This is a 100% Golang implementation of the Standard File protocol. It aims to be portable and lightweight.
You can run your own Standard File server, and use it with any SF compatible client (like Standard Notes). This allows you to have 100% control of your data. This server implementation is built with Go and can be deployed in seconds.
https://hub.docker.com/r/mdouchement/standardfile
Go to pgk/libsf for more details.
https://godoc.org/github.com/mdouchement/standardfile/pkg/libsf
It is an alternative to https://github.com/jonhadfield/gosn
go run cmd/sfc/main.go -hTerminal UI client:
- Golang 1.11.x (Go Modules)
Drop legacy support for clients which hardcoded the "api" path to the base url (iOS)
Drop the POST request done on Extensions (backups too)
This feature is pretty undocumented and I feel uncomfortable about the outgoing traffic from my server on unknown URLs.
Drop V1 support
JWT revocation strategy after password update
Reference implementation use a pw_hash claim to check if the user has changed their pw and thus forbid them from access if they have an old jwt.
Here we will revoke JWT based on its
iatclaim andUser.PasswordUpdatedAtfield. Looks more safer than publicly expose any sort of password stuff. Seeinternal/server/middlewares/current_user.go
Session use PASETO tokens instead of random tokens
Here we will be using PASETO to strengthen authentication to ensure that the tokens are issued by the server.
- 2FA (aka
verify_mfa) - Postgres if a more stronger database is needed
- A console for admin usage
MIT
All PRs are welcome.
- Fork it
- Create your feature branch (git checkout -b my-new-feature)
- Commit your changes (git commit -am 'Add some feature')
- Push to the branch (git push origin my-new-feature)
- Create new Pull Request