86 lines
3.5 KiB
Plaintext
86 lines
3.5 KiB
Plaintext
There are keys and users. Every key must be linked to exactly one user, otherwise it's deleted.
|
|
You can link a key by either creating new user (by specifying a unique name) or linking with existing account.
|
|
After linked, key cannot be unlinked. It can only be deleted.
|
|
You need to have at least one key linked.
|
|
When you link new key to the existing account, a random token is generated for authentication for short period of time. That token is burned after use.
|
|
You can request your account to be deleted. To proceed, you have to solve simple anti-csrf challenge.
|
|
When the key is linked with account, a display name is being automatically set from certificate's issuer field.
|
|
You can change display name of your key. Because of nature of Gemini query strings, it's a two-step process: first, the key hash is temporary stored in database, actual renaming happens in the second step.
|
|
|
|
Access points:
|
|
/cgi - cgi scripts root
|
|
/index.gmi - main entry point
|
|
/account - managing your account preferences
|
|
/index.gmi - menu
|
|
no CC - request CC
|
|
mismatch - invalid CC
|
|
match - list keys and links to unlink.gmi, active tokens and links to cancel
|
|
/register.gmi - register new account
|
|
no CC - request CC
|
|
mismatch
|
|
empty - choose your name
|
|
string - verify & success message | name already in use
|
|
match - already logged in
|
|
/link.gmi - link new key to your account
|
|
no CC - request CC
|
|
mismatch
|
|
empty - enter your token
|
|
token - verify & display success message | warning
|
|
match
|
|
empty - here's your token
|
|
token - tip: open this link on new device
|
|
cancel - burn token & linking key cancelled
|
|
string - what are you trying to do?
|
|
/unlink.gmi - delete your key
|
|
no CC - request CC
|
|
mismatch - invalid CC
|
|
match
|
|
empty - redirect to index.gmi
|
|
anticsrf+hash - verify & redirect to index.gmi | warning
|
|
/rename-request.gmi
|
|
no CC - request CC
|
|
mismatch - invalid CC
|
|
match
|
|
empty - which key would you like to rename?
|
|
anticsrf+hash - verify & redirect to rename.gmi | warning
|
|
/rename.gmi
|
|
no CC - request CC
|
|
mismatch - invalid CC
|
|
match
|
|
empty - choose your name for "[old name]" | redirect to rename-request.gmi
|
|
string - rename & redirect to index.gmi
|
|
/delete.gmi - delete your account
|
|
no CC - request CC
|
|
mismatch - invalid CC
|
|
match
|
|
empty - mark account as request delete, ask for confirmation
|
|
string - verify & delete | renew challenge
|
|
cancel - burn token & account deletion cancelled
|
|
|
|
Database scheme:
|
|
file data/data.db
|
|
CREATE TABLE IF NOT EXISTS users (
|
|
id INTEGER PRIMARY KEY AUTOINCREMENT,
|
|
name VARCHAR(255) UNIQUE,
|
|
link_token VARCHAR(16) UNIQUE,
|
|
link_token_time INTEGER,
|
|
request_delete VARCHAR(16),
|
|
request_delete_time INTEGER,
|
|
anticsrf VARCHAR(4),
|
|
anticsrf_time INTEGER,
|
|
request_rename VARCHAR(255)
|
|
)
|
|
CREATE TABLE IF NOT EXISTS keys (
|
|
hash VARCHAR(255) PRIMARY KEY,
|
|
user INTEGER,
|
|
last_seen INTEGER NOT NULL DEFAULT (strftime('%s')),
|
|
name VARCHAR(255),
|
|
FOREIGN KEY (user) REFERENCES users (id)
|
|
ON DELETE CASCADE
|
|
)
|
|
|
|
TODO:
|
|
- passwords
|
|
- registration captcha
|
|
- 2 factor authentication
|
|
- notification feed |