Bloc-notes is a fast, private and secure notebook.
The user can use Markdown and HTML. The user can create tasks lists, tables, links, code blocks, etc. The user can also search for notes, sort them or filter them by category and create folders to organize them.
The user can also sign in to sync all notes between their devices in a secure database. The user can also make a note public and share it via a random URL. No email is required, only a username and a strong password.
This website is a PWA (Progressive Web App), the user can install it as an application. Service Worker has automatic updates.
The website is also accessible for people with disabilities thanks to high-contrast colors, ARIA modules and focusable elements. A light/dark mode is also available and the user can choose the accent color of the entire page.
The website follows the OWASP security recommendations.
The user's connection is maintained by a secure cookie. Passwords are hashed and all notes, local or cloud, are encrypted with AES-256-GCM
.
Each user has their own randomly generated 32-byte encryption key and salt. Once logged in, the user can change their password or delete their account.
The user can use biometrics (fingerprint, Windows Hello, etc) to unlock app. Biometrics are never sent to the server.
- 2FA login
- Markdown plugins
If you find issues, vulnerabilities or if you have any suggestions to improve this project, feel free to discuss!
docker-compose up --build -d
to build the Docker container
Important
The website is available at localhost:8787, but if you want to deploy it on a server with a domain name or an IP address, you need to install a SSL certificate to use note encryption (Web Crypto API requires HTTPs). Edit all users, passwords and Docker configurations for production.