Commit graph

7 commits

Author SHA1 Message Date
marwin
4b47f6e67a Books: broken-book repair flow + simplify password change
All checks were successful
Build and push Docker image / build (push) Successful in 15s
Test / test (push) Successful in 16s
When a book fails to open, a '!' button appears next to it in the list.
Clicking it prompts for the original file; the file is re-encrypted with
the current key and replaces the broken ciphertext on the server while
keeping all metadata, progress, highlights and bookmarks intact.

- Add POST /books/<pk>/replace-data/ endpoint (updates data only)
- Add _evictCachedBook() to clear IndexedDB cache for a single book
- Replace complex client-side re-encryption on password change with a
  simple confirm() warning that books will need to be re-uploaded

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-25 17:03:59 +02:00
marwin
817323ad19 Accounts: fix password change key migration
All checks were successful
Build and push Docker image / build (push) Successful in 14s
Test / test (push) Successful in 15s
The old key comparison was wrong — the localStorage key may have been
randomly generated rather than PBKDF2-derived. Fix:
- Add /accounts/check-password/ to validate the old password server-side
  before touching any keys
- Use the localStorage key directly as the old decryption key (it is
  always the correct source of truth, regardless of how it was generated)
- Derive the new key from the new password via PBKDF2

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-25 16:46:03 +02:00
marwin
1426c69a73 Accounts: re-encrypt all books on password change
All checks were successful
Build and push Docker image / build (push) Successful in 14s
Test / test (push) Successful in 15s
The encryption key is PBKDF2-derived from the login password. Changing
the password without migrating the key would make all books undecryptable
on the next login.

- Add POST /books/<pk>/rekey/ endpoint to replace a book's ciphertexts
- Password change form is now JS-driven: before submitting to the server,
  derives the old key, verifies it matches localStorage, derives the new
  key, re-encrypts all books (data + meta) and their highlights/bookmarks,
  updates localStorage, then submits the Django form

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-25 16:37:41 +02:00
marwin
e3a9c61c05 Accounts: add password change form to settings
All checks were successful
Build and push Docker image / build (push) Successful in 57s
Test / test (push) Successful in 15s
Uses Django's built-in PasswordChangeForm and update_session_auth_hash
so the session stays valid after the change. Form is hidden in a
<details> element and opens automatically on validation errors.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-25 16:26:07 +02:00
Marwin Schulz
2bd83f6315 Add podcast feature with feed management, Docker cron, and ebook reader assets
All checks were successful
Build and push Docker image / build (push) Successful in 12s
Test / test (push) Successful in 13s
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-19 13:39:59 +01:00
marwin
978b6fa24b Store background images in DB, persist SQLite via volume
All checks were successful
Build and push Docker image / build (push) Successful in 12s
Test / test (push) Successful in 14s
2026-03-16 20:24:20 +01:00
marwin
8c3eec4ca1 Initial commit 2026-03-16 19:19:22 +01:00