pinterest/snappass pinterest/snappass

  • Stars
    star
    812
  • Rank 54,021 (Top 2 %)
  • Language
    Python
  • License
    MIT License
  • Created over 10 years ago
  • Updated 22 days ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
pinterest/snappass
github

pinterest

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Share passwords securely

SnapPass

Latest version released on PyPI

It's like SnapChat... for passwords.

This is a web app that lets you share passwords securely.

Let's say you have a password. You want to give it to your coworker, Jane. You could email it to her, but then it's in her email, which might be backed up, and probably is in some storage device controlled by the NSA.

You could send it to her over chat, but chances are Jane logs all her messages because she uses Google Hangouts Chat, and Google Hangouts Chat might log everything.

You could write it down, but you can't find a pen, and there's way too many characters because your security person, Paul, is paranoid.

So we built SnapPass. It's not that complicated, it does one thing. If Jane gets a link to the password and never looks at it, the password goes away. If the NSA gets a hold of the link, and they look at the password... well they have the password. Also, Jane can't get the password, but now Jane knows that not only is someone looking in her email, they are clicking on links.

Anyway, this took us very little time to write, but we figure we'd save you the trouble of writing it yourself, because maybe you are busy and have other things to do. Enjoy.

Security

Passwords are encrypted using Fernet symmetric encryption, from the cryptography library. A random unique key is generated for each password, and is never stored; it is rather sent as part of the password link. This means that even if someone has access to the Redis store, the passwords are still safe.

Requirements

Installation

$ pip install snappass
$ snappass
* Running on http://0.0.0.0:5000/
* Restarting with reloader

Configuration

Start by ensuring that Redis is up and running.

Then, you can configure the following via environment variables.

SECRET_KEY: unique key that's used to sign key. This should be kept secret. See the Flask Documentation for more information.

DEBUG: to run Flask web server in debug mode. See the Flask Documentation for more information.

STATIC_URL: this should be the location of your static assets. You might not need to change this.

NO_SSL: if you are not using SSL.

URL_PREFIX: useful when running snappass behind a reverse proxy like nginx. Example: "/some/path/", Defaults to None

REDIS_HOST: this should be set by Redis, but you can override it if you want. Defaults to "localhost"

REDIS_PORT: is the port redis is serving on, defaults to 6379

SNAPPASS_REDIS_DB: is the database that you want to use on this redis server. Defaults to db 0

REDIS_URL: (optional) will be used instead of REDIS_HOST, REDIS_PORT, and SNAPPASS_REDIS_DB to configure the Redis client object. For example: redis://username:password@localhost:6379/0

REDIS_PREFIX: (optional, defaults to "snappass") prefix used on redis keys to prevent collisions with other potential clients

HOST_OVERRIDE: (optional) Used to override the base URL if the app is unaware. Useful when running behind reverse proxies like an identity-aware SSO. Example: sub.domain.com

Docker

Alternatively, you can use Docker and Docker Compose to install and run SnapPass:

$ docker-compose up -d

This will pull all dependencies, i.e. Redis and appropriate Python version (3.7), then start up SnapPass and Redis server. SnapPass server is accessible at: http://localhost:5000

Similar Tools

We're Hiring!

Are you really excited about open-source and great software engineering? Pinterest is hiring!

More Repositories

1

ktlint

An anti-bikeshedding Kotlin linter with built-in formatter
Kotlin
6,006
star
2

gestalt

A set of React UI components that supports Pinterest’s design language
JavaScript
4,205
star
3

PINRemoteImage

A thread safe, performant, feature rich image fetcher
C
3,998
star
4

PINCache

Fast, non-deadlocking parallel object cache for iOS, tvOS and OS X
Objective-C
2,644
star
5

secor

Secor is a service implementing Kafka log persistence
Java
1,832
star
6

teletraan

Teletraan is Pinterest's deploy system.
Java
1,792
star
7

querybook

Querybook is a Big Data Querying UI, combining collocated table metadata and a simple notebook interface.
TypeScript
1,728
star
8

knox

Knox is a secret management service
Go
1,216
star
9

pinball

Pinball is a scalable workflow manager
JavaScript
1,047
star
10

mysql_utils

Pinterest MySQL Management Tools
Python
878
star
11

elixometer

A light Elixir wrapper around exometer.
Elixir
827
star
12

pymemcache

A comprehensive, fast, pure-Python memcached client.
Python
740
star
13

bonsai

Understand the tree of dependencies inside your webpack bundles, and trim away the excess.
JavaScript
739
star
14

esprint

Fast eslint runner
JavaScript
657
star
15

bender

An easy-to-use library for creating load testing applications
Go
654
star
16

rocksplicator

RocksDB Replication
C++
640
star
17

DoctorK

DoctorK is a service for Kafka cluster auto healing and workload balancing
Java
633
star
18

plank

A tool for generating immutable model objects
Swift
469
star
19

riffed

Provides idiomatic Elixir bindings for Apache Thrift
Elixir
307
star
20

thrift-tools

thrift-tools is a library and a set of tools to introspect Apache Thrift traffic.
Python
229
star
21

elixir-thrift

A Pure Elixir Thrift Implementation
Elixir
212
star
22

widgets

JavaScript widgets, including the Pin It button.
JavaScript
195
star
23

terrapin

Serving system for batch generated data sets
Java
176
star
24

singer

A high-performance, reliable and extensible logging agent for uploading data to Kafka, Pulsar, etc.
Java
173
star
25

git-stacktrace

Easily figure out which git commit caused a given stacktrace
Python
157
star
26

jbender

An easy-to-use library for creating load testing applications.
Java
155
star
27

ptracer

A library for ptrace-based tracing of Python programs
Python
154
star
28

react-pinterest

JavaScript
153
star
29

pinlater

PinLater is a Thrift service to manage scheduling and execution of asynchronous jobs.
Java
135
star
30

it-cpe-cookbooks

A suite of Chef cookbooks that we use to manage our fleet of client devices
Ruby
117
star
31

memq

MemQ is an efficient, scalable cloud native PubSub system
Java
111
star
32

psc

PubSubClient (PSC)
Java
110
star
33

pinterest-api-demo

JavaScript
105
star
34

PINOperation

Objective-C
102
star
35

api-quickstart

Code that makes it easy to get started with the Pinterest API.
Python
100
star
36

soundwave

A searchable EC2 Inventory store
Java
97
star
37

orion

Management and automation platform for Stateful Distributed Systems
Java
94
star
38

PINFuture

An Objective-C future implementation that aims to provide maximal type safety
Objective-C
81
star
39

kingpin

KingPin is the toolset used at Pinterest for service discovery and application configuration.
Python
69
star
40

arcanist-linters

A collection of custom Arcanist linters
PHP
61
star
41

pagerduty-monit

Wrapper scripts to integrate monit and PagerDuty.
Shell
60
star
42

pinrepo

Pinrepo is a highly scalable solution for storing and serving build artifacts such as debian packages, maven jars and pypi packages.
Python
57
star
43

quasar-thrift

A Thrift server that uses Quasar's lightweight threads to handle connections.
Java
47
star
44

yuvi

Yuvi is an in-memory storage engine for recent time series metrics data.
Java
45
star
45

transformer_user_action

Transformer-based Realtime User Action Model for Recommendation at Pinterest
Python
44
star
46

pinterest-python-sdk

An SDK that makes it quick and easy to build applications with Pinterest API.
Python
35
star
47

slackminion

A python bot framework for slack
Python
22
star
48

atg-research

Python
20
star
49

l10nmessages

L10nMessages is a library that makes internationalization (i18n) and localization (l10n) of Java applications easy and safe.
Java
17
star
50

arcanist-owners

An Arcanist extension for displaying file ownership information
PHP
16
star
51

api-description

OpenAPI descriptions for Pinterest's REST API
15
star
52

thriftcheck

A linter for Thrift IDL files
Go
13
star
53

.github

Pinterest's Open Source Project Template
11
star
54

pinterest-python-generated-api-client

This is the auto-generated code using OpenAPI generator. Generated code comprises HTTP requests to various v5 API endpoints.
Python
10
star
55

homebrew-tap

macOS Homebrew formulas to install Pinterest open source software
Ruby
9
star
56

wheeljack

Work with interdependent python repositories seemlessly.
Python
8
star
57

vscode-gestalt

Visual Studio Code extension for Gestalt, Pinterest's design system
TypeScript
7
star
58

ffffound

FFFFOUND Import tool for Pinterest
HTML
6
star
59

vscode-package-watcher

Watch package lock files and suggest to re-run npm or yarn.
TypeScript
5
star
60

graphql-lint-rules

Pinterest GraphQL Lint Rules
TypeScript
5
star
61

ss-gtm-template

This is a repository to implement the Google Tag Manager server-side tag template for Pinterest API for Conversions to be deployed into Google Community Template Gallery.
Smarty
4
star
62

pinterest-magento2-extension

PHP
3
star
63

Pinterest-Salesforce-Commerce-Cartridge

JavaScript
2
star
64

slate

Resource Lifecycle Management framework
Java
1
star