Skip to content

Latest commit

 

History

History
104 lines (65 loc) · 3.83 KB

README.md

File metadata and controls

104 lines (65 loc) · 3.83 KB

Lightweight StandardNotes Server

Docker Pulls GoDoc Go Report Card License

This is a 100% Golang implementation of the Standard Notes protocol. It aims to be portable and lightweight.

Running your own server

You can run your own Standard File server, and use it with any SF compatible client (like Standard Notes). This allows you to have 100% control of your data. This server implementation is built with Go and can be deployed in seconds:

  • git clone https://github.com/Crusader99/standardnote-server.git
  • cd standardnote-server
  • docker compose up
Running without docker-compose is also possible

docker run -p 5000:5000 -v $(pwd)/db:/etc/standardfile/database:z -v $(pwd)/standardfile.yml:/etc/standardfile/standardfile.yml:z -it crusaders/standardnote-server

Technologies / Frameworks

Differences to repository from mdouchement

Requires enable_subscriptions=true in configuration file.
  • Experimental support for encrypted file upload/download: Current state is tracked in #93

  • Images are provided on DockerHub (including an aarch64 image for Raspberry Pi)

These features will be merged in mdouchement's repository when pull requests accepted.

Differences from reference implementation

Drop the POST request done on Extensions (backups too)

This feature is pretty undocumented and I feel uncomfortable about the outgoing traffic from my server on unknown URLs.

Drop V1 support

All stuff used in v1 and not in v2 nor v3

JWT revocation strategy after password update

Reference implementation use a pw_hash claim to check if the user has changed their pw and thus forbid them from access if they have an old jwt.


Here we will revoke JWT based on its iat claim and User.PasswordUpdatedAt field. Looks more safer than publicly expose any sort of password stuff. See internal/server/middlewares/current_user.go

Session use PASETO tokens instead of random tokens

Here we will be using PASETO to strengthen authentication to ensure that the tokens are issued by the server.

Not working yet

Contributing

All PRs are welcome.

  1. Fork it
  2. Create your feature branch (git checkout -b my-new-feature)
  3. Commit your changes (git commit -am 'Add some feature')
  4. Push to the branch (git push origin my-new-feature)
  5. Create new Pull Request

License

This project is licensed under the MIT license.