Generate client-side webpages that serve password-protected redirects.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
This repo is archived. You can view files and clone it, but cannot push or open issues/pull-requests.
zce 898794ffed Time to archive this project. 2 months ago
build/lib/passgate 0.2.1: Minified, various improvements, fixed long description in setup.py 6 months ago
passgate 0.2.1: Minified, various improvements, fixed long description in setup.py 6 months ago
.gitignore 0.2.1: Minified, various improvements, fixed long description in setup.py 6 months ago
LICENSE 0.2.1: Minified, various improvements, fixed long description in setup.py 6 months ago
README.adoc Time to archive this project. 2 months ago
setup.py 0.2.1: Minified, various improvements, fixed long description in setup.py 6 months ago

README.adoc

Passgate is no longer maintained.

Passgate is a simple Python script to create no-nonsense client-side web pages that supply a password-protected redirect.

The web pages are 100% client side, no server-side logic required. The redirect is encrypted, and the password is used to decrypt the redirect on the client-side (see Encryption Details below for information).

The web pages will only work on web browsers that implement the TextEncoder/TextDecoder APIs and the Web Cryptography API, which is practically all major web browsers.

DISCLAIMER: I am not a cybersecurity expert. However, this program is extremely simple and isn’t super complicated at all.

Installation

git clone https://tildegit.org/zce/passgate
cd passgate
pip install -e .

Passgate used to be on PyPI, but it has since been taken down.

How to use

Passgate outputs an HTML file that contains a partly hand-minified script.

To run Passgate, run:

passgate -u <url> -p <password> -o <output file>

Where: * <url> is the redirect URL to serve. * <password> is the password to use for the encryption. * <output file> is the path to output the HTML file.

NOTE: URL should contain a URL scheme prefix such as "https://". Otherwise, the redirect will become a relative redirect to the path of the page, which is usually not desirable.

Alternatively, the help page for Passgate can be outputted by running:

passgate --help

An alternative way to access Passgate is to run it as a Python module:

python3 -m passgate ...

Encryption details

The redirect is encrypted with AES-GCM, using a 128-bit key derived from the password using PBKDF2 at 100,000 iterations with a salt.

License

This project is licensed under the MIT License. See the LICENSE file for details.

TODO

  • Clean up the code a little bit