This is a 100% Golang implementation of the Standard Notes protocol. It aims to be portable and lightweight.
You can run your own Standard File server, and use it with any SF compatible client (like Standard Notes). This allows you to have 100% control of your data. This server implementation is built with Go and can be deployed in seconds:
git clone https://github.com/Crusader99/standardnote-server.git
cd standardnote-server
docker compose up
Running without docker-compose is also possible
docker run -p 5000:5000 -v $(pwd)/db:/etc/standardfile/database:z -v $(pwd)/standardfile.yml:/etc/standardfile/standardfile.yml:z -it crusaders/standardnote-server
- 2FA (aka
verify_mfa
) implemented using OTP-Library:
Requires enable_subscriptions=true in configuration file.
-
Experimental support for encrypted file upload/download: Current state is tracked in #93
-
Images are provided on DockerHub (including an aarch64 image for Raspberry Pi)
These features will be merged in mdouchement's repository when pull requests accepted.
Drop the POST request done on Extensions (backups too)
This feature is pretty undocumented and I feel uncomfortable about the outgoing traffic from my server on unknown URLs.
Drop V1 support
All stuff used in v1 and not in v2 nor v3
JWT revocation strategy after password update
Reference implementation use a pw_hash claim to check if the user has changed their pw and thus forbid them from access if they have an old jwt.
Here we will revoke JWT based on its
iat
claim andUser.PasswordUpdatedAt
field. Looks more safer than publicly expose any sort of password stuff. Seeinternal/server/middlewares/current_user.go
Session use PASETO tokens instead of random tokens
Here we will be using PASETO to strengthen authentication to ensure that the tokens are issued by the server.
All PRs are welcome.
- Fork it
- Create your feature branch (git checkout -b my-new-feature)
- Commit your changes (git commit -am 'Add some feature')
- Push to the branch (git push origin my-new-feature)
- Create new Pull Request
This project is licensed under the MIT license.