Clean workspace

In order to be able to continue the development I need to clean the workspace.
lesspass-move, lesspass-snap and lesspass-cozy are removed.
lesspass-mobile will replace lesspass-cordova with a new react native implementation.
lesspass-core is now splited into specific repo (entropy, fingerprint and render-password)
The workspace use lerna now to manage the mono repo more efficiently.
lesspass-profiles is a new container available only in a pro version.

.gitignore

@@ -0,0 +1,6 @@
+# python
+__pycache__/
+*.py[cod]
+# javascript
+node_modules
+package-lock.json

.travis.yml

@@ -0,0 +1,9 @@
+dist: trusty
+language: node_js
+node_js:
+  - 10
+  - 8
+addons:
+  chrome: stable
+before_install:
+  - google-chrome-stable --headless --disable-gpu --remote-debugging-port=9222 http://localhost &

README.md

@@ -15,45 +15,6 @@ LessPass open source password manager (https://lesspass.com)
 
  * :fr: [Présentation de LessPass](https://www.youtube.com/watch?v=YbaRCHXk8Jo)
 
-## Self Host your LessPass Database
-
-### requirements 
-
- * `docker`
- * `docker-compose`
-
-### install 
-
-simply run 
-
-    bash <(curl -s https://raw.githubusercontent.com/lesspass/lesspass/master/lesspass.sh) [DOMAIN] [EMAIL]
-
-`[DOMAIN]` and `[EMAIL]` are used to generate a LetsEncrypt certificate and configure LessPass.
-
-### create super user
-
-Go into the backend container and create a super user
-
-```
-docker exec -it lesspass_backend_1 sh
-python manage.py createsuperuser
-```
-
-Now you can access and manage users and password profiles on `https://[DOMAIN]/admin`
-
-
-### configure email
-
-You can edit `.env` file to use your own email server (in order to reset the password for example)
-
-```
-DEFAULT_FROM_EMAIL="LessPass" <admin@example.org>
-EMAIL_HOST=...
-EMAIL_HOST_USER=...
-EMAIL_HOST_PASSWORD=...
-EMAIL_PORT=...
-EMAIL_USE_TLS=1
-```
 
 ## License
 

TODO.md

@@ -0,0 +1,2 @@
+ * npm deprecate lesspass-cli "WARNING: lesspass-cli has been replace by lesspass. install it with npm install lesspass"
+ * npm deprecate lesspass-master-password "WARNING: lesspass-master-password has been replace by lesspass-fingerprint. install it with npm install lesspass-fingerprint"

backend/.gitignore

@@ -1,94 +0,0 @@
-# Created by .ignore support plugin (hsz.mobi)
-### Python template
-# Byte-compiled / optimized / DLL files
-__pycache__/
-*.py[cod]
-*$py.class
-
-# C extensions
-*.so
-
-# Distribution / packaging
-.Python
-env/
-build/
-develop-eggs/
-dist/
-downloads/
-eggs/
-.eggs/
-lib/
-lib64/
-parts/
-sdist/
-var/
-*.egg-info/
-.installed.cfg
-*.egg
-
-# PyInstaller
-#  Usually these files are written by a python script from a template
-#  before PyInstaller builds the exe, so as to inject date/other infos into it.
-*.manifest
-*.spec
-
-# Installer logs
-pip-log.txt
-pip-delete-this-directory.txt
-
-# Unit test / coverage reports
-htmlcov/
-.tox/
-.coverage
-.coverage.*
-.cache
-nosetests.xml
-coverage.xml
-*,cover
-.hypothesis/
-
-# Translations
-*.mo
-*.pot
-
-# Django stuff:
-*.log
-local_settings.py
-
-# Flask stuff:
-instance/
-.webassets-cache
-
-# Scrapy stuff:
-.scrapy
-
-# Sphinx documentation
-docs/_build/
-
-# PyBuilder
-target/
-
-# IPython Notebook
-.ipynb_checkpoints
-
-# pyenv
-.python-version
-
-# celery beat schedule file
-celerybeat-schedule
-
-# dotenv
-.env
-
-# virtualenv
-venv/
-ENV/
-
-# Spyder project settings
-.spyderproject
-
-# Rope project settings
-.ropeproject
-
-/db.sqlite3
-www/

cli/.editorconfig

@@ -1,17 +0,0 @@
-# editorconfig.org
-
-root = true
-
-[*]
-charset = utf-8
-end_of_line = lf
-indent_size = 2
-indent_style = space
-insert_final_newline = true
-trim_trailing_whitespace = true
-
-[*.md]
-trim_trailing_whitespace = false
-
-[*.py]
-indent_size = 4

cli/.gitignore

@@ -1 +0,0 @@
-node_modules

cli/.travis.yml

@@ -1,13 +0,0 @@
-dist: trusty
-sudo: required
-language: node_js
-node_js:
-  - '6'
-addons:
-  apt:
-    packages:
-    - xsel
-before_script:
-  - "export DISPLAY=:99.0"
-  - "sh -e /etc/init.d/xvfb start"
-  - sleep 3

cli/README.md

@@ -1,80 +0,0 @@
-# LessPass cli
-
-LessPass passwords directly in your terminal
-
-
-## Install
-
-```
-$ npm install --global lesspass-cli
-```
-
-
-## Usage
-
-```
-$ lesspass --help
-
-  build LessPass passwords directly in command line
-
-  Usage
-    $ lesspass <site> <login> [masterPassword] [options] 
-
-  Options
-      -l                  add lowercase in password
-      -u                  add uppercase in password
-      -d                  add digits in password
-      -s                  add symbols in password
-
-      --no-lowercase      remove lowercase from password
-      --no-uppercase      remove uppercase from password
-      --no-digits         remove digits from password
-      --no-symbols        remove symbols from password
-
-      --length, -L        int (default 16)
-      --counter, -c       int (default 1)
-    
-      --clipboard, -C     copy generated password to clipboard rather than displaying it.
-                          Need pbcopy (OSX), xclip (Linux) or clip (Windows).
-
-  Examples
-    # no symbols
-    $ lesspass lesspass.com contact@lesspass.com password --no-symbols 
-    OlfK63bmUhqrGODR
-  
-    # no symbols shortcut
-    $ lesspass lesspass.com contact@lesspass.com password -lud
-    OlfK63bmUhqrGODR
-  
-    # only digits and length of 8
-    $ lesspass lesspass.com contact@lesspass.com  -d -L8
-      master password: 
-      75837019
-```
-
-
-## FAQ
-
-### How can I generate a password if I have a quote (`'`) in my master password ?
-
-Escape the quote like this :
-
-    lesspass lesspass.com contact@lesspass.com 'my parents'\'' house is great'
-
-Replace `'` by `'\''`
-
-### password prompt 
-
-If you omit master password, lesspass-cli will ask you a master password:
-
-    lesspass lesspass.com contact@lesspass.com --length=14
-    master password: 
-
-
-## License
-
-This project is licensed under the terms of the GNU GPLv3.
-
-## Issues
-
-report issues on [LessPass project](https://github.com/lesspass/lesspass/issues)

cli/package.json

@@ -1,37 +0,0 @@
-{
-  "name": "lesspass-cli",
-  "version": "5.1.1",
-  "description": "build LessPass passwords directly in command line",
-  "keywords": [
-    "cli",
-    "cli-app",
-    "lesspass",
-    "password"
-  ],
-  "license": "GPL-3.0",
-  "author": "Guillaume Vincent <guillaume@oslab.fr>",
-  "files": [
-    "cli.js"
-  ],
-  "bin": {
-    "lesspass": "cli.js"
-  },
-  "repository": "lesspass/cli",
-  "scripts": {
-    "precommit": "npm test",
-    "prepush": "npm test",
-    "test": "ava"
-  },
-  "dependencies": {
-    "chalk": "2.3.1",
-    "clipboardy": "1.2.3",
-    "lesspass": "6.0.0",
-    "meow": "4.0.0",
-    "read": "1.0.7"
-  },
-  "devDependencies": {
-    "ava": "^0.25.0",
-    "execa": "^0.9.0",
-    "husky": "^0.14.3"
-  }
-}

cli/test.js

@@ -1,292 +0,0 @@
-import test from "ava";
-import execa from "execa";
-
-test("default options", async t => {
-  const { stdout } = await execa("./cli.js", [
-    "lesspass.com",
-    "contact@lesspass.com",
-    "password"
-  ]);
-  t.is(stdout, "\\g-A1-.OHEwrXjT#");
-});
-
-test("no login", async t => {
-  return execa.shell('echo password | ./cli.js "lesspass.com"').then(result => {
-    t.is(result.stdout, "master password: 7Cw-APO5Co?G>W>u");
-  });
-});
-
-test("options can be before parameters", async t => {
-  const { stdout } = await execa("./cli.js", [
-    "-C",
-    "lesspass.com",
-    "contact@lesspass.com",
-    "password"
-  ]);
-  t.is(stdout, "Copied to clipboard");
-});
-
-test("long options can be before parameters", async t => {
-  const { stdout } = await execa("./cli.js", [
-    "--clipboard",
-    "lesspass.com",
-    "contact@lesspass.com",
-    "password"
-  ]);
-  t.is(stdout, "Copied to clipboard");
-});
-
-test("length", async t => {
-  const { stdout } = await execa("./cli.js", [
-    "lesspass.com",
-    "contact@lesspass.com",
-    "password",
-    "--length=14"
-  ]);
-  t.is(stdout, "=0\\A-.OHEKvwrX");
-});
-
-test("length shortcut", async t => {
-  const { stdout } = await execa("./cli.js", [
-    "lesspass.com",
-    "contact@lesspass.com",
-    "password",
-    "-L=14"
-  ]);
-  t.is(stdout, "=0\\A-.OHEKvwrX");
-});
-
-test("counter", async t => {
-  const { stdout } = await execa("./cli.js", [
-    "lesspass.com",
-    "contact@lesspass.com",
-    "password",
-    "--counter=2"
-  ]);
-  t.is(stdout, "Vf:F1'!I`8Y2`GBE");
-});
-
-test("counter shortcut", async t => {
-  const { stdout } = await execa("./cli.js", [
-    "lesspass.com",
-    "contact@lesspass.com",
-    "password",
-    "-c=2"
-  ]);
-  t.is(stdout, "Vf:F1'!I`8Y2`GBE");
-});
-
-test("no lowercase", async t => {
-  const { stdout } = await execa("./cli.js", [
-    "lesspass.com",
-    "contact@lesspass.com",
-    "password",
-    "--no-lowercase"
-  ]);
-  t.is(stdout, 'JBG\\`3{+0["(E\\JJ');
-});
-
-test("no lowercase shortcut", async t => {
-  const { stdout } = await execa("./cli.js", [
-    "lesspass.com",
-    "contact@lesspass.com",
-    "password",
-    "-uds"
-  ]);
-  t.is(stdout, 'JBG\\`3{+0["(E\\JJ');
-});
-
-test("only lowercase", async t => {
-  const { stdout } = await execa("./cli.js", [
-    "lesspass.com",
-    "contact@lesspass.com",
-    "password",
-    "-l"
-  ]);
-  t.is(stdout, "fmnujoqgcxmpffyh");
-});
-
-test("no uppercase", async t => {
-  const { stdout } = await execa("./cli.js", [
-    "lesspass.com",
-    "contact@lesspass.com",
-    "password",
-    "--no-uppercase"
-  ]);
-  t.is(stdout, 'jbg\\`3{+0["(e\\jj');
-});
-
-test("no uppercase shortcut", async t => {
-  const { stdout } = await execa("./cli.js", [
-    "lesspass.com",
-    "contact@lesspass.com",
-    "password",
-    "-lds"
-  ]);
-  t.is(stdout, 'jbg\\`3{+0["(e\\jj');
-});
-
-test("only uppercase", async t => {
-  const { stdout } = await execa("./cli.js", [
-    "lesspass.com",
-    "contact@lesspass.com",
-    "password",
-    "-u"
-  ]);
-  t.is(stdout, "FMNUJOQGCXMPFFYH");
-});
-
-test("no digits", async t => {
-  const { stdout } = await execa("./cli.js", [
-    "lesspass.com",
-    "contact@lesspass.com",
-    "password",
-    "--no-digits"
-  ]);
-  t.is(stdout, ";zkB#m]mNF$;J_Ej");
-});
-
-test("no digits shortcut", async t => {
-  const { stdout } = await execa("./cli.js", [
-    "lesspass.com",
-    "contact@lesspass.com",
-    "password",
-    "-lus"
-  ]);
-  t.is(stdout, ";zkB#m]mNF$;J_Ej");
-});
-
-test("only digits", async t => {
-  const { stdout } = await execa("./cli.js", [
-    "lesspass.com",
-    "contact@lesspass.com",
-    "password",
-    "-d"
-  ]);
-  t.is(stdout, "7587019305478072");
-});
-
-test("no symbols", async t => {
-  const { stdout } = await execa("./cli.js", [
-    "lesspass.com",
-    "contact@lesspass.com",
-    "password",
-    "--no-symbols"
-  ]);
-  t.is(stdout, "OlfK63bmUhqrGODR");
-});
-
-test("no symbols shortcut", async t => {
-  const { stdout } = await execa("./cli.js", [
-    "lesspass.com",
-    "contact@lesspass.com",
-    "password",
-    "-lud"
-  ]);
-  t.is(stdout, "OlfK63bmUhqrGODR");
-});
-
-test("only symbols", async t => {
-  const { stdout } = await execa("./cli.js", [
-    "lesspass.com",
-    "contact@lesspass.com",
-    "password",
-    "-s"
-  ]);
-  t.is(stdout, "<\"]|'`%};'`>-'[,");
-});
-
-test("test space in password", async t => {
-  const { stdout } = await execa("./cli.js", [
-    "lesspass.com",
-    "contact@lesspass.com",
-    "my Master Password"
-  ]);
-  t.is(stdout, "D1PBB34\\#fh!LY={");
-});
-
-test("doc 1", async t => {
-  const { stdout } = await execa("./cli.js", [
-    "lesspass.com",
-    "contact@lesspass.com",
-    "password",
-    "--no-symbols"
-  ]);
-  t.is(stdout, "OlfK63bmUhqrGODR");
-});
-
-test("doc 1 options before", async t => {
-  const { stdout } = await execa("./cli.js", [
-    "--no-symbols",
-    "lesspass.com",
-    "contact@lesspass.com",
-    "password"
-  ]);
-  t.is(stdout, "OlfK63bmUhqrGODR");
-});
-
-test("doc 2", async t => {
-  const { stdout } = await execa("./cli.js", [
-    "lesspass.com",
-    "contact@lesspass.com",
-    "password",
-    "-lud"
-  ]);
-  t.is(stdout, "OlfK63bmUhqrGODR");
-});
-
-test("doc 2 options before", async t => {
-  const { stdout } = await execa("./cli.js", [
-    "-lud",
-    "lesspass.com",
-    "contact@lesspass.com",
-    "password"
-  ]);
-  t.is(stdout, "OlfK63bmUhqrGODR");
-});
-
-test("doc 3", async t => {
-  const { stdout } = await execa("./cli.js", [
-    "lesspass.com",
-    "contact@lesspass.com",
-    "password",
-    "-d",
-    "-L8"
-  ]);
-  t.is(stdout, "75837019");
-});
-
-test("doc 3 options before", async t => {
-  const { stdout } = await execa("./cli.js", [
-    "-d",
-    "-L8",
-    "lesspass.com",
-    "contact@lesspass.com",
-    "password"
-  ]);
-  t.is(stdout, "75837019");
-});
-
-test("doc 3 options before and after", async t => {
-  const { stdout } = await execa("./cli.js", [
-    "-d",
-    "lesspass.com",
-    "contact@lesspass.com",
-    "password",
-    "-L8"
-  ]);
-  t.is(stdout, "75837019");
-});
-
-test("nrt numbers should be considered as string not integers", async t => {
-  const p = execa("./cli.js", ["example.org", "123", "password"]);
-  const p2 = execa("./cli.js", ["example.org", "0123", "password"]);
-  const p3 = execa("./cli.js", ["example.org", '"0123"', "password"]);
-  const p4 = execa("./cli.js", ["example.org", "00123", "password"]);
-  return Promise.all([p, p2, p3, p4]).then(v => {
-    t.is(v[0].stdout, "sMb8}N&`J4wkF9q~");
-    t.is(v[1].stdout, "5,4SqhB2[=/h\\DZh");
-    t.is(v[2].stdout, "u0Fz)EOJ4i\\{{;a~");
-    t.is(v[3].stdout, '=}|O7hN0ZHdjQ{">');
-  });
-});

containers/README.md

@@ -0,0 +1,48 @@
+# LessPass containers
+
+### requirements 
+
+ * `docker`
+ * `docker-compose`
+
+### install 
+
+simply run 
+
+    bash <(curl -s https://raw.githubusercontent.com/lesspass/lesspass/master/containers/install-lesspass.sh) [DOMAIN] [EMAIL]
+
+`[DOMAIN]` and `[EMAIL]` are used to generate a LetsEncrypt certificate and configure LessPass.
+
+### create super user
+
+Go into the backend container and create a super user
+
+```
+docker exec -it lesspass_backend_1 sh
+python manage.py createsuperuser
+```
+
+Now you can access and manage users and password profiles on `https://[DOMAIN]/admin`
+
+
+### configure email
+
+You can edit `.env` file to use your own email server (in order to reset the password for example)
+
+```
+DEFAULT_FROM_EMAIL="LessPass" <admin@example.org>
+EMAIL_HOST=...
+EMAIL_HOST_USER=...
+EMAIL_HOST_PASSWORD=...
+EMAIL_PORT=...
+EMAIL_USE_TLS=1
+```
+
+## License
+
+This project is licensed under the terms of the GNU GPLv3.
+
+## Contributors :heart:
+
+This project exists thanks to all the people who contribute. [[Contribute]](CONTRIBUTING.md).
+<a href="https://github.com/lesspass/lesspass/graphs/contributors"><img src="https://opencollective.com/lesspass/contributors.svg?width=890" /></a>

containers/docker-compose.yml

@@ -0,0 +1,23 @@
+version: "3"
+services:
+  profiles:
+    image: typesense/typesense:0.9.2
+    volumes:
+      - profiles:/data
+    ports:
+      - 8108:8108
+    environment:
+      API_KEY: dev-api-key
+      SEARCH_ONLY_API_KEY: dev-search-only-api-key
+    entrypoint: sh -c "/opt/typesense-server --data-dir /data --api-key=$${API_KEY} --search-only-api-key=$${SEARCH_ONLY_API_KEY}"
+  webserver:
+    build: ./webserver
+    ports:
+      - 80:80
+      - 443:443
+    environment:
+      FQDN: localhost
+      DEBUG: 1
+    volumes:
+      - ./webserver/ssl:/ssl
+      - ./webserver:/webserver

backend/entrypoint.sh → containers/lesspass-database/entrypoint.sh

@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/usr/bin/env bash
 
 while ! nc -z db 5432; do sleep 3; done
 

containers/lesspass-webserver/Dockerfile

@@ -0,0 +1,20 @@
+FROM centos:7
+
+LABEL name="LessPass Web Server" 
+LABEL maintainer="LessPass <contact@lesspass.com>"
+
+ENV LANG en_US.UTF-8
+
+RUN yum -y install epel-release && \
+    yum -y install httpd openssl mod_ssl proxy_http python34 python34-pip && \
+    yum clean all
+
+EXPOSE 80 443
+
+RUN python3 -m pip install --upgrade pip
+RUN python3 -m pip install jinja2
+
+COPY entrypoint.sh /entrypoint.sh
+ENTRYPOINT ["/entrypoint.sh"]
+
+CMD ["/usr/sbin/httpd", "-D", "FOREGROUND"]

containers/lesspass-webserver/entrypoint.sh

@@ -0,0 +1,28 @@
+#!/usr/bin/env bash
+
+create_wildcard_certificate () {
+  openssl req -x509 -newkey rsa:4096 -nodes -keyout ${1}.key -out ${1}.crt -days 365 -subj "/C=FR/ST=Gironde/L=Bordeaux/O=LessPass/OU=LessPass/CN=*.${1}"
+}
+
+if [[ ! -f /ssl/${FQDN}.crt || ! -f /ssl/${FQDN}.key ]]; then
+  echo "${FQDN}.crt or ${FQDN}.key not found! Generate wildcard certificate"
+  cd /ssl
+  create_wildcard_certificate ${FQDN}
+fi
+
+mkdir -p /etc/httpd/ssl
+mkdir -p /etc/httpd/ssl/private
+chmod 755 /etc/httpd/ssl
+chmod 710 /etc/httpd/ssl/private
+
+cp /ssl/${FQDN}.crt /etc/httpd/ssl/
+chmod 644 /etc/httpd/ssl/${FQDN}.crt
+
+cp /ssl/${FQDN}.key /etc/httpd/ssl/private/
+chmod 640 /etc/httpd/ssl/private/${FQDN}.key
+
+python3 /webserver/generate_apache_conf.py
+
+cat /etc/httpd/conf.d/lesspass.conf
+
+exec "$@"

containers/lesspass-webserver/generate_apache_conf.py

@@ -0,0 +1,18 @@
+import os
+
+from jinja2 import Template
+
+
+if __name__ == "__main__":
+    fqdn = os.environ.get("FQDN", "localhost")
+    context = {
+        "FQDN": fqdn,
+        "SSL_CERTIFICATE_FILE": "/etc/httpd/ssl/%s.crt" % fqdn,
+        "SSL_CERTIFICATE_KEY_FILE": "/etc/httpd/ssl/private/%s.key" % fqdn,
+        "DEBUG": os.environ.get("DEBUG", "0") == "1",
+    }
+
+    print(context)
+    jinja_template = Template(open("/webserver/lesspass.conf.j2").read())
+    with open("/etc/httpd/conf.d/lesspass.conf", "w") as f:
+        f.write(jinja_template.render(context))

containers/lesspass-webserver/lesspass.conf.j2

@@ -0,0 +1,48 @@
+ServerName {{ FQDN }}
+
+<VirtualHost *:80>
+  ServerName www.{{ FQDN }}
+  ServerAlias {{ FQDN }}
+  # Redirect permanent / https://www.{{ FQDN }}/
+  Redirect / https://www.{{ FQDN }}/
+</VirtualHost>
+
+<VirtualHost *:443>
+    ServerName www.{{ FQDN }}
+    ServerAlias {{ FQDN }}
+    
+    DocumentRoot /var/www/html
+    
+    <Directory /var/www/html/>
+        Options Indexes FollowSymLinks
+        AllowOverride None
+        Require all granted
+    </Directory>
+
+    SSLEngine on
+    SSLCertificateFile      {{ SSL_CERTIFICATE_FILE }}
+    SSLCertificateKeyFile   {{ SSL_CERTIFICATE_KEY_FILE }}
+</VirtualHost>
+
+<VirtualHost *:443>
+    ServerName profiles.{{ FQDN }}
+    ProxyPass / http://profiles:8108/
+    ProxyPassReverse / http://profiles:8108/
+    SSLEngine on
+    SSLCertificateFile      {{ SSL_CERTIFICATE_FILE }}
+    SSLCertificateKeyFile   {{ SSL_CERTIFICATE_KEY_FILE }}
+</VirtualHost>
+
+SSLProtocol             all -SSLv3 -TLSv1 -TLSv1.1
+SSLCipherSuite          ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
+SSLHonorCipherOrder     on
+SSLCompression          off
+SSLSessionTickets       off
+{% if not DEBUG %}
+SSLUseStapling          on
+SSLStaplingResponderTimeout 5
+SSLStaplingReturnResponderErrors off
+SSLStaplingCache        shmcb:/var/run/ocsp(128000)
+{% endif %}
+ErrorLog /dev/stderr
+TransferLog /dev/stdout