Merge pull request #29 from nexus-uw/share_target

share target

- moved service worker script to root dir so that fetch events would be caught
- lazily copied page code into sw
- imp note saved page

Author: nexus-uw

.gitignore

@@ -3,6 +3,7 @@
 node_modules
 public/*
 main
-assets
+assets/*
+!assets/manifest.json
 database
 mokintoken

assets/manifest.json

@@ -0,0 +1,19 @@
+{
+  "name": "mokintoken",
+  "icons": [],
+  "start_url": "/",
+  "display": "standalone",
+  "theme_color": "#000000",
+  "background_color": "#ffffff",
+  "serviceworker": {
+    "src": "/service-worker.js"
+  },
+  "share_target": {
+    "action": "/share-target/",
+    "method": "POST",
+    "enctype": "multipart/form-data",
+    "params": {
+      "text": "text"
+    }
+  }
+}

mokintoken.go

@@ -235,6 +235,12 @@ func cleanUpDb(db *sql.DB) {
 	}
 }
 
+func serveSingle(pattern string, filename string) {
+    http.HandleFunc(pattern, func(w http.ResponseWriter, r *http.Request) {
+        http.ServeFile(w, r, filename)
+    })
+}
+
 func main() {
 
 	db, err := sql.Open("sqlite3", "./database/mokintoken.sqlite")
@@ -249,12 +255,16 @@ func main() {
 
 	http.HandleFunc("/", userViews("home"))
 	http.HandleFunc("/about", userViews("about"))
+	http.HandleFunc("/noteSaved", userViews("noteSaved"))
 	http.HandleFunc("/decrypt/", decryptHandler(db))
 	http.HandleFunc("/api/save-note", saveNoteHandler(db))
 	http.HandleFunc("/ping", ping(db))
 	// this should be handled by a cdn
 	http.Handle("/assets/", http.StripPrefix("/assets/", http.FileServer(http.Dir("assets"))))
 
+  serveSingle("/service-worker.js", "./assets/service-worker.js")
+
+
 	port := os.Getenv("PORT")
 	if port == "" {
 		port = "8080"

package.json

@@ -9,7 +9,7 @@
   },
   "scripts": {
     "test": "echo \"Error: no test specified\" && exit 1",
-    "build": "rollup --config && cp node_modules/tachyons/css/tachyons.min.css assets",
+    "build": "rollup --config && rollup --config rollup-serviceworker.config.js && cp node_modules/tachyons/css/tachyons.min.css assets",
     "dev": "rollup --config -w"
   },
   "author": "",

resources/js/index.js

@@ -8,5 +8,33 @@ async function main() {
     const { Decrypt } = await import('./decrypt')
     new Decrypt()
   }
+
+  if (location.pathname.startsWith('/noteSaved')) {
+    const { NoteSaved } = await import('./noteSaved')
+    new NoteSaved()
+  }
 }
 main()
+
+const registerServiceWorker = async () => {
+  if ("serviceWorker" in navigator) {
+    try {
+      const registration = await navigator.serviceWorker.register("/service-worker.js", {
+        scope: "/",
+      })
+      if (registration.installing) {
+        console.log("Service worker installing")
+      } else if (registration.waiting) {
+        console.log("Service worker installed")
+      } else if (registration.active) {
+        console.log("Service worker active")
+      }
+    } catch (error) {
+      console.error(`Registration failed with ${error}`)
+    }
+  }
+}
+if (window.matchMedia('(display-mode: standalone)').matches) {
+  registerServiceWorker()
+}
+

resources/js/noteSaved.js

@@ -0,0 +1,21 @@
+import QRCode from 'qrcode'
+
+
+export class NoteSaved {
+
+  constructor() {
+    const hash = window.location.hash.slice(1)
+    const id = new URLSearchParams(window.location.search).get('id')
+
+    const clearnetShareLink = `${document.querySelector('meta[name="clearnet"]').getAttribute('content')}/decrypt/${id}#${hash}`
+    document.getElementById('clearnetShareLink').href = clearnetShareLink
+
+    const dakrnetShareLink = `${document.querySelector('meta[name="darknet"]').getAttribute('content')}/decrypt/${id}#${hash}`
+    document.getElementById('dakrnetShareLink').href = dakrnetShareLink
+
+    Promise.all([
+      QRCode.toCanvas(document.getElementById('clearnetShareQR'), clearnetShareLink),
+      QRCode.toCanvas(document.getElementById('darknetShareQR'), dakrnetShareLink)
+    ])
+  }
+}

resources/js/service-worker.js

@@ -0,0 +1,66 @@
+import nacl from 'tweetnacl'
+import naclUutil from 'tweetnacl-util'
+import { Base64 } from 'js-base64'
+
+console.log("ass " + nacl + naclUutil + Base64)
+// https://stackoverflow.com/questions/51562781/service-worker-fetch-event-is-not-firing
+self.addEventListener('activate', function (event) {
+  console.log('Claiming control')
+  return self.clients.claim()
+})
+self.addEventListener("fetch", (event) => {
+
+  // Regular requests not related to Web Share Target.
+  if (event.request.method !== "POST" || new URL(event.request.url).pathname != "/share-target/") {
+    event.respondWith(fetch(event.request))
+    return
+  }
+
+  // Requests related to Web Share Target.
+  event.respondWith(
+    (async () => {
+
+      const formData = await event.request.formData()
+      const nonce = nacl.randomBytes(nacl.secretbox.nonceLength)
+      const key = nacl.randomBytes(nacl.secretbox.keyLength)
+      // encrypt note or image
+      // send to fetch api
+      const imgBase64 = null // todo - base64
+      const f = await fetch('/api/save-note', {
+        method: 'POST',
+        headers: {
+          'Content-Type': 'application/json'
+        },
+        body: JSON.stringify({
+          encryptedText: naclUutil.encodeBase64(
+            nacl.secretbox(
+              naclUutil.decodeUTF8(formData.get('text')),
+              nonce,
+              key
+            )
+          ),
+          encryptedImg: imgBase64 != null ? naclUutil.encodeBase64(
+            nacl.secretbox(
+              naclUutil.decodeUTF8(imgBase64),
+              nonce,
+              key
+            )
+          ) : null,
+          // code is hard
+          expiresHours: "4",
+          expiresViews: "1"
+        })
+      })
+      const { id } = await f.json()
+
+      const hash = Base64.encode(
+        JSON.stringify({
+          nonce: naclUutil.encodeBase64(nonce),
+          key: naclUutil.encodeBase64(key)
+        })
+      )
+      // respond with saved note page
+      return Response.redirect(`/noteSaved?id=${id}#${hash}`, 303)
+    })(),
+  )
+})

resources/js/welcome.js

@@ -17,7 +17,7 @@ async function getImgBase64(ele) {
 
 export class Welcome {
   loadNonceAndKey() {
-    window.location.hash = '' // clear out old key
+    //window.location.hash = '' // clear out old key
     // always generate new nonce
     const nonce = nacl.randomBytes(nacl.secretbox.nonceLength)
     const key = nacl.randomBytes(nacl.secretbox.keyLength)
@@ -38,7 +38,7 @@ export class Welcome {
       try {
 
         const imgBase64 = await getImgBase64(document.getElementById('img'))
-
+        // maybe refactor this with service worker code
         const f = await fetch('/api/save-note', {
           method: 'POST',
           headers: {

rollup-serviceworker.config.js

@@ -0,0 +1,19 @@
+import commonjs from '@rollup/plugin-commonjs'
+import resolve from '@rollup/plugin-node-resolve'
+import builtins from 'rollup-plugin-node-builtins'
+import globals from 'rollup-plugin-node-globals'
+module.exports = {
+  input: 'resources/js/service-worker.js',
+  output: {
+    dir: 'assets'
+  },
+  plugins: [
+    commonjs(),
+    resolve({
+      browser: true,
+      preferBuiltins: false
+    }),
+    builtins(),
+    globals()
+  ]
+}

views/noteSaved.html

@@ -0,0 +1,15 @@
+{{define "content"}}
+
+<main>
+  <div id="" class="tc">
+    <h1>note successfully encrypted and ready to share</h1>
+    <h4>either share <a id="clearnetShareLink" target="_blank" style="margin-right: 7px;">this link</a></h4>
+    <div class="db"> <canvas id="clearnetShareQR" style="display:block; margin: auto;"></canvas></div>
+    <h5>or this QR code</h5>
+    <hr />
+    <h4>For hidden service access <a id="dakrnetShareLink" target="_blank" style="margin-right: 7px;">link</a></h4>
+    <div class="db"> <canvas id="darknetShareQR" style="display:block; margin: auto;"></canvas></div>
+
+  </div>
+</main>
+{{end}}