DEV Community

Liam Griffiths
Liam Griffiths

Posted on • Edited on

Building a static React App to share encrypted notes

I started writing this little web app as a way to learn about setting up a website on Netlify and to try out some new libraries. It was a lot of fun to work on and has turned out to be quite useful for sharing little messages or passwords. I wanted to share it here to get some feedback and hopefully inspire some other people out there working on similar projects :)

The site is basically a little clone of the service privnote.com - and it works by encrypting a message in the browser and stores the encrypted message in a redis server. The password to decrypt the note never leaves the browser and the site gives you a link to share with someone else with the password appending to the hash section of the url - that way the password you share with them never leaves their browser either. When the other person opens the link the web app will fetch the note and decrypt it on the client side. I set it up so that the encrypted note on the server is deleted as soon as it is read from the database.

The source code is available on my GitHub page - feel free to check it out. I wrote out some instructions there on how to deploy it yourself if you want to run your own version of it.

Top comments (6)

Collapse
 
rinzler profile image
Rinzler

Nice service, a couple of months ago I searched for a service exactly like this as I wanted to share a one-time read encrypted password. It's really handy for sharing this kind of messages, the interface is pretty straight to the point and the service works fine. Great job. It's on my bookmarks now :)

Collapse
 
liamgriffiths profile image
Liam Griffiths

Thanks for taking a look at it! When I get a little more time I think I’ll add to the post with some points of interest in the code too :)

Collapse
 
mudlabs profile image
Sam

What do you mean by "the password never leaves the browser"? Are you just referring to the unencrypted version of the password? Because If it's appended to the URL , assuming it's shared it definitely does leaves the browser.

Collapse
 
liamgriffiths profile image
Liam Griffiths

Thanks for taking a look and for leaving the question- I might edit that description again when I get a chance to clear up what I meant there.

Collapse
 
najjarosama93 profile image
Osama Najjar

Cool feature!!

Collapse
 
liamgriffiths profile image
Liam Griffiths

Certainly possible - though I'm sure what the benefit there would be and I like that the server doesn't need to ever handle passwords at all. What did you have in mind?