https://github.com/0snap/wg-tools
https://wg-tools.de
https://github.com/0snap/wg-tools
Last synced: 29 days ago
JSON representation
https://wg-tools.de
- Host: GitHub
- URL: https://github.com/0snap/wg-tools
- Owner: 0snap
- License: mit
- Created: 2015-11-12T18:27:12.000Z (over 9 years ago)
- Default Branch: master
- Last Pushed: 2017-11-01T18:47:08.000Z (over 7 years ago)
- Last Synced: 2025-02-06T12:15:53.908Z (3 months ago)
- Language: JavaScript
- Homepage:
- Size: 15.7 MB
- Stars: 1
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# WG-Tools
This project is currently on hold. I do not need the software any longer (at least for now). If you somehow stumbled upon this, please feel free to carry on and improve it!
The hosted version is not longer available, but you can get the whole application containerized for self hosting at [dockerhub](https://hub.docker.com/r/fixel/wg-tools/).
### Build
[](https://travis-ci.org/0ortmann/wg-tools)
### Docker Layer
Frontend:
[](https://imagelayers.io/?images=fixel/wg-tools:frontend 'Get your own badge on imagelayers.io')
Backend:
[](https://imagelayers.io/?images=fixel/wg-tools:backend 'Get your own badge on imagelayers.io')
Mongo-Container:
[](https://imagelayers.io/?images=fixel/wg-tools:mongo 'Get your own badge on imagelayers.io')
## Purpose
If you are living in a flat share and have to manage expenses or other stuff and you want some just-working tool for that purpose, then you are at the right place here. This applicaiton is meant for diy hosting and development. Feel free to contribute!
### Behavior
You can create a 'WG' (flat share) with a login, then actually login with that. The app stores expenses and calculates the mean among all participants. It offers a human-usable interface for non-tech people. Currently under development, so basically anything may change from now to then!
### Planning
The next most necessary step is exhaustive testing for frontend-side reducer and action creator logic. Then comes a user feature for custom settings and I want to work out some concept for automated security testing. Then all the things that are not already checkmarked below in this readme.
## Usage
You may simply use the app for free or self host everything, compile sources or just run containers.
### Plain Usage
Simply use the hosted application here (registration does not require anything except a flatshare-name): [wg-tools.de](https://wg-tools.de)
### DIY Hosting
You need a mongodb, python and nodejs.
Everything is setup for development; start the frontend with ```npm run dev``` and the python server with ```script/devServer.sh```. Your mongodb should be running on localhost.
The python API expects a folder named ```secrets``` in the python-backend directory, containing two files: ```salt``` and ```secret```. These files should each contain a long random string sequence, used as basis for salting user entered passwords and JWT secret key. The app will not start without those files.
To start everything inside a container install docker-compose and start everything via 'up'.
## Todos
### Expenses Header:
[x] List header, select with dropdown
[x] Create lists
[x] Delete lists
[x] make list uneditable
[x] mobile header
### List behavior:
[] automatically create new list per week/month?
[] make monthly/weekly lists uneditable on next month/week
[x] no editform on uneditable lists
[x] set new list as active after creation
### General panels:
[x] Graph for expenses
[] Graph for depts
### Direct depts:
[] Graph for direct borrows
[] List-types?
### Dispenses:
[x] db: store dispenses
[x] calculator: concept of dispense + calc
[x] fe: intuitive concept!
[x] fe: styling
[] UX: change element positioning
### Group notes:
[] have some note panel
[] easy counter for stuff (eg. for series)
### Header & Static Pages:
[x] static pages (faq, about, etc)
[x] navigation in header
[] 'custom space with settings'-button
[x] mobile header ==> hamburger
### Custom space for configuring WG settings
[] store wg settings (data model etc)
[] graph granularity
[] list clipping interval (requires list clipping in general)
[] colortheme?
### flux -> redux
[x] refactor 'old' concepts to match top level state-tree idea of redux
[x] adjust test
[x] actionCreators
[x] reducers
[x] remove old flux code, deps, everything
[x] switch to redux
[x] distinguish dev + prod
[x] redux + react-router
[x] redux call opt
[] use middleware (avoid double requests due to inaccurate state-change evaluation inside the components!)
### General behavior:
[x] Confirm delete of items
[x] Confirm delete of lists
[x] Login
[x] Token in cookie
[x] Logout
[x] URL-Schema
[x] React-Router
[x] Create WG
[x] Header logout
[x] Tunnel FE --> BE (Container Setup)
[x] Tunnel expenses actions
[x] Tunnel login actions
[x] python cgi for production
[x] container setup
[x] configurable endpoints for py-backend and mongo
[x] message about backend-calls (eg. register already in use etc)
[x] Comments on items
[x] ssl on server (caddy)
[x] navigation, faq/about pages & link to github & homepage
[x] dont submit empty forms
[] general 'backend (un)reachable' error for frontend
[] server side rendering
[] field length restrictions everywhere
[] always two digits for amounts
[] routing: 404 page
### Security:
[x] CSRF protection
[x] dont leak headers + hostname from FE-BE communication
[x] remove user enumeration endpoint
[] API Keys
[] clear react component states after logout (logout -- login -- old state visible)
[x] IDOR vulnerable, dont leak mongo IDs
[] generate random salt / user
### Tests:
[x] Test setup BE
[x] Test setup FE
[x] FE - render
[x] BE - calculator
[] BE - API
[] storage
[] FE reducer + action creator (finally decide for an architecture...)
[] automated security tests (XSS, CSRF, IDOR etc) --> concept!
### Cool third party stuff
[x] docker hub (fixel/wg-tools)
[x] layers.io in README
[x] travis ci
[x] build status in README