One-Time-Secret sharing platform with a symmetric 256bit AES encryption in the browser
Find a file
2020-01-26 16:54:37 +01:00
frontend Fix: Update assets to include FR translation 2019-07-20 14:31:08 +02:00
src npm audit fix 2019-12-28 21:27:06 +01:00
.dockerignore Add minimal Dockerfile without alpine base 2019-08-03 20:22:40 +02:00
.gitignore Auto-resize textareas, use babel to transpile JS 2018-08-22 21:08:48 +02:00
.repo-runner.yaml CI: Update build image 2019-05-13 00:15:45 +02:00
api.go Handle json requests to create API 2019-05-10 23:00:08 +02:00
assets.go Fix: Update assets to include FR translation 2019-07-20 14:31:08 +02:00
CONTRIBUTING.md Initial API 2017-08-03 14:13:53 +02:00
Dockerfile Update Dockerfiles 2020-01-24 16:17:09 +01:00
Dockerfile.minimal Update Dockerfiles 2020-01-24 16:17:09 +01:00
go.mod Switch to Go 1.11+ modules 2020-01-24 16:15:17 +01:00
go.sum Switch to Go 1.11+ modules 2020-01-24 16:15:17 +01:00
History.md prepare release v0.17.1 2020-01-26 16:54:37 +01:00
LICENSE Fix LICENSE file 2018-05-05 18:10:10 +02:00
main.go Switch to Go 1.11+ modules 2020-01-24 16:15:17 +01:00
Makefile UX: Auto-select secret URL after creation 2019-07-14 18:20:16 +02:00
README.md [#12] Add lazy-expiry to mem-storage, unify envvars 2020-01-24 16:33:14 +01:00
storage.go Initial API 2017-08-03 14:13:53 +02:00
storage_mem.go [#13] Fix: Secrets in MEM store were instantly expired 2020-01-26 16:53:34 +01:00
storage_redis.go [#12] Add lazy-expiry to mem-storage, unify envvars 2020-01-24 16:33:14 +01:00
tplFuncs.go Generate SRI integrity hashes into html 2018-05-05 19:08:02 +02:00

Go Report Card

Luzifer / OTS

ots is a one-time-secret sharing platform. The secret is encrypted with a symmetric 256bit AES encryption in the browser before being sent to the server. Afterwards an URL containing the ID of the secret and the password is generated. The password is never sent to the server so the server will never be able to decrypt the secrets it delivers with a reasonable effort. Also the secret is immediately deleted on the first read.

Features

  • AES 256bit encryption
  • Server does never get the password
  • Secret is deleted on first read

Setup

For a better setup you can choose the backend which is used to store the secrets:

  • mem - In memory storage (wiped on restart of the daemon)
    • SECRET_EXPIRY - Expiry of the keys in seconds (Default 0 = no expiry)
  • redis - Storing the secrets in a hash under one key
    • REDIS_URL - Redis connection string tcp://auth:PWD@HOST:PORT/DB
    • REDIS_KEY - Key prefix to store the keys under (Default io.luzifer.ots)
    • SECRET_EXPIRY - Expiry of the keys in seconds (Default 0 = no expiry)

Localize to your own language

If you want to help translating the application to your own language please download the en.json file from this repository and translate the strings inside. Afterwards please open an issue and attach your translation including the information which language you translated the strings into.

Of course you also could open a pull-request to add the new file to the src/langs folder. In this case please also edit the langs.js file and add your translation.

Same goes with when you're finding translation errors: Just open an issue and let me know!