pwpush 0.1.0

data/app/views/layouts/_ga.html.erb

@@ -0,0 +1,14 @@
+<script type="text/javascript">
+
+  var _gaq = _gaq || [];
+  _gaq.push(['_setAccount', 'UA-28303744-1']);
+  _gaq.push(['_setDomainName', 'pwpush.com']);
+  _gaq.push(['_trackPageview']);
+
+  (function() {
+    var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
+    ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
+    var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
+  })();
+
+</script>

data/app/views/layouts/application.html.haml

@@ -0,0 +1,41 @@
+!!!
+%html
+  %head
+    %title PasswordPusher
+    = csrf_meta_tags
+    = oboe_rum_header rescue ""
+    = stylesheet_link_tag    "application"
+    %link{ :rel => "shortcut icon",    :href => asset_path("favicon.ico"), :type => "image/x-icon" }
+    %link{ :rel => "apple-touch-icon", :href => asset_path("apple-touch-icon-iphone.png") }
+    %link{ :rel => "apple-touch-icon", :sizes => "72x72",   :href => asset_path("apple-touch-icon-ipad.png") }
+    %link{ :rel => "apple-touch-icon", :sizes => "114x114", :href => asset_path("apple-touch-icon-iphone4.png") }
+    %link{ :rel => "apple-touch-icon", :sizes => "144x144", :href => asset_path("apple-touch-icon-ipad3.png") }
+    :javascript
+      // Set up the yepnope (Modernizr.load) directives... 
+      Modernizr.load([
+      {
+          // Test if Input Range is supported using Modernizr
+          test: Modernizr.inputtypes.range,
+          // If ranges are not supported, load the slider script and CSS file
+          nope: [
+            // The slider CSS file
+            "css!#{asset_path('fd-slider.css')}"
+            // Javascript file for slider
+           ,"#{asset_path('fd-slider.js')}"
+          ],
+          callback: function(id, testResult) {
+              // If the slider file has loaded then fire the onDomReady event
+              if("fdSlider" in window && typeof (fdSlider.onDomReady) != "undefined") {
+                      try { fdSlider.onDomReady(); } catch(err) {};
+              };
+          }
+      }
+      ]);
+  %body
+    .content
+      = link_to image_tag("forkme.png", :style => "position: absolute; top: 0; right: 0; border: 0; z-index: 1;", :alt => "Fork me on Github" ), "https://github.com/pglombardo/PasswordPusher"
+      = yield
+
+    = javascript_include_tag "application"
+    = render :partial => "layouts/ga" if Rails.env == "production"
+    = oboe_rum_footer rescue ""

data/app/views/pages/about.html.haml

@@ -0,0 +1,159 @@
+
+.about_content
+  %div{ :style => 'float: left; font-size: .8em; margin-bottom: 50px;' }
+    = link_to '[ Back to front page ]', root_path
+
+%p{ :style => 'clear: both;' }
+  %h1 About PasswordPusher
+
+.about_content
+  %p
+    PasswordPusher is a Ruby application to communicate passwords over the web. Links to passwords expire after a certain number of views and/or time has passed. Hosted at
+    = succeed '.' do
+      = link_to "pwpush.com", "https://pwpush.com"
+
+  %p
+    I previously posted this project on
+    = link_to "Reddit", "http://www.reddit.com/r/sysadmin/comments/pfda0/do_you_email_out_passwords_i_wrote_this_utility/"
+    which provided some great feedback - most of which has been implemented.
+
+  %p
+    The source code to this site is
+    = succeed "." do
+      = link_to "on Github", "https://github.com/pglombardo/PasswordPusher"
+    It's opensource and free for anyone to use or modify.  Use it internally at your organization, host it publicly or just use
+    = succeed "." do
+      = link_to "pwpush.com", "https://pwpush.com"
+    It's up to you.
+
+  %p
+    This is me (Peter Giacomo Lombardo) on
+    = link_to "LinkedIn", "http://it.linkedin.com/in/peterlombardo"
+    and
+    = succeed "." do
+      = link_to "Github", "https://github.com/pglombardo"
+
+  %p
+    For updates, you can
+    = succeed "," do
+      = link_to "follow me on Twitter", "https://twitter.com/pglombardo"
+    = link_to "Github", "https://github.com/pglombardo"
+    or on the
+    = succeed "." do
+      = link_to "Tumblr blog", "http://blog.gameface.in/"
+
+%h1 Related
+
+.about_content
+  %ul
+    %li
+      For
+      = link_to "Alfred app", "http://www.alfredapp.com/"
+      users on Mac, an
+      = link_to "workflow", "http://www.packal.org/workflow/passwordpusher"
+      to quickly push passwords.
+
+%h1 Publicity
+
+.about_content
+  %p
+    Random articles, comments and tweets about PasswordPusher...
+  %ol
+    %li
+      = link_to "How to share passwords securely", "http://envide.no/hvordan-dele-passord-pa-en-sikker-mate/"
+      (in Norwegian)
+    %li
+      = link_to "How to deploy PasswordPusher to CloudFoundry", "http://blog.cloudfoundry.gr.jp/2015/09/cf100apps-061-passwordpusher.html"
+      (in Japanese)
+    %li
+      PasswordPusher was included in
+      = link_to "Issue 23", "https://www.cronweekly.com/issue-23/"
+      of
+      = link_to "Cron Weekly", "https://www.cronweekly.com/"
+    %li
+      = succeed ":" do
+        = link_to "ThinkTechnica", "http://www.thinktechnica.com/"
+      = link_to "PasswordPusher", "http://www.thinktechnica.com/r/679/"
+
+    %li
+      = succeed ":" do
+        = link_to "TracceWeb", "http://www.tracceweb.com/"
+        (Italian)
+      = link_to "Invia Password o Messaggi in Modo Sicuro che si Autodistruggono: PasswordPusher", "http://www.tracceweb.com/5398/invia-password-o-messaggi-in-modo-sicuro-che-si-autodistruggono-passwordpusher"
+
+    %li
+      Mentions in a bunch of comments and Tweets: on
+      = succeed "," do
+        = link_to "HackerNews", "https://news.ycombinator.com/item?id=4237420"
+      = succeed "," do
+        = link_to "QandASystem", "http://www.qandasystem.info/security/best-practice-for-password-distribution/#comment-137020"
+      = succeed "," do
+        = link_to "WebDesignShock", "https://twitter.com/WebDesignShock/statuses/174198663701200897"
+      and
+      = link_to "Logicamp", "https://twitter.com/logicamp/statuses/224418623383535617"
+
+%h1 Credits
+
+.about_content
+  %p
+    Thanks to:
+
+    %ul
+      %li
+        Everyone on Reddit for all of
+        = link_to "the", "http://www.reddit.com/r/sysadmin/comments/pfda0/do_you_email_out_passwords_i_wrote_this_utility/"
+        = link_to "great", "http://www.reddit.com/r/web_design/comments/q841p/do_you_email_out_passwords_i_wrote_this_utility/"
+        = succeed '.' do
+          = link_to "feedback", "http://www.reddit.com/r/sysadmin/comments/tq39p/remember_passwordpusher_pwpushcom_its_now/"
+
+      %li
+        Reddit
+        = link_to "/r/freedesign", "http://www.reddit.com/r/freedesign"
+        artist
+        = link_to "JarvisAndPi", "http://www.reddit.com/user/JarvisAndPi"
+        for the favicons
+
+      %li
+        = link_to "zygat3r", "http://zygat3r.deviantart.com/"
+        for the
+        = link_to "Dark Wood Pack", "http://zygat3r.deviantart.com/art/Dark-Wood-58266349"
+        (page backgrounds).
+
+      %li
+        = link_to "Kasper", "https://github.com/kap0w"
+        for the
+        = succeed "." do
+          = link_to "JSON POST fix", "https://github.com/pglombardo/PasswordPusher/pull/3"
+
+%h1 Other Related Projects
+
+.about_content
+  %ul
+    %li= link_to "Agrippa", "http://getagrippa.com/"
+    %li
+      A Django spin-off project:
+      = link_to "projectgiraffe", "https://github.com/quasarj/projectgiraffe"
+
+    %li
+      = link_to "phanaster", "https://github.com/phanaster"
+      created a
+      = link_to "coupon pushing application", "https://github.com/phanaster/cpsh.me"
+      == (#{link_to "cpsh.me", "http://cpsh.me/"}) based off of PasswordPusher
+
+    %li
+      = link_to "bemosior", "https://github.com/bemosior"
+      put together a PHP port of PasswordPusher:
+      = link_to "PHPasswordPusher", "https://github.com/bemosior/PHPasswordPusher"
+
+
+.about_content
+  %p
+    I also run
+    = succeed "." do
+      = link_to "Gameface", "http://gameface.in"
+    A site to showcase games, the people who play them and the characters they play.
+
+.about_content
+  %div{ :style => 'float: left; font-size: .8em; margin-bottom: 50px;' }
+    = link_to '[ Back to front page ]', root_path
+

data/app/views/passwords/edit.html.haml

@@ -0,0 +1,7 @@
+%h1 Editing password
+
+= render 'form'
+
+= link_to 'Show', @password
+\|
+= link_to 'Back', passwords_path

data/app/views/passwords/index.html.haml

@@ -0,0 +1,17 @@
+%h1 Listing passwords
+
+%table
+  %tr
+    %th
+    %th
+    %th
+
+  - @passwords.each do |password|
+    %tr
+      %td= link_to 'Show', password
+      %td= link_to 'Edit', edit_password_path(password)
+      %td= link_to 'Destroy', password, :confirm => 'Are you sure?', :method => :delete
+
+%br
+
+= link_to 'New Password', new_password_path

data/app/views/passwords/new.html.haml

@@ -0,0 +1,68 @@
+
+= form_for @password do |f|
+  %p
+    %div.title
+      %span.title Password Pusher
+      %br
+      %span.tagline Go Ahead.  Email Another Password.
+  %p.payload
+    = f.text_field(:payload, { :class => "password", :value => PAYLOAD_INITIAL_TEXT, :onfocus => "prepareTextField(this)", :onblur => "revertTextField(this)", :autocomplete => "off" })
+  %p
+    Delete password after:
+    %p.slider_box
+      = range_field_tag("password_expire_after_days", EXPIRE_AFTER_DAYS_DEFAULT, {:name => "password[expire_after_days]", :class => "slider", :min => EXPIRE_AFTER_DAYS_MIN, :max => EXPIRE_AFTER_DAYS_MAX, :step => "1", :onchange => "showDaysValue(this.value)"})
+      %span#daysrange
+        == #{EXPIRE_AFTER_DAYS_DEFAULT} Days
+    %p.slider_box
+      = range_field_tag("password_expire_after_views", EXPIRE_AFTER_VIEWS_DEFAULT, {:name => "password[expire_after_views]", :class => "slider", :min => EXPIRE_AFTER_VIEWS_MIN, :max => EXPIRE_AFTER_VIEWS_MAX, :step => "1", :onchange => "showViewsValue(this.value)"})
+      %span#viewsrange
+        == #{EXPIRE_AFTER_VIEWS_DEFAULT} Views
+    %br
+      %span.note
+        (whichever comes first)
+    - if DELETABLE_BY_VIEWER_PASSWORDS
+      %p.notes
+        = check_box_tag "password[deletable_by_viewer]", nil, DELETABLE_BY_VIEWER_DEFAULT
+        Allow viewers to optionally delete password before expiration
+
+  %p
+    = f.submit(:value => "Push it!")
+
+
+%p.notes
+  %p
+    %span
+      #cookie-save.cookie-save
+        %a{ :onclick => "saveExpirations()", :href => "#" } Save
+        these settings as
+        %i default
+        in a browser cookie.
+  %span.tip
+    * Tip: Only enter the password into the box.  Other identifying information can compromise security.
+  %p
+  %span.note
+    All passwords are encrypted prior to storage and are available to only those with the direct link.
+  %br/
+  %span.note
+    Once expired, encrypted passwords are unequivocally deleted from the database.
+
+%p.notes
+  New
+  = link_to "workflow",  "http://www.packal.org/workflow/passwordpusher"
+  for Alfred users.  Thanks to
+  = link_to "@psteinweber", "https://github.com/pglombardo/PasswordPusher/issues/29"
+  for the idea.
+
+- if Rails.env == "production" or Rails.env == "development"
+  %p.notes
+    = link_to "About PasswordPusher", page_path('about')
+    \|
+    = link_to "Images, Logos and Icons", 'https://github.com/pglombardo/PasswordPusher/tree/master/app/assets/images'
+    %br/
+    Follow me on:
+    = succeed "," do
+      = link_to "@Twitter", "https://twitter.com/pglombardo"
+    = link_to "@Github", "https://github.com/pglombardo"
+    &
+    = link_to "@Tumblr", "http://blog.gameface.in/"
+

data/app/views/passwords/show.html.haml

@@ -0,0 +1,58 @@
+%div.content
+  - if @password.expired
+    %p
+      We apologize but...
+    %div.payload
+      This password has expired.
+    %p
+      - if @password.deleted
+        This password was manually deleted by one of its viewers.
+      - elsif @password.views_remaining == 0
+        == The password has hit its maximum view count: #{@password.expire_after_views}.
+      - elsif @password.days_remaining == 0
+        == The password has hit its maximum age: #{@password.expire_after_days} days.
+
+  - else
+    - if @first_view
+      .share_note
+        == This is your password.  Use this link to share it:
+        %p.url
+          %input{ :value => "#{request.url}", :spellcheck => "false", :onfocus => '$(this).focus(); $(this).select();', :onclick => '$(this).select();' }
+          %span#clip_data{ :style => 'display: none;' }= request.url
+          %span#clippy{ :title => 'copy to clipboard' }
+            %span#clip_tip copy to clipboard
+            != clippy(request.url)
+          :javascript
+            $('#clippy').mousedown(function (e){
+              $('#clip_tip').text('copied!');
+            });
+            $('#clippy').mouseout(function (e){
+              $('#clip_tip').text('copy to clipboard');
+            });
+        %br/
+        %span.note
+          This note won't be shown again for this password...
+          %br/
+          Don't believe me?  Go ahead.  Hit reload...
+    %p
+      Your password is...
+
+    %div.payload.spoiler<
+      = @payload
+
+    %p
+      - if @password.views_remaining == 0
+        == This password will be deleted in #{pluralize(@password.days_remaining, 'day')} or #{@password.views_remaining} more views (this is the last view).
+      - else
+        == This password will be deleted in #{pluralize(@password.days_remaining, 'day')}
+        == or #{pluralize(@password.views_remaining, 'more view')}.
+    - if @password.deletable_by_viewer
+      %p{ :style => 'font-size: .85em;' }
+        = link_to "Nah. I've got it. Delete it now.", password_path, :id => @password.url_token, :method => :delete, :confirm => 'This will delete the password forever.  Are you sure?'
+%div.footer_note
+  This
+  - if @password.expired
+    (unfortunately expired)
+  password is brought to you by
+  = link_to "Password Pusher", "/"
+  and viewers like you.

data/app/views/shared/_auth_providers.html.haml

@@ -0,0 +1,9 @@
+/ %a.auth_provider{:href => user_omniauth_authorize_path(:twitter)}
+/   = image_tag "https://s3.amazonaws.com/gameface/images/authbuttons/twitter_64.png", :size => "64x64", :alt => "Twitter"
+/   Twitter
+%a.auth_provider{:href => user_omniauth_authorize_path(:google)}
+  = image_tag "https://s3.amazonaws.com/gameface/images/authbuttons/google_64.png", :size => "64x64", :alt => "Google"
+  Google
+%a.auth_provider{:href => user_omniauth_authorize_path(:yahoo)}
+  = image_tag "https://s3.amazonaws.com/gameface/images/authbuttons/yahoo_64.png", :size => "64x64", :alt => "Yahoo"
+  Yahoo

data/app/views/shared/_messages.html.haml

@@ -0,0 +1,4 @@
+- [:alert, :notice, :error, :success].each do |key|
+  - unless flash[key].blank?
+    %p{ :class => "flash #{key}" }= flash[key]
+    

data/app/views/views/_form.html.erb

@@ -0,0 +1,16 @@
+<%= form_for @view do |f| %>
+  <%= f.error_messages %>
+  <p>
+    <%= f.label :password_id %><br />
+    <%= f.number_field :password_id %>
+  </p>
+  <p>
+    <%= f.label :ip %><br />
+    <%= f.text_field :ip %>
+  </p>
+  <p>
+    <%= f.label :user_agent %><br />
+    <%= f.text_field :user_agent %>
+  </p>
+  <p><%= f.submit %></p>
+<% end %>

data/app/views/views/edit.html.erb

@@ -0,0 +1,8 @@
+<% title "Edit View" %>
+
+<%= render 'form' %>
+
+<p>
+  <%= link_to "Show", @view %> |
+  <%= link_to "View All", views_path %>
+</p>

data/app/views/views/index.html.erb

@@ -0,0 +1,21 @@
+<% title "Views" %>
+
+<table>
+  <tr>
+    <th>Password</th>
+    <th>Ip</th>
+    <th>User Agent</th>
+  </tr>
+  <% for view in @views %>
+    <tr>
+      <td><%= view.password_id %></td>
+      <td><%= view.ip %></td>
+      <td><%= view.user_agent %></td>
+      <td><%= link_to "Show", view %></td>
+      <td><%= link_to "Edit", edit_view_path(view) %></td>
+      <td><%= link_to "Destroy", view, :confirm => 'Are you sure?', :method => :delete %></td>
+    </tr>
+  <% end %>
+</table>
+
+<p><%= link_to "New View", new_view_path %></p>

data/app/views/views/new.html.erb

@@ -0,0 +1,5 @@
+<% title "New View" %>
+
+<%= render 'form' %>
+
+<p><%= link_to "Back to List", views_path %></p>

data/app/views/views/show.html.erb

@@ -0,0 +1,20 @@
+<% title "View" %>
+
+<p>
+  <strong>Password:</strong>
+  <%= @view.password_id %>
+</p>
+<p>
+  <strong>Ip:</strong>
+  <%= @view.ip %>
+</p>
+<p>
+  <strong>User Agent:</strong>
+  <%= @view.user_agent %>
+</p>
+
+<p>
+  <%= link_to "Edit", edit_view_path(@view) %> |
+  <%= link_to "Destroy", @view, :confirm => 'Are you sure?', :method => :delete %> |
+  <%= link_to "View All", views_path %>
+</p>