{"id":15110072,"url":"https://github.com/kostad02/easy-pass","last_synced_at":"2026-01-20T14:07:07.633Z","repository":{"id":256754562,"uuid":"856327654","full_name":"KostaD02/easy-pass","owner":"KostaD02","description":"Easy self-hosting password manager","archived":false,"fork":false,"pushed_at":"2024-09-21T16:45:54.000Z","size":119,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-02-11T13:24:19.446Z","etag":null,"topics":["docker","docker-compose","express","javascript","mongodb","mongoose","password-manager"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/KostaD02.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-09-12T11:51:20.000Z","updated_at":"2024-11-16T14:43:36.000Z","dependencies_parsed_at":"2024-10-31T08:24:27.696Z","dependency_job_id":"84d8fb9d-6af3-4392-baac-a1b62f653895","html_url":"https://github.com/KostaD02/easy-pass","commit_stats":null,"previous_names":["kostad02/easy-pass"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/KostaD02%2Feasy-pass","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/KostaD02%2Feasy-pass/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/KostaD02%2Feasy-pass/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/KostaD02%2Feasy-pass/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/KostaD02","download_url":"https://codeload.github.com/KostaD02/easy-pass/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247364694,"owners_count":20927180,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["docker","docker-compose","express","javascript","mongodb","mongoose","password-manager"],"created_at":"2024-09-25T23:40:37.951Z","updated_at":"2026-01-20T14:07:07.627Z","avatar_url":"https://github.com/KostaD02.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Easy pass\n\nEasy pass is self-hosting app for password managment.\nThere are many great inspirations [vaultwarden](https://www.vaultwarden.net/), [passbolt](https://www.passbolt.com/), [bitwarden](https://bitwarden.com/), and others, but I struggled to self-host them myself. Because of that, I created **Easy Pass**. The idea is simple: to have a self-hosted password manager with single command run.\n\n\u003e [!CAUTION]\n\u003e This application is meant to be used only on a local network since it's based on **HTTP** (Currently). However, if someone else is on the same network where this application is hosted, they could potentially see the traffic and access the data. **USE AT YOUR OWN RISK**.\n\n## How does it works?\n\nThe client-side sends a request to the server, which will generate a random password. The server will encrypt it using the `aes-256-cbc` algorithm, with `SECRET_PHRASE` and `SECRET_IV` being used for encryption.\n\n\u003e [!IMPORTANT]\n\u003e For security reasons, each request from the client needs an `X-Secret` header. This should match the `SECRET_KEY` value; otherwise, it will not work.\n\n## Dependencies\n\nUnfortunately, I can't build everything from scratch, so here are all the dependencies:\n\n- Client side:\n  - [Boostrap CSS](https://getbootstrap.com/)\n  - [SweetAlert2](https://sweetalert2.github.io/)\n- Server side:\n  - [Express js](https://expressjs.com/)\n  - [Mongoose](https://mongoosejs.com/)\n  - [dotenv](https://www.npmjs.com/package/dotenv)\n  - [nodemon](https://www.npmjs.com/package/nodemon) - Not used in code but usefull for developing.\n\nAll dependencies are required to be installed only once on the server side. After that, you can use it without the internet. On the client side, SweetAlert2 is included with minified code, but Bootstrap CSS is not. If you go offline on the client side, it will still work, but you'll miss some styles from Bootstrap. 😢\n\nIn the future, I will update the client-side code to have **zero** dependencies and a better UI/UX.\n\n## Environment variables\n\n| name          | description                                                                                                   | type     | example                                | default |\n| ------------- | ------------------------------------------------------------------------------------------------------------- | -------- | -------------------------------------- | ------- |\n| PORT          | Server port                                                                                                   | `number` | `3000`                                 | `3000`  |\n| DATABASE_URL  | URL for database connection                                                                                   | `string` | `mongodb://localhost:27017/easy-pass`  | nothing |\n| SILENT_LEVEL  | Value for showing console outputs                                                                             | `number` | `0`                                    | `0`     |\n| SECRET_KEY    | Secret key which should be matched for each request                                                           | `string` | Something strong, 5-30 char            | nothing |\n| SECRET_PHRASE | Secret phrase which will be used for encrypt/decrypt                                                          | `string` | Something strong, exactly 32 character | nothing |\n| SECRET_IV     | Secret [IV](https://csrc.nist.gov/glossary/term/initialization_vector) which will be used for encrypt/decrypt | `string` | Something strong, exactly 16 character | nothing |\n\n\u003e [!TIP]\n\u003e For secrets, you can use Node.js's built-in `crypto` function: `crypto.randomBytes(16).toString('base64')`.\n\n### Example env\n\n```\nPORT = 3000\nDATABASE_URL = mongodb://localhost:27017/easy-pass\nSILENT_LEVEL = 2\nSECRET_IV = q10wA5fbm1WLdK2984PoJA==\nSECRET_KEY = VZCnhOUGozJJGOGRyr5kDw==\nSECRET_PHRASE = PsKA53DqytgX6nlGDuEK8zqjlnZP/nurfBm7tnsXg3s=\n```\n\n## Silent level\n\nThe silent level is used to control the display of `console` outputs. Some logs are forced to be visible to understand the exact reason why the application stopped.\n\n| level | description                |\n| ----- | -------------------------- |\n| `0`   | Nothing will be logged     |\n| `1`   | Only errors will be logged |\n| `2`   | Everything will be logged  |\n\n## How to setup\n\nYou have to install [docker](https://www.docker.com/) and [docker compose](https://docs.docker.com/compose/).\n\nAfter that run this scripts:\n\n```\nmkdir easy-pass\ncd easy-pass\ndocker pull kostad02/easy-pass:latest\ncurl -o docker-compose.yml https://raw.githubusercontent.com/KostaD02/easy-pass/main/server/docker-compose.yml\n```\n\n\u003e [!CAUTION]\n\u003e It's better to edit secret values rather than using the \"default\" ones.\n\n```\nnano docker-compose.yml # edit all secret codes accordingly.\n```\n\nAfter updating secret values\n\n```\ndocker compose up -d\n```\n\nThats it! Now lets check if container is running:\n\n```\ndocker ps\n```\n\nYou should see 2 container:\n\n```\nCONTAINER ID   IMAGE                                                COMMAND                  CREATED          STATUS                  PORTS                                                 NAMES\nc90bbd620142   kostad02/easy-pass:latest                            \"docker-entrypoint.s…\"   22 seconds ago   Up 22 seconds           0.0.0.0:3000-\u003e3000/tcp, :::3000-\u003e3000/tcp             easy-pass\ne064d2eee39f   mongo:latest                                         \"docker-entrypoint.s…\"   22 seconds ago   Up 22 seconds           27017/tcp                                             easy-pass-db\n```\n\nOpen browser and write your `http://your_localhost_ip:3000`.\n\n![Example of easy-pass](view.png)\n\nInput same `SECRET_KEY` what you wrote in `docker-compose.yml`.\n\n## How to contribute\n\nCurrently, the server-side code is working perfectly, but I can't say the same for the client side. I will add new features when I have time, but you don't have to wait feel free to add them yourself! Fork the project and submit pull requests.\n\n## To Do\n\nHere are a few ideas that will be implemented in the future. You can also open an issue for any of these ideas.\n\n- Generate SSL on application startup.\n- Update client side design.\n- Seperate client side from server side:\n  - Create new PWA application (for better experience).\n  - Create container for new application\n- Add backup support.\n- Minify client side code dynamicly in `server/index.html`.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkostad02%2Feasy-pass","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fkostad02%2Feasy-pass","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkostad02%2Feasy-pass/lists"}