Event) {
 		const input = e.target as HTMLInputElement
 		if (input?.files?.length) {
-			files = [...files, ...Array.from(input.files).map(fileToDTO)]
+			const toAdd = await Promise.all(Array.from(input.files).map(fileToDTO))
+			files = [...files, ...toAdd]
 		}
 	}
 

packages/frontend/src/lib/ui/NoteResult.svelte

@@ -1,7 +1,7 @@
 <script lang="ts" context="module">
 	export type NoteResult = {
-		password: string
 		id: string
+		password?: string
 	}
 </script>
 
@@ -14,7 +14,8 @@
 
 	export let result: NoteResult
 
-	$: url = `${window.location.origin}/note/${result.id}#${result.password}`
+	let url = `${window.location.origin}/note/${result.id}`
+	if (result.password) url += `#${result.password}`
 
 	function reset() {
 		window.location.reload()

packages/frontend/src/lib/ui/ShowNote.svelte

@@ -8,9 +8,9 @@
 	import prettyBytes from 'pretty-bytes'
 	import { t } from 'svelte-intl-precompile'
 
-	import type { FileDTO, NotePublic } from '$lib/api'
 	import Button from '$lib/ui/Button.svelte'
 	import { copy } from '$lib/utils'
+	import type { FileDTO, NotePublic } from '@cryptgeon/shared'
 
 	export let note: DecryptedNote
 

packages/frontend/src/lib/ui/Switch.svelte

@@ -4,43 +4,35 @@
 	export let color = true
 </script>
 
-<div {...$$restProps}>
-	<label class="switch">
+<label {...$$restProps}>
 	<small>{label}</small>
 	<input type="checkbox" bind:checked={value} />
 	<span class:color class="slider" />
-	</label>
-</div>
+</label>
 
 <style>
-	div {
-		height: 3.75rem;
-	}
-
-	.switch {
+	label {
 		position: relative;
 		display: inline-block;
-		width: 4rem;
-		height: 2.5rem;
 	}
 
-	.switch input {
-		opacity: 0;
-		width: 0;
-		height: 0;
+	label input {
+		display: none;
+	}
+
+	small {
+		display: block;
+		width: max-content;
 	}
 
 	.slider {
-		position: absolute;
+		display: block;
+		width: 4rem;
+		height: 2.5rem;
+		position: relative;
 		cursor: pointer;
-		top: 0;
-		left: 0;
-		right: 0;
-		bottom: 0;
 		border: 2px solid var(--ui-bg-1);
 		background-color: var(--ui-bg-0);
-		transition: var(--ui-anim);
-		transform: translateY(1.2rem);
 	}
 
 	.slider:before {

packages/frontend/src/lib/ui/TextInput.svelte

@@ -30,7 +30,7 @@
 </script>
 
 <label>
-	<small disabled={$$restProps.disabled}>
+	<small class:disabled={$$restProps.disabled}>
 		{label}
 		{#if valid !== true}
 			<span class="error-text">{valid}</span>
@@ -54,6 +54,7 @@
 	label {
 		position: relative;
 		display: block;
+		width: 100%;
 	}
 
 	label > small {

packages/frontend/src/lib/views/Create.svelte

@@ -1,11 +1,8 @@
 <script lang="ts">
-	import { AES, Hex } from 'occulto'
+	import { AES, Hex, Bytes } from 'occulto'
 	import { t } from 'svelte-intl-precompile'
 	import { blur } from 'svelte/transition'
 
-	import { Adapters } from '$lib/adapters'
-	import type { FileDTO, Note } from '$lib/api'
-	import { create, PayloadToLargeError } from '$lib/api'
 	import { status } from '$lib/stores/status'
 	import { notify } from '$lib/toast'
 	import AdvancedParameters from '$lib/ui/AdvancedParameters.svelte'
@@ -16,6 +13,8 @@
 	import Result, { type NoteResult } from '$lib/ui/NoteResult.svelte'
 	import Switch from '$lib/ui/Switch.svelte'
 	import TextArea from '$lib/ui/TextArea.svelte'
+	import type { FileDTO, Note } from '@cryptgeon/shared'
+	import { Adapters, create, PayloadToLargeError } from '@cryptgeon/shared'
 
 	let note: Note = {
 		contents: '',
@@ -28,6 +27,7 @@
 	let advanced = false
 	let isFile = false
 	let timeExpiration = false
+	let customPassword: string | null = null
 	let description = ''
 	let loading: string | null = null
 
@@ -58,13 +58,14 @@
 		try {
 			loading = $t('common.encrypting')
 
-			const key = await AES.generateKey()
-			const password = await Hex.encode(key)
+			const derived = customPassword && (await AES.derive(customPassword))
+			const key = derived ? derived[0] : await AES.generateKey()
 
 			const data: Note = {
 				contents: '',
 				meta: note.meta,
 			}
+			if (derived) data.meta.derivation = derived[1]
 			if (isFile) {
 				if (files.length === 0) throw new EmptyContentError()
 				data.contents = await Adapters.Files.encrypt(files, key)
@@ -78,8 +79,8 @@
 			loading = $t('common.uploading')
 			const response = await create(data)
 			result = {
-				password: password,
 				id: response.id,
+				password: customPassword ? undefined : Hex.encode(key),
 			}
 			notify.success($t('home.messages.note_created'))
 		} catch (e) {
@@ -149,8 +150,8 @@
 
 			{#if advanced}
 				<div transition:blur={{ duration: 250 }}>
-					<br />
-					<AdvancedParameters bind:note bind:timeExpiration />
+					<hr />
+					<AdvancedParameters bind:note bind:timeExpiration bind:customPassword />
 				</div>
 			{/if}
 		</fieldset>

packages/frontend/src/lib/views/Footer.svelte

@@ -23,6 +23,7 @@
 		right: 0;
 		width: 100%;
 		background-color: var(--ui-bg-0-85);
+		backdrop-filter: blur(2px);
 	}
 
 	a {

packages/frontend/src/routes/note/[id]/+page.svelte

@@ -1,31 +1,35 @@
 <script lang="ts">
-	import { Hex } from 'occulto'
+	import { AES, Hex } from 'occulto'
 	import { onMount } from 'svelte'
 	import { t } from 'svelte-intl-precompile'
 
-	import { Adapters } from '$lib/adapters'
-	import { get, info } from '$lib/api'
 	import Button from '$lib/ui/Button.svelte'
 	import Loader from '$lib/ui/Loader.svelte'
 	import ShowNote, { type DecryptedNote } from '$lib/ui/ShowNote.svelte'
+	import TextInput from '$lib/ui/TextInput.svelte'
+	import { Adapters, get, info, type NoteMeta } from '@cryptgeon/shared'
 	import type { PageData } from './$types'
 
 	export let data: PageData
 
 	let id = data.id
-	let password: string
+	let password: string | null = null
 	let note: DecryptedNote | null = null
 	let exists = false
+	let meta: NoteMeta | null = null
 
 	let loading: string | null = null
 	let error: string | null = null
 
+	$: valid = !!password?.length
+
 	onMount(async () => {
 		// Check if note exists
 		try {
 			loading = $t('common.loading')
 			password = window.location.hash.slice(1)
-			await info(id)
+			const note = await info(id)
+			meta = note.meta
 			exists = true
 		} catch {
 			exists = false
@@ -39,11 +43,18 @@
 	 */
 	async function show() {
 		try {
+			if (!valid) {
+				error = $t('show.errors.no_password')
+				return
+			}
+
+			// Load note
 			error = null
 			loading = $t('common.downloading')
 			const data = await get(id)
 			loading = $t('common.decrypting')
-			const key = await Hex.decode(password)
+			const derived = meta?.derivation && (await AES.derive(password!, meta.derivation))
+			const key = derived ? derived[0] : Hex.decode(password!)
 			switch (data.meta.type) {
 				case 'text':
 					note = {
@@ -78,9 +89,18 @@
 		<form on:submit|preventDefault={show}>
 			<fieldset>
 				<p>{$t('show.explanation')}</p>
-				<Button data-testid="show-note-button" type="submit">{$t('show.show_note')}</Button>
+				{#if meta?.derivation}
+					<TextInput
+						data-testid="show-note-password"
+						type="password"
+						bind:value={password}
+						label={$t('common.password')}
+					/>
+				{/if}
+				<Button disabled={!valid} data-testid="show-note-button" type="submit"
+					>{$t('show.show_note')}</Button
+				>
 				{#if error}
-					<br />
 					<p class="error-text">
 						{error}
 						<br />
@@ -98,4 +118,10 @@
 	.loader {
 		text-align: center;
 	}
+
+	fieldset {
+		display: flex;
+		flex-direction: column;
+		gap: 1rem;
+	}
 </style>

packages/frontend/svelte.config.js

@@ -1,9 +1,9 @@
 import adapter from '@sveltejs/adapter-static'
-import preprocess from 'svelte-preprocess'
+import precompileIntl from 'svelte-intl-precompile/sveltekit-plugin'
+import { vitePreprocess } from '@sveltejs/kit/vite'
 
 export default {
-	preprocess: preprocess(),
-
+	preprocess: vitePreprocess([precompileIntl('locales')]),
 	kit: {
 		adapter: adapter({
 			fallback: 'index.html',

packages/proxy/package.json

@@ -0,0 +1,12 @@
+{
+  "private": true,
+  "name": "@cryptgeon/proxy",
+  "type": "module",
+  "main": "./proxy.js",
+  "scripts": {
+    "dev": "node ."
+  },
+  "dependencies": {
+    "http-proxy": "^1.18.1"
+  }
+}

packages/proxy/proxy.js

@@ -10,7 +10,7 @@ proxy.on('error', function (err, req, res) {
 
 const server = http.createServer(function (req, res) {
   const target = req.url.startsWith('/api/') ? 'http://127.0.0.1:8000' : 'http://localhost:8001'
-  proxy.web(req, res, { target })
+  proxy.web(req, res, { target, proxyTimeout: 250, timeout: 250 })
 })
 server.listen(1234)
 console.log('Proxy on http://localhost:1234')

packages/shared/package.json

@@ -0,0 +1,22 @@
+{
+  "private": true,
+  "name": "@cryptgeon/shared",
+  "type": "module",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js"
+    }
+  },
+  "scripts": {
+    "dev": "tsc -w",
+    "build": "tsc"
+  },
+  "devDependencies": {
+    "typescript": "^5.0.4"
+  },
+  "dependencies": {
+    "occulto": "^2.0.1"
+  }
+}

packages/shared/src/adapters.ts

@@ -0,0 +1,61 @@
+import { AES, Bytes, type TypedArray } from 'occulto'
+import type { EncryptedFileDTO, FileDTO } from './api'
+
+abstract class CryptAdapter<T> {
+  abstract encrypt(plaintext: T, key: TypedArray): Promise<string>
+  abstract decrypt(ciphertext: string, key: TypedArray): Promise<T>
+}
+
+class CryptTextAdapter implements CryptAdapter<string> {
+  async encrypt(plaintext: string, key: TypedArray) {
+    return await AES.encrypt(Bytes.encode(plaintext), key)
+  }
+  async decrypt(ciphertext: string, key: TypedArray) {
+    return Bytes.decode(await AES.decrypt(ciphertext, key))
+  }
+}
+
+class CryptBlobAdapter implements CryptAdapter<TypedArray> {
+  async encrypt(plaintext: TypedArray, key: TypedArray) {
+    return await AES.encrypt(plaintext, key)
+  }
+
+  async decrypt(ciphertext: string, key: TypedArray) {
+    return await AES.decrypt(ciphertext, key)
+    // const plaintext = await AES.decrypt(ciphertext, key)
+    // return new Blob([plaintext], { type: 'application/octet-stream' })
+  }
+}
+
+class CryptFilesAdapter implements CryptAdapter<FileDTO[]> {
+  async encrypt(plaintext: FileDTO[], key: TypedArray) {
+    const adapter = new CryptBlobAdapter()
+    const data: Promise<EncryptedFileDTO>[] = plaintext.map(async (file) => ({
+      name: file.name,
+      size: file.size,
+      type: file.type,
+      contents: await adapter.encrypt(file.contents, key),
+    }))
+    return JSON.stringify(await Promise.all(data))
+  }
+
+  async decrypt(ciphertext: string, key: TypedArray) {
+    const adapter = new CryptBlobAdapter()
+    const data: EncryptedFileDTO[] = JSON.parse(ciphertext)
+    const files: FileDTO[] = await Promise.all(
+      data.map(async (file) => ({
+        name: file.name,
+        size: file.size,
+        type: file.type,
+        contents: await adapter.decrypt(file.contents, key),
+      }))
+    )
+    return files
+  }
+}
+
+export const Adapters = {
+  Text: new CryptTextAdapter(),
+  Blob: new CryptBlobAdapter(),
+  Files: new CryptFilesAdapter(),
+}

packages/shared/src/api.ts

@@ -0,0 +1,116 @@
+import type { KeyData, TypedArray } from 'occulto'
+
+export type NoteMeta = {
+  type: 'text' | 'file'
+  derivation?: KeyData
+}
+
+export type Note = {
+  contents: string
+  meta: NoteMeta
+  views?: number
+  expiration?: number
+}
+export type NoteInfo = Pick<Note, 'meta'>
+export type NotePublic = Pick<Note, 'contents' | 'meta'>
+export type NoteCreate = Omit<Note, 'meta'> & { meta: string }
+
+export type FileDTO = Pick<File, 'name' | 'size' | 'type'> & {
+  contents: TypedArray
+}
+
+export type EncryptedFileDTO = Omit<FileDTO, 'contents'> & {
+  contents: string
+}
+
+type CallOptions = {
+  url: string
+  method: string
+  body?: any
+}
+
+export class PayloadToLargeError extends Error {}
+
+export let BASE = ''
+
+export function setBase(url: string) {
+  BASE = url
+}
+
+export async function call(options: CallOptions) {
+  const response = await fetch(BASE + '/api/' + options.url, {
+    method: options.method,
+    body: options.body === undefined ? undefined : JSON.stringify(options.body),
+    mode: 'cors',
+    headers: {
+      'Content-Type': 'application/json',
+    },
+  })
+
+  if (!response.ok) {
+    if (response.status === 413) throw new PayloadToLargeError()
+    else throw new Error('API call failed')
+  }
+  return response.json()
+}
+
+export async function create(note: Note) {
+  const { meta, ...rest } = note
+  const body: NoteCreate = {
+    ...rest,
+    meta: JSON.stringify(meta),
+  }
+  const data = await call({
+    url: 'notes/',
+    method: 'post',
+    body,
+  })
+  return data as { id: string }
+}
+
+export async function get(id: string): Promise<NotePublic> {
+  const data = await call({
+    url: `notes/${id}`,
+    method: 'delete',
+  })
+  const { contents, meta } = data
+  const note = {
+    contents,
+    meta: JSON.parse(meta),
+  } satisfies NotePublic
+  if (note.meta.derivation) note.meta.derivation.salt = new Uint8Array(Object.values(note.meta.derivation.salt))
+  return note
+}
+
+export async function info(id: string): Promise<NoteInfo> {
+  const data = await call({
+    url: `notes/${id}`,
+    method: 'get',
+  })
+  const { meta } = data
+  const note = {
+    meta: JSON.parse(meta),
+  } satisfies NoteInfo
+  if (note.meta.derivation) note.meta.derivation.salt = new Uint8Array(Object.values(note.meta.derivation.salt))
+  return note
+}
+
+export type Status = {
+  version: string
+  max_size: number
+  max_views: number
+  max_expiration: number
+  allow_advanced: boolean
+  theme_image: string
+  theme_text: string
+  theme_favicon: string
+  theme_page_title: string
+}
+
+export async function status() {
+  const data = await call({
+    url: 'status/',
+    method: 'get',
+  })
+  return data as Status
+}

packages/shared/src/index.ts

@@ -0,0 +1,2 @@
+export * from './adapters.js'
+export * from './api.js'

packages/shared/tsconfig.json

@@ -0,0 +1,12 @@
+{
+  "compilerOptions": {
+    "incremental": true,
+    "composite": true,
+    "target": "es2022",
+    "module": "es2022",
+    "rootDir": "./src",
+    "moduleResolution": "node",
+    "outDir": "./dist",
+    "strict": true
+  }
+}

playwright.config.ts

@@ -10,7 +10,6 @@ const config: PlaywrightTestConfig = {
   outputDir: './test-results',
   testDir: './test',
   timeout: 60_000,
-  testIgnore: ['file/too-big.spec.ts'],
 
   webServer: {
     command: 'docker compose -f docker-compose.dev.yaml up',
@@ -22,11 +21,10 @@ const config: PlaywrightTestConfig = {
     { name: 'chrome', use: { ...devices['Desktop Chrome'] } },
     { name: 'firefox', use: { ...devices['Desktop Firefox'] } },
     { name: 'safari', use: { ...devices['Desktop Safari'] } },
-    {
-      name: 'local',
-      use: { ...devices['Desktop Chrome'] },
-      // testMatch: 'file/too-big.spec.ts',
-    },
+
+    { name: 'cli', use: { ...devices['Desktop Chrome'] }, grep: [/@cli/] },
+    { name: 'web', use: { ...devices['Desktop Chrome'] }, grep: [/@web/] },
+    { name: 'cross', use: { ...devices['Desktop Chrome'] }, grep: [/@cross/] },
   ],
 }
 

test/cli/file/simple.spec.ts

@@ -0,0 +1,33 @@
+import { test } from '@playwright/test'
+import { basename } from 'node:path'
+import { Files, getFileChecksum, rm, tmpFile } from '../../files'
+import { CLI, getLinkFromCLI } from '../../utils'
+
+test.describe('file @cli', () => {
+  test('simple', async ({ page }) => {
+    const file = await tmpFile(Files.Image)
+    const checksum = await getFileChecksum(file)
+    const note = await CLI('send', 'file', file)
+    const link = getLinkFromCLI(note.stdout)
+    await rm(file)
+
+    await CLI('open', link, '--all')
+    const c = await getFileChecksum(basename(file))
+    await rm(basename(file))
+    test.expect(checksum).toBe(c)
+  })
+
+  test('simple with password', async ({ page }) => {
+    const file = await tmpFile(Files.Image)
+    const password = 'password'
+    const checksum = await getFileChecksum(file)
+    const note = await CLI('send', 'file', file, '--password', password)
+    const link = getLinkFromCLI(note.stdout)
+    await rm(file)
+
+    await CLI('open', link, '--all', '--password', password)
+    const c = await getFileChecksum(basename(file))
+    await rm(basename(file))
+    test.expect(checksum).toBe(c)
+  })
+})

test/cli/text/simple.spec.ts

@@ -0,0 +1,23 @@
+import { test } from '@playwright/test'
+import { CLI, getLinkFromCLI } from '../../utils'
+
+test.describe('text @cli', () => {
+  test('simple', async ({ page }) => {
+    const text = `Endless prejudice endless play derive joy eternal-return selfish burying. Of decieve play pinnacle faith disgust. Spirit reason salvation burying strong of joy ascetic selfish against merciful sea truth. Ubermensch moral prejudice derive chaos mountains ubermensch justice philosophy justice ultimate joy ultimate transvaluation. Virtues convictions war ascetic eternal-return spirit. Ubermensch transvaluation noble revaluation sexuality intentions salvation endless decrepit hope noble fearful. Justice ideal ultimate snare god joy evil sexuality insofar gains oneself ideal.`
+    const note = await CLI('send', 'text', text)
+    const link = getLinkFromCLI(note.stdout)
+
+    const retrieved = await CLI('open', link)
+    test.expect(retrieved.stdout.trim()).toBe(text)
+  })
+
+  test('simple with password', async ({ page }) => {
+    const text = `Endless prejudice endless play derive joy eternal-return selfish burying.`
+    const password = 'password'
+    const note = await CLI('send', 'text', text, '--password', password)
+    const link = getLinkFromCLI(note.stdout)
+
+    const retrieved = await CLI('open', link, '--password', password)
+    test.expect(retrieved.stdout.trim()).toBe(text)
+  })
+})

test/cross/file/simple.spec.ts

@@ -0,0 +1,53 @@
+import { test } from '@playwright/test'
+import { CLI, checkLinkForDownload, checkLinkForText, createNote, getLinkFromCLI } from '../../utils'
+import { Files, getFileChecksum, rm, tmpFile } from '../../files'
+import { basename } from 'path'
+
+const text = `Endless prejudice endless play derive joy eternal-return selfish burying. Of decieve play pinnacle faith disgust. Spirit reason salvation burying strong of joy ascetic selfish against merciful sea truth. Ubermensch moral prejudice derive chaos mountains ubermensch justice philosophy justice ultimate joy ultimate transvaluation. Virtues convictions war ascetic eternal-return spirit. Ubermensch transvaluation noble revaluation sexuality intentions salvation endless decrepit hope noble fearful. Justice ideal ultimate snare god joy evil sexuality insofar gains oneself ideal.`
+const password = 'password'
+
+test.describe('text @cross', () => {
+  test('cli to web', async ({ page }) => {
+    const file = await tmpFile(Files.Image)
+    const checksum = await getFileChecksum(file)
+    const note = await CLI('send', 'file', file)
+    const link = getLinkFromCLI(note.stdout)
+    await rm(file)
+
+    await checkLinkForDownload(page, { link, text: basename(file), checksum })
+  })
+
+  test('cli to web with password', async ({ page }) => {
+    const file = await tmpFile(Files.Image)
+    const checksum = await getFileChecksum(file)
+    const note = await CLI('send', 'file', file, '--password', password)
+    const link = getLinkFromCLI(note.stdout)
+    await rm(file)
+
+    await checkLinkForDownload(page, { link, text: basename(file), checksum, password })
+  })
+
+  test('web to cli', async ({ page }) => {
+    const files = [Files.Image]
+    const checksum = await getFileChecksum(files[0])
+    const link = await createNote(page, { files })
+
+    const filename = basename(files[0])
+    await CLI('open', link, '--all')
+    const c = await getFileChecksum(filename)
+    await rm(basename(filename))
+    test.expect(checksum).toBe(c)
+  })
+
+  test('web to cli with password', async ({ page }) => {
+    const files = [Files.Image]
+    const checksum = await getFileChecksum(files[0])
+    const link = await createNote(page, { files, password })
+
+    const filename = basename(files[0])
+    await CLI('open', link, '--all', '--password', password)
+    const c = await getFileChecksum(filename)
+    await rm(basename(filename))
+    test.expect(checksum).toBe(c)
+  })
+})

test/cross/text/simple.spec.ts

@@ -0,0 +1,32 @@
+import { test } from '@playwright/test'
+import { CLI, checkLinkForText, createNote, getLinkFromCLI } from '../../utils'
+
+const text = `Endless prejudice endless play derive joy eternal-return selfish burying. Of decieve play pinnacle faith disgust. Spirit reason salvation burying strong of joy ascetic selfish against merciful sea truth. Ubermensch moral prejudice derive chaos mountains ubermensch justice philosophy justice ultimate joy ultimate transvaluation. Virtues convictions war ascetic eternal-return spirit. Ubermensch transvaluation noble revaluation sexuality intentions salvation endless decrepit hope noble fearful. Justice ideal ultimate snare god joy evil sexuality insofar gains oneself ideal.`
+const password = 'password'
+
+test.describe('text @cross', () => {
+  test('cli to web', async ({ page }) => {
+    const note = await CLI('send', 'text', text)
+    const link = getLinkFromCLI(note.stdout)
+
+    await checkLinkForText(page, { link, text })
+  })
+
+  test('web to cli', async ({ page }) => {
+    const link = await createNote(page, { text })
+    const retrieved = await CLI('open', link)
+    test.expect(retrieved.stdout.trim()).toBe(text)
+  })
+
+  test('cli to web with password', async ({ page }) => {
+    const note = await CLI('send', 'text', text, '--password', password)
+    const link = getLinkFromCLI(note.stdout)
+    await checkLinkForText(page, { link, text, password })
+  })
+
+  test('web to cli with password', async ({ page }) => {
+    const link = await createNote(page, { text, password })
+    const retrieved = await CLI('open', link, '--password', password)
+    test.expect(retrieved.stdout.trim()).toBe(text)
+  })
+})

test/file/files.ts

@@ -1,5 +0,0 @@
-export default {
-  PDF: 'test/assets/AES.pdf',
-  Image: 'test/assets/image.jpg',
-  Zip: 'test/assets/Pigeons.zip',
-}

test/file/multiple.spec.ts

@@ -1,11 +0,0 @@
-import { test } from '@playwright/test'
-import { checkLinkForDownload, createNote, getFileChecksum } from '../utils'
-import Files from './files'
-
-test('multiple', async ({ page }) => {
-  const files = [Files.PDF, Files.Image]
-  const checksums = await Promise.all(files.map(getFileChecksum))
-  const link = await createNote(page, { files, views: 2 })
-  await checkLinkForDownload(page, link, 'image.jpg', checksums[1])
-  await checkLinkForDownload(page, link, 'AES.pdf', checksums[0])
-})

test/file/simple.spec.ts

@@ -1,24 +0,0 @@
-import { test } from '@playwright/test'
-import { checkLinkDoesNotExist, checkLinkForDownload, checkLinkForText, createNote, getFileChecksum } from '../utils'
-import Files from './files'
-
-test('simple pdf', async ({ page }) => {
-  const files = [Files.PDF]
-  const link = await createNote(page, { files })
-  await checkLinkForText(page, link, 'AES.pdf')
-  await checkLinkDoesNotExist(page, link)
-})
-
-test('pdf content', async ({ page }) => {
-  const files = [Files.PDF]
-  const checksum = await getFileChecksum(files[0])
-  const link = await createNote(page, { files })
-  await checkLinkForDownload(page, link, 'AES.pdf', checksum)
-})
-
-test('image content', async ({ page }) => {
-  const files = [Files.Image]
-  const checksum = await getFileChecksum(files[0])
-  const link = await createNote(page, { files })
-  await checkLinkForDownload(page, link, 'image.jpg', checksum)
-})

test/file/too-big.spec.ts

@@ -1,8 +0,0 @@
-import { test } from '@playwright/test'
-import { createNote } from '../utils'
-import Files from './files'
-
-test('to big zip', async ({ page }) => {
-  const files = [Files.Zip]
-  const link = await createNote(page, { files, error: 'note is to big' })
-})

test/files.ts

@@ -0,0 +1,25 @@
+import { createHash } from 'crypto'
+import { cp as cpFN, rm as rmFN } from 'fs'
+import { readFile } from 'fs/promises'
+import { promisify } from 'util'
+
+export const cp = promisify(cpFN)
+export const rm = promisify(rmFN)
+
+export const Files = {
+  PDF: 'test/assets/AES.pdf',
+  Image: 'test/assets/image.jpg',
+  Zip: 'test/assets/Pigeons.zip',
+}
+
+export async function getFileChecksum(file: string) {
+  const buffer = await readFile(file)
+  const hash = createHash('sha3-256').update(buffer).digest('hex')
+  return hash
+}
+
+export async function tmpFile(file: string) {
+  const name = `./tmp/${Math.random().toString(36).substring(7)}`
+  await cp(file, name)
+  return name
+}

test/text.ts

@@ -1,37 +0,0 @@
-import { expect, test, type Page } from '@playwright/test'
-
-async function createNote(page: Page, text: string): Promise<string> {
-  await page.goto('/')
-  await page.locator('textarea').click()
-  await page.locator('textarea').fill(text)
-  await page.locator('button:has-text("create")').click()
-
-  await page.locator('[data-testid="share-link"]').click()
-  const shareLink = await page.locator('[data-testid="share-link"]').inputValue()
-  return shareLink
-}
-
-async function checkLinkForText(page: Page, link: string, text: string) {
-  await page.goto(link)
-  await page.locator('[data-testid="show-note-button"]').click()
-  expect(await page.locator('[data-testid="result"] >> .note').innerText()).toBe(text)
-}
-
-async function checkLinkDoesNotExist(page: Page, link: string) {
-  await page.goto('/') // Required due to firefox: https://github.com/microsoft/playwright/issues/15781
-  await page.goto(link)
-  await expect(page.locator('main')).toContainText('note was not found or was already deleted')
-}
-
-test('simple', async ({ page }) => {
-  const text = `Endless prejudice endless play derive joy eternal-return selfish burying. Of decieve play pinnacle faith disgust. Spirit reason salvation burying strong of joy ascetic selfish against merciful sea truth. Ubermensch moral prejudice derive chaos mountains ubermensch justice philosophy justice ultimate joy ultimate transvaluation. Virtues convictions war ascetic eternal-return spirit. Ubermensch transvaluation noble revaluation sexuality intentions salvation endless decrepit hope noble fearful. Justice ideal ultimate snare god joy evil sexuality insofar gains oneself ideal.`
-  const shareLink = await createNote(page, text)
-  await checkLinkForText(page, shareLink, text)
-})
-
-test('only shown once', async ({ page }) => {
-  const text = `Christian victorious reason suicide dead. Right ultimate gains god hope truth burying selfish society joy. Ultimate.`
-  const shareLink = await createNote(page, text)
-  await checkLinkForText(page, shareLink, text)
-  await checkLinkDoesNotExist(page, shareLink)
-})

test/text/expiration.spec.ts

@@ -1,14 +0,0 @@
-import { test } from '@playwright/test'
-import { checkLinkDoesNotExist, checkLinkForText, createNote } from '../utils'
-
-test('1 minute', async ({ page }) => {
-  const text = `Virtues value ascetic revaluation sea dead strong burying.`
-  const minutes = 1
-  const timeout = minutes * 60_000
-  test.setTimeout(timeout * 2)
-  const shareLink = await createNote(page, { text, expiration: minutes })
-  await checkLinkForText(page, shareLink, text)
-  await checkLinkForText(page, shareLink, text)
-  await page.waitForTimeout(timeout)
-  await checkLinkDoesNotExist(page, shareLink)
-})

test/text/simple.spec.ts

@@ -1,8 +0,0 @@
-import { test } from '@playwright/test'
-import { checkLinkForText, createNote } from '../utils'
-
-test('simple', async ({ page }) => {
-  const text = `Endless prejudice endless play derive joy eternal-return selfish burying. Of decieve play pinnacle faith disgust. Spirit reason salvation burying strong of joy ascetic selfish against merciful sea truth. Ubermensch moral prejudice derive chaos mountains ubermensch justice philosophy justice ultimate joy ultimate transvaluation. Virtues convictions war ascetic eternal-return spirit. Ubermensch transvaluation noble revaluation sexuality intentions salvation endless decrepit hope noble fearful. Justice ideal ultimate snare god joy evil sexuality insofar gains oneself ideal.`
-  const shareLink = await createNote(page, { text })
-  await checkLinkForText(page, shareLink, text)
-})

test/text/views.spec.ts

@@ -1,18 +0,0 @@
-import { test } from '@playwright/test'
-import { checkLinkDoesNotExist, checkLinkForText, createNote } from '../utils'
-
-test('only shown once', async ({ page }) => {
-  const text = `Christian victorious reason suicide dead. Right ultimate gains god hope truth burying selfish society joy. Ultimate.`
-  const shareLink = await createNote(page, { text })
-  await checkLinkForText(page, shareLink, text)
-  await checkLinkDoesNotExist(page, shareLink)
-})
-
-test('view 3 times', async ({ page }) => {
-  const text = `Justice holiest overcome fearful strong ultimate holiest christianity.`
-  const shareLink = await createNote(page, { text, views: 3 })
-  await checkLinkForText(page, shareLink, text)
-  await checkLinkForText(page, shareLink, text)
-  await checkLinkForText(page, shareLink, text)
-  await checkLinkDoesNotExist(page, shareLink)
-})

test/utils.ts

@@ -1,15 +1,25 @@
 import { expect, type Page } from '@playwright/test'
-import { createHash } from 'crypto'
-import { readFile } from 'fs/promises'
+import { execFile } from 'node:child_process'
+import { promisify } from 'node:util'
+import { getFileChecksum } from './files'
 
-type CreatePage = { text?: string; files?: string[]; views?: number; expiration?: number; error?: string }
+const exec = promisify(execFile)
+
+type CreatePage = {
+  text?: string
+  files?: string[]
+  views?: number
+  expiration?: number
+  error?: string
+  password?: string
+}
 export async function createNote(page: Page, options: CreatePage): Promise<string> {
   await page.goto('/')
 
   if (options.text) {
-    await page.locator('[data-testid="text-field"]').fill(options.text)
+    await page.getByTestId('text-field').fill(options.text)
   } else if (options.files) {
-    await page.locator('[data-testid="switch-file"]').click()
+    await page.getByTestId('switch-file').click()
 
     const [fileChooser] = await Promise.all([
       page.waitForEvent('filechooser'),
@@ -18,13 +28,16 @@ export async function createNote(page: Page, options: CreatePage): Promise<strin
     await fileChooser.setFiles(options.files)
   }
 
+  if (options.views || options.expiration || options.password) await page.getByTestId('switch-advanced').click()
   if (options.views) {
-    await page.locator('[data-testid="switch-advanced"]').click()
-    await page.locator('[data-testid="field-views"]').fill(options.views.toString())
+    await page.getByTestId('field-views').fill(options.views.toString())
   } else if (options.expiration) {
-    await page.locator('[data-testid="switch-advanced"]').click()
-    await page.locator('[data-testid="switch-advanced-toggle"]').click()
-    await page.locator('[data-testid="field-expiration"]').fill(options.expiration.toString())
+    await page.getByTestId('switch-advanced-toggle').click()
+    await page.getByTestId('field-expiration').fill(options.expiration.toString())
+  }
+  if (options.password) {
+    await page.getByTestId('custom-password').click()
+    await page.getByTestId('password').fill(options.password)
   }
 
   await page.locator('button:has-text("create")').click()
@@ -33,29 +46,39 @@ export async function createNote(page: Page, options: CreatePage): Promise<strin
     await expect(page.locator('.error-text')).toContainText(options.error, { timeout: 60_000 })
   }
 
-  const shareLink = await page.locator('[data-testid="share-link"]').inputValue()
-  return shareLink
+  // Return share link
+  return await page.getByTestId('share-link').inputValue()
 }
 
-export async function checkLinkForDownload(page: Page, link: string, text: string, checksum: string) {
+type CheckLinkBase = {
+  link: string
+  text: string
+  password?: string
+}
+
+export async function checkLinkForDownload(page: Page, options: CheckLinkBase & { checksum: string }) {
   await page.goto('/')
-  await page.goto(link)
-  await page.locator('[data-testid="show-note-button"]').click()
+  await page.goto(options.link)
+  if (options.password) await page.getByTestId('show-note-password').fill(options.password)
+  await page.getByTestId('show-note-button').click()
 
   const [download] = await Promise.all([
     page.waitForEvent('download'),
-    page.locator(`[data-testid="result"] >> text=${text}`).click(),
+    page.getByTestId(`result`).locator(`text=${options.text}`).click(),
   ])
   const path = await download.path()
   if (!path) throw new Error('Download failed')
   const cs = await getFileChecksum(path)
-  await expect(cs).toBe(checksum)
+  await expect(cs).toBe(options.checksum)
 }
-export async function checkLinkForText(page: Page, link: string, text: string) {
+
+export async function checkLinkForText(page: Page, options: CheckLinkBase) {
   await page.goto('/')
-  await page.goto(link)
-  await page.locator('[data-testid="show-note-button"]').click()
-  await expect(await page.locator('[data-testid="result"] >> .note').innerText()).toContain(text)
+  await page.goto(options.link)
+  if (options.password) await page.getByTestId('show-note-password').fill(options.password)
+  await page.getByTestId('show-note-button').click()
+  const text = await page.getByTestId('result').locator('.note').innerText()
+  await expect(text).toContain(options.text)
 }
 
 export async function checkLinkDoesNotExist(page: Page, link: string) {
@@ -64,8 +87,17 @@ export async function checkLinkDoesNotExist(page: Page, link: string) {
   await expect(page.locator('main')).toContainText('note was not found or was already deleted')
 }
 
-export async function getFileChecksum(file: string) {
-  const buffer = await readFile(file)
-  const hash = createHash('sha3-256').update(buffer).digest('hex')
-  return hash
+export async function CLI(...args: string[]) {
+  return await exec('./packages/cli/dist/index.cjs', args, {
+    env: {
+      ...process.env,
+      CRYPTGEON_SERVER: 'http://localhost:1234',
+    },
+  })
+}
+
+export function getLinkFromCLI(output: string): string {
+  const match = output.match(/(https?:\/\/[^\s]+)/)
+  if (!match) throw new Error('No link found in CLI output')
+  return match[0]
 }

test/web/file/multiple.spec.ts

@@ -0,0 +1,13 @@
+import { test } from '@playwright/test'
+import { Files, getFileChecksum } from '../../files'
+import { checkLinkForDownload, createNote } from '../../utils'
+
+test.describe('@web', () => {
+  test('multiple', async ({ page }) => {
+    const files = [Files.PDF, Files.Image]
+    const checksums = await Promise.all(files.map(getFileChecksum))
+    const link = await createNote(page, { files, views: 2 })
+    await checkLinkForDownload(page, { link, text: 'image.jpg', checksum: checksums[1] })
+    await checkLinkForDownload(page, { link, text: 'AES.pdf', checksum: checksums[0] })
+  })
+})

test/web/file/simple.spec.ts

@@ -0,0 +1,34 @@
+import { test } from '@playwright/test'
+import { Files, getFileChecksum } from '../../files'
+import { checkLinkDoesNotExist, checkLinkForDownload, checkLinkForText, createNote } from '../../utils'
+
+test.describe('@web', () => {
+  test('simple pdf', async ({ page }) => {
+    const files = [Files.PDF]
+    const link = await createNote(page, { files })
+    await checkLinkForText(page, { link, text: 'AES.pdf' })
+    await checkLinkDoesNotExist(page, link)
+  })
+
+  test('pdf content', async ({ page }) => {
+    const files = [Files.PDF]
+    const checksum = await getFileChecksum(files[0])
+    const link = await createNote(page, { files })
+    await checkLinkForDownload(page, { link, text: 'AES.pdf', checksum })
+  })
+
+  test('image content', async ({ page }) => {
+    const files = [Files.Image]
+    const checksum = await getFileChecksum(files[0])
+    const link = await createNote(page, { files })
+    await checkLinkForDownload(page, { link, text: 'image.jpg', checksum })
+  })
+
+  test('simple pdf with password', async ({ page }) => {
+    const files = [Files.PDF]
+    const password = 'password'
+    const link = await createNote(page, { files, password })
+    await checkLinkForText(page, { link, text: 'AES.pdf', password })
+    await checkLinkDoesNotExist(page, link)
+  })
+})

test/web/file/too-big.spec.ts

@@ -0,0 +1,10 @@
+import { test } from '@playwright/test'
+import { createNote } from '../../utils'
+import { Files } from '../../files'
+
+test.describe('@web', () => {
+  test.skip('to big zip', async ({ page }) => {
+    const files = [Files.Zip]
+    const link = await createNote(page, { files, error: 'note is to big' })
+  })
+})

test/web/text/expiration.spec.ts

@@ -0,0 +1,16 @@
+import { test } from '@playwright/test'
+import { checkLinkDoesNotExist, checkLinkForText, createNote } from '../../utils'
+
+test.describe('@web', () => {
+  test('1 minute', async ({ page }) => {
+    const text = `Virtues value ascetic revaluation sea dead strong burying.`
+    const minutes = 1
+    const timeout = minutes * 60_000
+    test.setTimeout(timeout * 2)
+    const link = await createNote(page, { text, expiration: minutes })
+    await checkLinkForText(page, { link, text })
+    await checkLinkForText(page, { link, text })
+    await page.waitForTimeout(timeout)
+    await checkLinkDoesNotExist(page, link)
+  })
+})

test/web/text/simple.spec.ts

@@ -0,0 +1,17 @@
+import { test } from '@playwright/test'
+import { checkLinkForText, createNote } from '../../utils'
+
+test.describe('@web', () => {
+  test('simple', async ({ page }) => {
+    const text = `Endless prejudice endless play derive joy eternal-return selfish burying. Of deceive play pinnacle faith disgust. Spirit reason salvation burying strong of joy ascetic selfish against merciful sea truth. Ubermensch moral prejudice derive chaos mountains ubermensch justice philosophy justice ultimate joy ultimate transvaluation. Virtues convictions war ascetic eternal-return spirit. Ubermensch transvaluation noble revaluation sexuality intentions salvation endless decrepit hope noble fearful. Justice ideal ultimate snare god joy evil sexuality insofar gains oneself ideal.`
+    const link = await createNote(page, { text })
+    await checkLinkForText(page, { link, text })
+  })
+
+  test('simple with password', async ({ page }) => {
+    const text = 'Foo bar'
+    const password = '123'
+    const shareLink = await createNote(page, { text, password })
+    await checkLinkForText(page, { link: shareLink, text, password })
+  })
+})

test/web/text/views.spec.ts

@@ -0,0 +1,20 @@
+import { test } from '@playwright/test'
+import { checkLinkDoesNotExist, checkLinkForText, createNote } from '../../utils'
+
+test.describe('@web', () => {
+  test('only shown once', async ({ page }) => {
+    const text = `Christian victorious reason suicide dead. Right ultimate gains god hope truth burying selfish society joy. Ultimate.`
+    const link = await createNote(page, { text })
+    await checkLinkForText(page, { link, text })
+    await checkLinkDoesNotExist(page, link)
+  })
+
+  test('view 3 times', async ({ page }) => {
+    const text = `Justice holiest overcome fearful strong ultimate holiest christianity.`
+    const link = await createNote(page, { text, views: 3 })
+    await checkLinkForText(page, { link, text })
+    await checkLinkForText(page, { link, text })
+    await checkLinkForText(page, { link, text })
+    await checkLinkDoesNotExist(page, link)
+  })
+})

version.mjs

@@ -0,0 +1,20 @@
+#!/usr/bin/env node
+
+import shelljs from 'shelljs'
+import { execSync } from 'node:child_process'
+
+const VERSION = process.argv[2]
+// https://semver.org/#is-there-a-suggested-regular-expression-regex-to-check-a-semver-string
+const semver =
+  /^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$/gm
+if (!semver.test(VERSION)) {
+  console.error('Invalid version number')
+  process.exit(1)
+}
+
+// CLI
+shelljs.sed('-i', /"version": ".*"/, `"version": "${process.argv[2]}"`, './packages/cli/package.json')
+
+// Backend
+shelljs.sed('-i', /^version = ".*"$/m, `version = "${process.argv[2]}"`, './packages/backend/Cargo.toml')
+execSync('cargo check -p cryptgeon', { cwd: './packages/backend' })