GitLocker: The Coding Marketplace

Description:

djangoopqpwd 0.1

opqpwd is a password manager REST service with client-side encryption.
It is written in Python 3, using Django and Django REST framework.
opqpwd stands for “opaque passwords”: it encrypts password on the client-side,
making them “opaque” to the server.
Moreover, user registration and authentication is performed using salted hashes
of user-chosen username and password:
this boosts users anonimity with respect to traditional services, hiding even
the service-registration username.
Passwords (and metadata) are stored in your favorite database as Base64-encoded,
encrypted JSON.
Encryption is performed using AES-256-CBC, with HMAC-SHA-256 authentication.
scrypt is used as key derivation function.
It features an example command-line client (you can find it in
the bin folder).
opqpwd was written by Marco Bellaccini - marco.bellaccini(at!)gmail.com.
BEWARE: OPQPWD IS PROOF-OF-CONCEPT SOFTWARE, FOR TESTING PURPOSES ONLY.

Quick start

Make sure you meet all software dependencies (Django REST Framework,
scrypt - you’ll need libssl-dev for it, pycrypto, requests and, of course, Django).
Add “opqpwd” and “rest_framework” (of course, you have to install
Django REST Framework too!) to your INSTALLED_APPS setting like this:
INSTALLED_APPS = [
...
'rest_framework',
'opqpwd',
]
In the same file (settings.py), specify this custom authentication backend:
# set custom authentication backend
AUTHENTICATION_BACKENDS = ['opqpwd.authentication.UserCredBackend']

Include the opqpwd URLconf in your project urls.py like this:
url(r'^', include('opqpwd.urls')),
Note: make sure you import include with from django.conf.urls import include.

Run python manage.py migrate to create the opqpwd models.
Start the development server (BEWARE: in a real environment you should run
it over https, however, as already stated, THIS IS A PROOF-OF-CONCEPT
SOFTWARE, FOR TESTING PURPOSES ONLY).
Start the cli-client script:
opqpwdcliclient
Note: if you installed the package as a user library, the script will
likely be in .local/bin in your home folder.

Connect to the development server:
connect http://127.0.0.1:8000

Register a user:
adduser
(if you want, you can also generate an authentication token to use along
with the password)

Login:
login

Add a password to the db:
addpassword

List all stored passwords titles:
printall

Print details of the password you just stored:
print 1

Upload encrypted passwords to the server:
save

Get help with the other commands:
help