piggybank

command module

v0.0.5 Latest Latest Go to latest Published: Aug 4, 2020 License: Apache-2.0 Imports: 1 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/hooksie1/piggybank

README ¶

Piggy Bank

Piggy Bank is a simple password manager for teams using boltDB as a backend.

Currently only basic auth is supported.

Initialization

Send a POST request to /init/initialize and Piggy Bank will return the master decryption key and a manager password.

NOTE: The decryption key is only available one time. If you lose it all data is lost.

Unlocking

To unlock the database, send a POST request to /init/unlock with the master key in the body:

{
    "master_password": "password from initialization"
}

Anytime the application is stopped, you will need to unlock the database again after start up. The key is only stored in memory.

Adding Users

Users can be added without decrypting the database. Send a POST request to /api/users/{userName} to create a user with that username.

NOTE: You must use the manager account to create users. The manager account is the ONLY account able to create users.

Adding Credentials

Secrets can be added by sending a POST request to /api/password with the secret's details in the body:

{
    "application": "appA",
    "username": "testuser",
    "password": "this is the password"
}

Multiple username/password pairs can be added to a single application. Currently, to override a secret just send another POST request with the change.

NOTE: Only users created by the manager account can create or retrieve secrets. The manager account CANNOT add or retrieve secrets.

Retrieving Credentials

Secrets can be retrieved by sending a GET request to /api/password and appending the app details in a query string:

/api/password?application=appA&username=testuser

Backing Up The Database

You can back up the database in two ways. You can either specify a local backup which will back up in the same area that Piggy Bank is running, or you can backup over HTTP to your local system. You can define this with a query string on a POST request to /api/backup:

/api/backup?type=local

/api/backup?type=http

An example with cURL for the http version: curl -X POST -u 'manager:manager_pass' server:8080/api/backup?type=http > db-backup.db

NOTE: The manager account is the ONLY account that can backup the database. The database is also encrypted, so you will still need the encryption key to decrypt.

Contributing

This project includes a Dockerfile for working with VSCode. Ensure you have the Remote Containers extension installed and Docker installed. VSCode will let you open the project in a container and have dependencies set up for you (including Go itself).

I suck at development. This code is ugly, and probably bad. If you see something that needs fixed please at least open and issue and let me know. This is more of a learning experience for me.

Documentation ¶

Overview ¶

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
cmd
server

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL