{"id":30865540,"url":"https://github.com/devjpmello/assinador-digital-web","last_synced_at":"2025-09-07T21:22:26.699Z","repository":{"id":312910434,"uuid":"1049256314","full_name":"devJPMello/Assinador-Digital-Web","owner":"devJPMello","description":null,"archived":false,"fork":false,"pushed_at":"2025-09-02T19:54:36.000Z","size":55,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-09-02T20:13:28.963Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/devJPMello.png","metadata":{"files":{"readme":"readme.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-09-02T17:57:09.000Z","updated_at":"2025-09-02T19:54:40.000Z","dependencies_parsed_at":"2025-09-02T20:13:31.937Z","dependency_job_id":"022b8858-03cb-455f-8981-107903e32838","html_url":"https://github.com/devJPMello/Assinador-Digital-Web","commit_stats":null,"previous_names":["devjpmello/assinador-digital-web"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/devJPMello/Assinador-Digital-Web","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devJPMello%2FAssinador-Digital-Web","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devJPMello%2FAssinador-Digital-Web/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devJPMello%2FAssinador-Digital-Web/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devJPMello%2FAssinador-Digital-Web/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/devJPMello","download_url":"https://codeload.github.com/devJPMello/Assinador-Digital-Web/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devJPMello%2FAssinador-Digital-Web/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":274097424,"owners_count":25221820,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-07T02:00:09.463Z","response_time":67,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-09-07T21:22:24.811Z","updated_at":"2025-09-07T21:22:26.683Z","avatar_url":"https://github.com/devJPMello.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# 🔏 Assinador Digital Web\n\nAplicação web para cadastro de usuários, geração de chaves criptográficas, assinatura digital de textos e verificação pública de assinaturas.\n\n---\n\n## 📂 Estrutura do projeto\n\n- **server/** → Backend em Node.js + Express + Prisma (PostgreSQL/NeonDB)\n- **client/** → Frontend em React + Vite\n\n---\n\n## 🚀 Como rodar\n\n### 1. Clonar e instalar dependências\n```bash\ngit clone \u003curl-do-repo\u003e\ncd Assinador-Digital-Web\n```\n\n**Backend:**\n```bash\ncd server\nnpm install\n```\n\n**Frontend:**\n```bash\ncd ../client\nnpm install\n```\n\n---\n\n### 2. Configurar variáveis de ambiente\n\n**server/.env**\n```env\nDATABASE_URL=\"postgresql://\u003cusuario\u003e:\u003csenha\u003e@\u003chost\u003e/\u003cdb\u003e?sslmode=require\"\nJWT_SECRET=\"troque-por-um-segredo-jwt-forte\"\nMASTER_KEY=\"32bytes_em_base64_ou_hex\"\nPORT=4000\n\n# Opções de exportação da chave privada\nDEV_ALLOW_PRIVATE_EXPORT=\"true\"\nEXPOSE_PRIVATE_ALWAYS=\"false\"\n```\n\n\u003e ⚠️ `MASTER_KEY` precisa ter **32 bytes reais**.  \nExemplo válido (base64):  \n```\nMASTER_KEY=\"f3+1R0cG3o3V5uW5dGZqVw2m4p7x9b1kC0Y3s5u8wzA=\"\n```\n\n**client/.env**\n```env\nVITE_API_URL=\"http://localhost:4000\"\n```\n\n---\n\n### 3. Aplicar migrações do Prisma\n```bash\ncd server\nnpx prisma generate\nnpx prisma migrate dev --name init\n```\n\n---\n\n### 4. Rodar os servidores\n\n**Backend**\n```bash\ncd server\nnpm run dev\n```\nServidor em: [http://localhost:4000](http://localhost:4000)\n\n**Frontend**\n```bash\ncd client\nnpm run dev\n```\nApp em: [http://localhost:5173](http://localhost:5173)\n\n---\n\n## ✅ Critérios de Aceitação\n\n- [x] **Cadastro** cria usuário e par de chaves (pública/privada).\n- [x] **Assinatura** gera ID único, guarda no banco e retorna assinatura + hash.\n- [x] **Verificação** (rota pública `/verify/:id`) confirma **VÁLIDA / INVÁLIDA**.\n- [x] **Logs** de verificações persistidos.\n- [x] **Página Minhas Chaves** mostra pública + fingerprint (e, opcionalmente, privada em DEV).\n\n---\n\n## 🔑 Fluxos principais\n\n### 1. Cadastro\n`POST /auth/register`\n\nRequest:\n```json\n{ \"email\": \"user@mail.com\", \"password\": \"123456\" }\n```\n\nResponse:\n```json\n{ \"ok\": true, \"userId\": \"abc123\", \"privateExportToken\": \"opcional-em-dev\" }\n```\n\n### 2. Login\n`POST /auth/login`\n\n### 3. Assinar texto\n`POST /sign`\n\nRequest:\n```json\n{ \"text\": \"Olá mundo\", \"storeText\": true }\n```\n\nResponse:\n```json\n{\n  \"signatureId\": \"sig_123\",\n  \"algorithm\": \"RSA-PSS-SHA256\",\n  \"textHashHex\": \"a94a8fe5...\",\n  \"signatureB64\": \"MEUCIQD...\"\n}\n```\n\n### 4. Verificar por ID\n`GET /verify/:id`\n\nResponse:\n```json\n{\n  \"valid\": true,\n  \"signatureId\": \"sig_123\",\n  \"signer\": \"user@mail.com\",\n  \"algorithm\": \"RSA-PSS-SHA256\",\n  \"createdAt\": \"2025-09-02T23:45:00.000Z\"\n}\n```\n\n### 5. Verificar por texto + assinatura\n`POST /verify`\n\nRequest:\n```json\n{ \"text\": \"Olá mundo\", \"signatureB64\": \"MEUCIQD...\" }\n```\n\n---\n\n## 🧪 Testes básicos\n\n**Teste positivo**\n```bash\n# cadastrar\ncurl -c cookies.txt -H \"Content-Type: application/json\"   -d '{\"email\":\"t+$(date +%s)@mail.com\",\"password\":\"123456\"}'   http://localhost:4000/auth/register\n\n# assinar\ncurl -b cookies.txt -H \"Content-Type: application/json\"   -d '{\"text\":\"teste\"}'   http://localhost:4000/sign\n```\n\n**Teste negativo**\n```bash\n# tentar verificar com texto alterado\ncurl -H \"Content-Type: application/json\"   -d '{\"text\":\"texto alterado\",\"signatureB64\":\"\u003cassinatura\u003e\"}'   http://localhost:4000/verify\n```\n\n---\n\n## 🔒 Chaves privadas\n\n- **Padrão**: a chave **privada nunca é exibida**.\n- **Dev opcional**: se `DEV_ALLOW_PRIVATE_EXPORT=\"true\"`, o backend pode gerar um `privateExportToken` no cadastro para **um download único** da privada.\n- Se `EXPOSE_PRIVATE_ALWAYS=\"true\"`, o usuário logado pode **ver e baixar a chave privada a qualquer momento** (⚠️ não recomendado, apenas para testes locais).\n\n---\n\n## 📸 Telas do frontend\n\n- **Cadastro / Login**\n- **Assinar texto**\n- **Verificar assinatura**\n- **Minhas Chaves**  \n  - mostra chave pública + fingerprint  \n  - botão para baixar chave pública  \n  - (em DEV) campo token + botões para ver/baixar privada  \n\n---\n\n## 📂 Entregáveis\n\n- Código completo (`server/`, `client/`).\n- Arquivo **README.md** (este).\n- Migrações Prisma no repo (`prisma/migrations/`).\n- Casos de teste: 1 positivo + 1 negativo.\n- Opcional: dump SQL.\n\n---\n\n## ⚠️ Avisos de segurança\n\n- Não ative `EXPOSE_PRIVATE_ALWAYS=\"true\"` em produção.  \n- Nunca exponha chaves privadas em ambientes reais.  \n- Use apenas para fins acadêmicos e de aprendizado.\n\n---\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdevjpmello%2Fassinador-digital-web","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdevjpmello%2Fassinador-digital-web","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdevjpmello%2Fassinador-digital-web/lists"}