gogo/apxtrib
1
0
Fork 0
Code Pull Requests Activity

update auth openpgp.js

Browse Source
This commit is contained in:
philc
2023-05-12 07:59:32 +02:00
parent dc11e8235e
commit a78bd8404a
85 changed files with 47890 additions and 1042 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
nationchains/www/adminapx/static/tpl/apxmodal_en.mustache Normal file
View File

@@ -0,0 +1,29 @@
<!-- Modal
To populate app.load('apxmodal','apxmodal',{title,body,actions[{btndescription:'xx',onclick:'js function'}]})
To activate show
<button type="button" class="btn btn-outline-success btn-sm" data-bs-toggle="modal" data-bs-target="#modalinfo">
-->
<div class="modal fade" id="{{{modalid}}}" tabindex="-1" aria-labelledby="{{{modalid}}}Label" aria-hidden="true">
<div class="modal-dialog {{classmodaldialog}}">
<div class="modal-content">
<div class="modal-header">
<h5 class="modal-title" id="{{{modalid}}}Label">{{{title}}}</h5>
<button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
</div>
<div class="modal-body">
{{{body}}}
</div>
<div class="modal-footer">
<button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Close</button>
{{#actions}}
<button type="button" onclick="{{{onclick}}}" class="btn btn-primary">{{btndescription}}</button>
{{/actions}}
</div>
</div>
</div>
</div>

1
nationchains/www/adminapx/static/tpl/articleeditor_en.mustache Normal file
View File

@@ -0,0 +1 @@
<p>Set up editorjs here</p>

0
nationchains/www/adminapx/static/tpl/listofarticle_en.mustache → nationchains/www/adminapx/static/tpl/articleslist_en.mustache
View File

17
nationchains/www/adminapx/static/tpl/emailregisterhtml_en.mustache Normal file
View File

@@ -0,0 +1,17 @@
<h1>Your account is register</h1>
<p>Please find your confidential information in a safe space</p>
<p>Your alias: {{alias}}</p>
<p>Your passphrase: {{passphrase}}</p>
<p>Your public key that you can share with anyone:</p>
<textarea>{{pubk}}</textarea>
<p>Your private key that you keep secret and use to proove you own the public key:</p>
<textarea>{{privk}}</textarea>
{{#trustedtribe}}
<p>Thanks to trust us to keep your private key,
we'll be able to send back to this email address in case you need it</p>
{{/trustedtribe}}
{{^trustedtribe}}
<p>You decide to keep secret this private key,
Please save it in a safe place that noone else than you can access to proove you own it</p>
{{/trustedtribe}}
<p>Never share with someone else your privbatekey if someone can access, it will be possible to usurp your identity.</p>

17
nationchains/www/adminapx/static/tpl/emailregistertxt_en.mustache Normal file
View File

@@ -0,0 +1,17 @@
Your account is register \n\r
Please find your confidential information in a safe space\n\r
Your alias: {{alias}}\n\r
Your passphrase: {{passphrase}}\n\r
Your public key that you can share with anyone:\n\r
<textarea>{{pubk}}</textarea>
Your private key that you keep secret and use to proove you own the public key:\n\r
<textarea>{{privk}}</textarea>
{{#trustedtribe}}
Thanks to trust us to keep your private key,
we'll be able to send back to this email address in case you need it\n\r
{{/trustedtribe}}
{{^trustedtribe}}
You decide to keep secret this private key,
Please save it in a safe place that noone else than you can access to proove you own it\n\r
{{/trustedtribe}}
Never share with someone else your privbatekey if someone can access, it will be possible to usurp your identity.\n\r

34
nationchains/www/adminapx/static/tpl/nginx.conf.mustache Executable file
View File

@@ -0,0 +1,34 @@
user {{{sudoerUser}}};
worker_processes auto;
error_log {{{ }}}/var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
#include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '[$time_local]##"$http_x_forwarded_for"##"$request" '
'"$http_user_agent"';
log_format mainold '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
log_format trace '$remote_addr - $remote_user [$time_local] '
'$host "$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent" '
'"$http_x_forwarded_for" $request_id';
access_log /var/log/nginx/access.log main;
sendfile on;
keepalive_timeout 65;
gzip on;
##
# Virtual Host Configs
##
{{#nginx.include}}
include {{{.}}};
{{/nginx.include}}
}

49
nationchains/www/adminapx/static/tpl/nginxmodelwebsite.conf.mustache Executable file
View File

@@ -0,0 +1,49 @@
server {
server_name {{#dns}} {{.}} {{/dns}};
access_log {{{dirname}}}/{{{nginx.fswww}}}logs/nginx/{{{nginx.website}}}.{{{nginx.tribeid}}}.access.log main;
location ~* /nationchains/(schema|blocks|pagans|towns|nations)/ {
# Warning: never add tribes for keeping it private
root {{{dirname}}}/;
}
# /plugins/pluginame/components/xxx?plugin=pluginname&pluginkey=key
# acess if exist pluginkey
location /plugins/ {
add_header X-debug "plugins local $arg_plugin/keys/$arg_pluginkey sent";
root {{{dirname}}}/{{{nginx.fswww}}}/plugins/;
if (-f {{{dirname}}}/{{{nginx.fswww}}}/plugins/$arg_plugin/keys/$arg_pluginkey) {
rewrite /plugins/([^/]+)/components/([^\?]+) /$1/components/$2 break;
}
return 403 "No valid token access for plugin:$arg_plugin with token:$arg_pluginkey please ask your admin";
}
location /cdn/ {
rewrite /cdn/(.*$) /$1 break;
root {{{dirname}}}/{{{nginx.fswww}}}www/cdn/;
}
location /spacedev/ {
rewrite /spacedev/(.*$) /$1 break;
root {{{dirname}}}/{{{nginx.fswww}}}spacedev/{{{nginx.website}}}/dist/;
}
location /api/ {
rewrite /api/(.*$) /$1 break;
proxy_pass http://localhost:{{{api.port}}};
proxy_redirect off;
include proxy_params;
}
location / {
root {{{dirname}}}/{{{nginx.fswww}}}www/{{{nginx.website}}};
index index.html {{{nginx.pageindex}}};
}
error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/local/nginx/html;
}
}

11
nationchains/www/adminapx/static/tpl/nginxproxyparams.mustache Normal file
View File

@@ -0,0 +1,11 @@
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffers 32 4k;
proxy_set_header X-NginX-Proxy true;

173
nationchains/www/adminapx/static/tpl/pagancreate_en.mustache
View File

@@ -1,57 +1,130 @@
<div class="row">
<div class="col-sm-6" data-spacename="explain">
<div class="col-sm-6" data-spacename="explain">
<h2>How it works</h2>
<p> Alias is a unique string that humainly help to match a PublicKey to check existing alias</p>
<code>
GET /api/odmdb/idx/pagans/pagans_alias_all.json with a correct headers
RESULT
data:{alias:publicKey}
</code>
<p>
Run
</p>
<p class="small">
Mandatory: apixtrib header have to set with:<br>
* {xalias,xhash,xdays,xtribe,xlang,xapp}<br>
* xhash is a detached signature done with public and private key of message: 'alias_xdays' where xdays is a time
stamp
a xhash has an elapse of 24hours after it has to be recreate.<br>
</div>
<div class="col-sm-6" data-spacename="userinterface">
We need in local storage auth for this example {alias,passphrase,privatekey, publickey} to be able to create a
detached signature<br>
On the server side we check that signature xhash of alias_timestamp is valid with the public key
</p>
<p> Alias is a unique string that humainly help to find a PublicKey that is the real identity.
To get the list of existing alias</p>
<button type="button" class="btn btn-outline-success btn-sm"
onclick="app.runapirequest('modalinfo',{method:'GET',url:'nationchains/pagans/idx/alias_all.json'},{title:'Alias list',body:'',actions:[], classmodaldialog:'modal-xl'})">show
it</button>
</p>
<code>
GET nationchains/pagans/idx/alias_all.json -> data:{alias:{alias:publicKey}}
</code>
<p>To allow trustable Tribe to store the Private and Passphrase Key, you get from the townId_all.json key:tribes</p>
<button type="button" class="btn btn-outline-success btn-sm"
onclick="app.runapirequest('modalinfo',{method:'GET',url:'nationchains/towns/idx/townId_all.json'},{title:'Tribes list',body:'',actions:[], classmodaldialog:'modal-xl'})">show
it</button>
<code>
GET /nationchains/towns/idx/townId_all.json -> data:{townId:{tribes:[list of tribeId inside a town]}}
</code>
</div>
<div class="col-sm-6" data-spacename="userinterface">
<div class="row g-3">
<h3>A decentralized Identity</h3>
<p>apXtrib allow you to create keys to identify yourself with a universal alias</p>
<div class="col-md-6">
<label for="inputalias" class="form-label">Your alias</label>
<input type="text" class="form-control" id="inputalias" placeholder="A public alias that any one see">
</div>
<div class="col-md-6">
<label for="inputemailrecovery" class="form-label">Email Recovery</label>
<input type="email" class="form-control" id="inputemailrecovery" placeholder="optional, if you want to receive by mail your keys">
</div>
<div class="col-12">
<label for="inputpassphrase" class="form-label">A passphrase</label>
<input type="text" class="form-control" id="inputpassphrase" placeholder="optional, a passphrase to remember, each time something try to use your privateKey this passphrase will be requested">
</div>
<div class="col-12">
<button type="button" id="generatekeys" onclick="app.createIdentity(document.getElementById('inputalias').value,document.getElementById('inputpassphrase').value)" class="btn btn-primary">Generate keys</button>
</div>
<div class="col-12">
<div class="form-check">
<input class="form-check-input" type="checkbox" id="gridCheck">
<label class="form-check-label small" for="gridCheck">
<b>I trust smatchit to keep my private key and email </b><br>
<b>If i don't trust</b> please download your keys (be aware, none than you can have access to your cipher data).<br>
If you set a correct email then you will receive your keys on your mailbox (Carefull by sending email, smatchit and anyone that access to your email can see your keys).<br>
The safer to be sure no one else than your local browser can see it, just download localy and save it on a personnal cold support (usb key).<br>
If you use a browser that <b>can be accessible by someone else, don't forget to "logout"</b> to clean up any trace.<br>
If you have any suspicious please
</label>
<h3>Am i authenticated to api?</h3>
<button type="button" id="btntestauth" class="btn btn-outline-success btn-sm"
onclick="app.runapirequest('modalinfo',{method:'GET',url:'api/pagans/isauth'},{title:'Am i authenticated',body:'',actions:[], classmodaldialog:'modal-xl'})">
Test it</button>
<code>
GET 'api/pagans/isauth' -> status 200 : Well authenticated with alias, status 400: not authenticated
</code>
<hr>
<h3>Logout</h3>
<button type="button" class="btn btn-outline-success btn-sm"
onclick="delete apx.data.auth;apx.data.headers=apxlocal.headers;apx.save();alert('delete apx.data.auth and reinit apx.data.header')">
Remove headers</button>
<hr>
<h3>I proove that i own this alias</h3>
<div class="col-md-6">
<label for="inputaliasauth" class="form-label">Your alias</label>
<input type="text" class="form-control" id="inputaliasauth" placeholder="A public alias that any one see">
</div>
<div class="col-12">
<label for="inputpassphraseauth" class="form-label">A passphrase</label>
<input type="text" class="form-control" id="inputpassphraseauth"
placeholder="optional, a passphrase to remember, each time something try to use your privateKey this passphrase will be requested">
</div>
<textarea rows="5" id="privatekeyauth"></textarea>
<button class="btn btn-primary"
onclick="pagans.authentifyme(document.getElementById('inputaliasauth').value,document.getElementById('inputpassphraseauth').value,document.getElementById('privatekeyauth').value);document.getElementById('btntestauth').click()">I
am alias</button>
<hr>
<h3>Create a decentralized Identity</h3>
<p>apXtrib allow you to create keys to identify yourself with a universal alias</p>
<div class="col-md-6">
<label for="inputalias" class="form-label">Your alias</label>
<input type="text" class="form-control" id="inputalias" placeholder="A public alias that any one see">
</div>
<div class="col-md-6">
<label for="inputemailrecovery" class="form-label">Email Recovery</label>
<input type="email" class="form-control" id="inputemailrecovery"
placeholder="optional, if you want to receive by mail your keys">
</div>
<div class="col-12">
<label for="inputpassphrase" class="form-label">A passphrase</label>
<input type="text" class="form-control" id="inputpassphrase"
placeholder="optional, a passphrase to remember, each time something try to use your privateKey this passphrase will be requested">
</div>
<button type="button" id="generatekeys"
onclick="pagans.createIdentity(document.getElementById('inputalias').value,document.getElementById('inputpassphrase').value)"
class="btn btn-primary">Generate keys</button>
<div id="trustintribe" class="d-none">
<div class="mb-3 row">
<div class="col-12">
<div class="form-check">
<input class="form-check-input" type="checkbox" id="trustedcheck"
onclick="document.getElementById('selecttrusttribe').classList.toggle('d-none');">
<label class="form-check-label small" for="trustedcheck">
<b>I trust a tribe to keep my private key and email, doing this i automaticaly create a Person space in
tribe i trust. </b>
I understand that someone with tribe accessrights(druid) from this tribe can read my personnal data by
unciphering my
data.<br>
<b>If i don't trust</b> i understand that if i loose my privatekey i also loose my data.<br>
If you set a correct email then you will receive your keys on your mailbox, this email is not store if
you do not trust<br>
If you use a browser that <b>can be accessible by someone else, don't forget to "logout"</b> to clean up
any trace.<br>
<b>In any case please download your keys and move it on a usb key or/and print it</b><br>
</label>
</div>
</div>
<div id="selecttrusttribe" class="d-none">
<label for="selectnationid" class="col-12 col-form-label">If you want to trust in a Tribe to store your
private key, please chose a tribe which you trust in</label>
<div class="col-12">
<select class="form-select" id="trustedtribe" aria-label="" placeholder="A tribe to store my private key">
{{#tribes}}
<option {{#selected}}selected{{/selected}} value="{{tribeId}}">{{tribeId}}</option>
{{/tribes}}
</select>
<input class="d-none" id="inputtribeId" value="{{tribeId}}">
</div>
</div>
</div>
<div id="downloadkeys" class="btn-group d-none">
<p>Download your keys at least PrivateKey this have to save in a secret place</p>
<button id="privatekey" key="" class="btn btn-outline-primary" onclick="app.downloadlink('pagans.privateKey',apx.data,apx.data.headers.xapp);" >Download PrivateKey</button>
<button id="publickey" key="" class="btn btn-outline-primary" onclick="app.downloadlink('publicKey',this.getAttribute('key'),apx.data.headers.xapp);">Download PublicKey</button>
</div>
<div id="createId" class="col-12 d-none">
<button class="btn btn-primary" onclick="app.registerIdentity()">Create this identity</button>
</div>
</div>
<div id="downloadkeys" class="btn-group d-none">
<p>Download your keys at least PrivateKey this have to save in a secret place</p>
<button id="privatekey" key="" class="btn btn-outline-primary"
onclick="app.downloadlink('auth.privateKey',apx.data,apx.data.headers.xapp);">Download PrivateKey</button>
<button id="publickey" key="" class="btn btn-outline-primary"
onclick="app.downloadlink('auth.publicKey',this.getAttribute('key'),apx.data.headers.xapp);">Download
PublicKey</button>
</div>
<div id="createId" class="col-12 d-none">
<button class="btn btn-primary" onclick="pagans.registerIdentity();">Create
this identity</button>
</div>
</div>
</div>
</div>

0
nationchains/www/adminapx/static/tpl/loginout_en.mustache → nationchains/www/adminapx/static/tpl/paganloginout_en.mustache
View File

50
nationchains/www/adminapx/static/tpl/townsetup_en.mustache Normal file
View File

@@ -0,0 +1,50 @@
<div class="container">
<div class="row">
<h4> Setup a new town</h4>
<p>This form let you start joining a nation.</p>
<p>For dev you can stay like this and use http instead of https. To join a nation you need:</p>
<ul>
<li> Get a domain name register to a publicIP that route web traffic from 80 and 443 to this machine</li>
<li> Get a pagan identity and be authenticated <a onclick="app.load('apxmain','pagancreate',{})"> click here to create or authentify yoursefl</a>
<li> Synchronize the nations, to update your nationchains (carefful all your local stuff will be deleted)</li>
<li> Ready to your new mayor role of this town</li>
<li> Start saling your hosting</li>
</ul>
<div class="col-sm-2">
</div>
<div class="col-sm-10">
<div class="mb-3 row">
<label for="selectnationid" class="col-sm-6 col-form-label">Select the nation to join</label>
<div class="col-sm-6">
<select class="form-select" data-nationId="{{nationId}}" aria-label="" placeholder="A nation">
{{#nations}}
<option {{#selected}}selected{{/selected}} value="{{nationId}}">{{nationId}}</option>
{{/nations}}
</select>
<input class="d-none" id="inputnationId" value="{{nationId}}">
</div>
</div>
<div class="mb-3 row">
<label for="inputtownid" class="col-sm-6 col-form-label">Your Town</label>
<div class="col-sm-6">
<input type="text" value="{{townId}}" class="form-control" id="inputtownid">
</div>
</div>
<div class="mb-3 row">
<label for="inputtribeid" class="col-sm-6 col-form-label">Your Tribes</label>
<div class="col-sm-6">
<input type="text" value="{{tribeId}}" class="form-control" id="inputreibeid">
</div>
</div>
<div class="mb-3 row">
<label for="inputdnstown" class="col-sm-6 col-form-label">Domain name of your town (to access this app from the web)</label>
<div class="col-sm-6">
<input type="text" value="{{dns}}" class="form-control" id="inputdnstown">
</div>
</div>
<div class="col-auto">
<button onclick="setup.lauchtown(document.getElementById('inputnationId').value, document.getElementById('inputtownId').value,document.getElementById('inputdns').value)" class="btn btn-primary mb-3">Launch this town</button>
</div>
</div>
</div>
</div>