anders-pub/markdown-hub
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
18 Commits 1 Branch 0 Tags
68eaee0b9f7ea43631db393de77b370dae1ba14e
Commit Graph

18 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
anders 68eaee0b9f Complete TODO items: security, features, polish 
Security:
- Encrypt Gitea tokens at rest (AES-256-GCM with MH_SECRET)
- Secure cookie flag when behind HTTPS (X-Forwarded-Proto)
- Password complexity (min 8 chars)
- TOTP: defer persist until verified (totp_pending column)
- Audit log table + logging on login/rename/password change

Features:
- Rename files/folders (double-click in tree, /api/files/rename)
- beforeunload warning for unsaved changes
- Mobile hamburger menu
- PWA icons (192px, 512px)
- Max file size enforcement (10MB)
- Shared file read access (cross-user with permission check)

Polish:
- Toast notifications replace all alert() calls
- Keyboard shortcut help overlay (Ctrl+/)
- File rename via double-click in FileTree
 2026-05-26 23:51:02 +02:00
anders f60d223c06 Add About page 2026-05-26 23:42:23 +02:00
anders 7b8f9e3050 Add logout button 2026-05-26 23:06:08 +02:00
anders f4000cc675 Add TODO.md with remaining tasks 2026-05-26 22:53:26 +02:00
anders 4f3113199b Security hardening 
- JWT: validate signing algorithm (prevent alg confusion)
- Login: rate limiting (10 attempts per 5 min per IP)
- Request body: 10MB size limit (prevent DoS)
- WebSocket: require JWT auth (token query param or cookie)
- Daemon endpoints: require admin role (not just any user)
- io.LimitReader on all request body decoding
 2026-05-26 22:51:33 +02:00
anders 2de92b0375 Add INSTALL.md with deployment guide 2026-05-26 22:30:31 +02:00
anders 55a9ae816f Add change password (Preferences > Change Password) 2026-05-25 08:44:15 +02:00
anders ed4d0b261f Real-time collaboration (Yjs + WebSocket) 
- Go WebSocket hub: rooms per document, broadcast updates, persist state
- Yjs integration: connect/disconnect, sync document state
- Collab toggle button in toolbar (Solo/Live)
- When Live: edits broadcast to all connected users in real-time
- Yjs state persisted to SQLite (survives server restart)
- gorilla/websocket dependency added
 2026-05-22 23:49:12 +02:00
anders 1a77d068a7 PWA offline support + client-side encryption 
- Service worker: caches app shell, network-first for HTML
- manifest.json for installable PWA
- IndexedDB: cache files locally, queue pending saves
- Offline fallback: open cached files when server unreachable
- Sync pending changes on reconnect (online event)
- Client-side AES-256-GCM encryption lib (PBKDF2 key derivation)
- Ready for Private Vault feature
 2026-05-22 23:36:06 +02:00
anders 35bf1164ee Fix .gitignore: track cmd/ directories, add mdsync + server source 2026-05-22 23:26:08 +02:00
anders 62ab0fb796 CLI tool (mdsync), 2FA setup UI, git remotes UI 
- mdsync: login, pull, push, status, list, flag commands
- Preferences: 2FA enable/disable with TOTP code verification
- Preferences: git remotes add/list, push/pull buttons
- Load remotes on login
 2026-05-22 23:25:29 +02:00
anders 1433890a4c Add trash: deleted files go to trash, restore or empty 2026-05-22 21:12:29 +02:00
anders 88eebf6944 Drag and drop files between folders 2026-05-22 20:08:09 +02:00
anders a3e4a08281 Allow saving without file open (Save as... prompt) 2026-05-22 20:05:21 +02:00
anders 73144d4ef1 Wire up frontend: git status, history, sharing, AI verify 
- Git sync button (green/red indicator) in toolbar
- History panel: view commits, click to restore
- Share dialog: share files with other users by username
- AI Verify button: sends spec to LiteLLM for review
- AI response panel with rendered markdown
- Auto-refresh git status on file open/save
- Watch for history panel open to load commits
 2026-05-22 20:02:31 +02:00
anders 60a83d90dd Update README with full documentation 2026-05-22 19:57:20 +02:00
anders 4df87cbf9a Phase 2-6: Git sync, sharing, 2FA, AI integration 
- Git: init, commit, log, diff, restore, remotes, push/pull
- Auto-commit on every file save
- Sharing: share/unshare files with other users (ro/rw)
- Shared documents view in sidebar
- 2FA: TOTP setup/verify/disable, enforced at login
- AI: verify spec endpoint (LiteLLM), generate (summarize/prompt/expand)
- Light/dark theme with CSS variables
- File delete (recursive for folders)
- Admin panel + preferences panel
- File creation timestamp display
 2026-05-22 19:53:24 +02:00
anders 0c1047d390 Initial commit: Phase 1+2 prototype 
- Go backend with SQLite, JWT auth, file CRUD
- Vue 3 frontend with split/raw/WYSIWYG editor modes
- Markdown preview (marked, GFM)
- Formatting toolbar + keyboard shortcuts
- File tree with search, create, delete
- Light/dark theme toggle
- Admin panel (user management)
- Preferences (timezone, theme, default mode)
- Shared documents section (placeholder)
- Export: PDF, HTML, MD
- Build daemon (Python, stdlib only)
- Build job queue API
- Docker deployment
 2026-05-22 19:48:48 +02:00