Gsoc17 : Client Side File crypto : Week 11

Submitted by tameeshb on Wed, 08/16/2017 - 03:46
Open source@IITP

This blog post summarizes the eleventh week of writing open-source code for Drupal with Google Summer of Code.

The module is finally complete with most of it’s major features. It is complete for testing and a bit more changes are to be made that have been discussed, suggested and some things that were planned and are left to implement.

Commit map

File upload handling

One of the major tasks that was left in the module was of handling the encrypted file uploads on the backed. After I tried searching for how to leverage the built-in one, Adam, in the last meeting suggested that the built-in file upload method wasn’t the best method for my use-case and hence I should create my own AJAX file upload callback for storing the ciphertext files. https://gist.github.com/bnchdrff/a388b763bc97f7a1c6107698652cc58d
This gist helped me implement the POST multipart AJAX file upload handler.

New private key storage containers

I discovered a possible bug in which the private keys were being stored in the HTML5 local storage in the browser by the name of “privKey” and there could be a possibility where the users logs in using multiple accounts from the same browser. In that case the second user that logs in won’t be able to access data as the private key stored in the browser is of the previous user. Hence I changed the private key storage container identifiers to vary based on their user ID. Now the local storage variables are identified as : csfcPubKey_3 where 3 is the user ID.

Switching from DB schema to Content entities

During the latest code review by Adam, he suggested that using database schemas is a thing of the past now and we should move to using content/config entities before proceeding any further. Later we came down to deciding to use content entities. The task of moving to content entities has been started. Most part of creating new content entities would be made easy by Drupal Console!

Although the module is feature ready utilizing a basic database schema for now, the current phase would only be complete after the data storage is moved to entities.

Embedded Image previews

After completing the file metadata fetching, append it to the DOM and triggering the decrypt functions when these files are requested for, I added another feature of embedding image previews for files of MIME type as image.

Latest module behaviours

There were a few small parts that I worked on over the week:

  • Redirection on all AJAX request completion
    After the generation of the keys, the user is redirected to the site home.

  • Enable REST resources on module install
    After using the rest.resource.*.*.yml files, the REST resources will be enabled by default on module install and we won't need to manually enable them using the REST UI Module.

  • Force logout all users post module install
    This is a necessity for all user to be logged out after the module is installed as keys must be generated after the module is installed.

 

Plans for this week

As the module is mostly complete, I will be working on moving to content entities for now and then work on the few more features that are left to implement. The basic functionality is ready for testing, so I’ll host it on my drupal site and keep it up there for testing and previews. Also, I’ll be moving to shifting the project to Drupal.org and implementing CI toward the end of this week.

Here’s a video to demonstration on how to use the module: 

 

Drupal Client Side File Crypto Demo from Tameesh Biswas on Vimeo.

Also, I recently gave a talk about Drupal and my GSoC project at an open source workshop in my college introducing the freshman and sophomores of my college to open source and Drupal.

FOSS introFOSS at IITP


 

Thanks for reading!

Recent content