Gsoc 17 : Client Side File crypto : Week 11

Note: This is a repost of the original Blog post during GSoC ’17. As my AWS instance went down, I’ve been migrating my old blog posts here.
Originally posted in August 2017

This blog post summarizes the eleventh week of writing open-source code for Drupal with Google Summer of Code.

The module is finally complete with most of it’s major features. It is complete for testing and a bit more changes are to be made that have been discussed, suggested and some things that were planned and are left to implement.

File upload handling

One of the major tasks that was left in the module was of handling the encrypted file uploads on the backed. After I tried searching for how to leverage the built-in one, Adam, in the last meeting suggested that the built-in file upload method wasn’t the best method for my use-case and hence I should create my own AJAX file upload callback for storing the ciphertext files. 
This gist helped me implement the POST multipart AJAX file upload handler.

New private key storage containers

I discovered a possible bug in which the private keys were being stored in the HTML5 local storage in the browser by the name of “privKey” and there could be a possibility where the users logs in using multiple accounts from the same browser. In that case the second user that logs in won’t be able to access data as the private key stored in the browser is of the previous user. Hence I changed the private key storage container identifiers to vary based on their user ID. Now the local storage variables are identified as : csfcPubKey_3 where 3 is the user ID.

Switching from DB schema to Content entities

During the latest code review by Adam, he suggested that using database schemas is a thing of the past now and we should move to using content/config entities before proceeding any further. Later we came down to deciding to use content entities. The task of moving to content entities has been started. Most part of creating new content entities would be made easy by Drupal Console!

Although the module is feature ready utilizing a basic database schema for now, the current phase would only be complete after the data storage is moved to entities.

Embedded Image previews

After completing the file metadata fetching, append it to the DOM and triggering the decrypt functions when these files are requested for, I added another feature of embedding image previews for files of MIME type as image.

Latest module behaviours

There were a few small parts that I worked on over the week:

  • Redirection on all AJAX request completion
    After the generation of the keys, the user is redirected to the site home.
  • Enable REST resources on module install
    After using the rest.resource.*.*.yml files, the REST resources will be enabled by default on module install and we won’t need to manually enable them using the REST UI Module.
  • Force logout all users post module install
    This is a necessity for all user to be logged out after the module is installed as keys must be generated after the module is installed.

Plans for this week

As the module is mostly complete, I will be working on moving to content entities for now and then work on the few more features that are left to implement. The basic functionality is ready for testing, so I’ll host it on my drupal site and keep it up there for testing and previews. Also, I’ll be moving to shifting the project to and implementing CI toward the end of this week.

You can check the module out with instructions here (NOT YET)
Here’s a video to demonstration on how to use the module: (ToDo)

Also, I recently gave a talk about Drupal and my GSoC project at an open source workshop in my college introducing the freshman and sophomores of my college to open source and Drupal.

Thanks for reading!

Like what you read? Give Tameesh Biswas a round of applause.

From a quick cheer to a standing ovation, clap to show how much you enjoyed this story.