the successor to opaque, itself a successor to (i think it was called "transparent"?)
- a gmail account that you can make an app password for
- nix (optional, recommended)
- enter the nix devshell or install the dependencies from it manually
just build(ornpm install && npm run build)just create-database(orsqlite3 hazy.db < schema.sql)
- fill in
.envwith values from.env.example just start(ornpm run start)
note that any qr codes generated are immediately bound to the currently set ORIGIN, so if you change
ORIGIN you will need to rm -r qr-cache
probably put it behind nginx or something
just dev / npm run dev will start an instance that automatically restarts on file changes
non-violent public license (NVPL), see LICENSE.md
- the admin system is pretty underwhelming. if you have higher standards than "password stored in a
.env", you should probably turn that into a more real authentication system - the
/registrationendpoint should be pretty secure and do most possible checking for bad values, but it's always possible that there's something that will get through - the file uploads could get larger than you expect. there's a 10mb limit on files uploaded, and they're renamed to a random ID, but user files are scary, so be careful
- i think it should be fine on xss
- exposing user registration codes should not be a security issue unless you assume attackers have admin, in which case they can get people's names as well as see if they've checked in / check them in themselves. no other info is exposed to the client