No description
Find a file
Yongwen Xu 8360cf4498 Merge pull request #8 from samueldg/feature/dockerized_app
looks good. agree that the redis is better separated from snappass's dockerfile. Thanks for the dockerizing snappass.
2016-07-18 15:39:02 -07:00
snappass Refactor _id() function to be inline 2016-07-18 13:35:57 -07:00
.bumpversion.cfg Prepare snappass for distribution. 2013-10-05 23:10:50 -07:00
.dockerignore Add Dockerfile/.dockerignore files 2016-07-18 17:37:54 -04:00
.gitignore Add virtualenv env/ to gitignore 2016-07-18 11:53:29 -07:00
.travis.yml Prepare snappass for distribution. 2013-10-05 23:10:50 -07:00
__init__.py Privatley share passwords using redis 2013-10-05 23:01:10 -07:00
AUTHORS.rst Prepare snappass for distribution. 2013-10-05 23:10:50 -07:00
CONTRIBUTING.rst Prepare snappass for distribution. 2013-10-05 23:10:50 -07:00
docker-compose.yml Add compose file for easy setup 2016-07-18 17:37:54 -04:00
Dockerfile Add Dockerfile/.dockerignore files 2016-07-18 17:37:54 -04:00
LICENSE Prepare snappass for distribution. 2013-10-05 23:10:50 -07:00
MANIFEST.in Prepare snappass for distribution. 2013-10-05 23:10:50 -07:00
README.rst Document Docker setup steps 2016-07-18 17:37:54 -04:00
requirements.txt Prepare snappass for distribution. 2013-10-05 23:10:50 -07:00
setup.py Ensure the egg is a directory, not a zip 2016-07-18 17:37:54 -04:00
tests.py Fix tests 2016-07-18 13:36:06 -07:00
tox.ini Prepare snappass for distribution. 2013-10-05 23:10:50 -07:00

========
SnapPass
========

.. image:: https://travis-ci.org/pinterest/snappass.png


It's like SnapChat... for Passwords.

This is a webapp that lets you share passwords securely.

Let's say you have a password.  You want to give it to your coworker, Jane.
You could email it to her, but then it's in her email, which might be backed up,
and probably is in some storage device controlled by the NSA.

You could send it to her over chat, but chances are Jane logs all her messages
because she uses Google Talk, and Google Talk logs everything.

You could write it down, but you can't find a pen, and there's way too many
characters because your Security Person, Paul, is paranoid.

So we build SnapPass.  It's not that complicated, it does one thing.  If
Jane gets a link to the password and never looks at it, the password goes away.
If the NSA gets a hold of the link, and they look at the password... well they
have the password.  Also, Jane can't get the password, but now Jane knows that
not only is someone looking in her email, they are clicking on links.

Anyway, this took us very little time to write, but we figure we'd save you the
trouble of writing it yourself, because maybe you are busy and have other things
to do.  Enjoy.

Requirements
------------

* Redis.
* Python 2.6, 2.7 or 3.3.

Installation
------------

::

    $ pip install snappass
    $ snappass
    * Running on http://0.0.0.0:5000/
    * Restarting with reloader

Configuration
-------------

You can configure the following via environment variables.

`SECRET_KEY` this should be a unique key that's used to sign key.  This should
be kept secret.  See the `Flask Documentation`_ for more information.

.. _Flask Documentation: http://flask.pocoo.org/docs/quickstart/#sessions

`STATIC_URL` this should be the location of your static assets.  You might not
need to change this.

`NO_SSL` if you are not using SSL.

Docker
------

Alternatively, you can use `Docker`_ to install and run SnapPass:
.. _Docker: https://www.docker.com/

::

    $ docker build -t snappass .
    $ docker-compose up -d

This will pull all dependencies, i.e. Redis and appropriate Python version.