[init] simple app

.gitignore

@@ -0,0 +1,2 @@
+node_modules
+.env

README.md

@@ -0,0 +1,8 @@
+# github-key-signing
+
+
+### Github GPG keys api usage test . 
+
+Playing around github api and message signing with gpg keys
+
+[![Preview](https://raw.githubusercontent.com/b37t1td/github-key-signing/master/github-key-sign.png)](https://raw.githubusercontent.com/b37t1td/github-key-signing/master/github-key-sign.png)

TODO.md

@@ -1,27 +1,27 @@
 
 ### #1 Simple Messaging Application
 
-- [ ] Socket.io server
-- [ ] GitHub authorization
-- [ ] Broadcast messages between user sessions
+- [x] Socket.io server
+- [x] GitHub authorization
+- [x] Broadcast messages between user sessions
 
 ### #2 Simple web client (UI of the messenger)
 
-- [ ] Login page (`sign in` button)
-- [ ] Messages screen with simple form for new message
+- [x] Login page (`sign in` button)
+- [x] Messages screen with simple form for new message
 
-### #3 Handling public keys and message signing
+### #3 Handling keys on server
 
-- [ ] Share public key of current user with web client
-- [ ] Verify signed messages (set mark)
-- [ ] Logout
+- [x] Share public key of current user with web client
+- [x] Verify signed messages (set mark)
+- [x] Logout
 
 ### #4 Web client
 
-- [ ] Ask user password if current session (password manager) does not have saved password
-- [ ] Sign message with public key
-- [ ] Highlight signed messages
-- [ ] Logout
+- [x] Ask user password if current session (password manager) does not have saved password
+- [x] Sign message with public key
+- [x] Highlight signed messages
+- [x] Logout
 
 
 

index.js

@@ -0,0 +1,7 @@
+/**
+ * Socket io messager with gpg key signing messages support 
+ * Lets keep simple
+ */
+require('dotenv').load({silent : true});
+require('./server/index');
+

package.json

@@ -0,0 +1,19 @@
+{
+  "name": "github-key-signing",
+  "version": "1.0.0",
+  "description": "",
+  "main": "index.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1",
+    "start" : "node index.js"
+  },
+  "dependencies": {
+    "dotenv": "^2.0.0",
+    "express": "^4.14.0",
+    "express-session": "^1.14.1",
+    "github-oauth": "^0.2.2",
+    "openpgp": "^2.3.5",
+    "request": "^2.76.0",
+    "socket.io": "^1.5.1"
+  }
+}

public/kbpgp/SIGNED.md

@@ -0,0 +1,65 @@
+##### Signed by https://keybase.io/max
+```
+-----BEGIN PGP SIGNATURE-----
+Comment: GPGTools - https://gpgtools.org
+
+iQEcBAABCgAGBQJU74t/AAoJEJgKPw0B/gTf7DgH/08e5TY5SI+yuV4Fe1EFtJHp
+9rZNUIaE+IAMQZDZOKKrPDinMNN9+6rgtJKLbPn1eqq1pi3iM9N6/BKZyrpcdF2V
+aUSiskKg5A/63LS+dfYpwbvO4hfEJjGrEADzH6wWuBMblamREMGE2jQ3gfU26Dd/
+4pZb0I3QxcIBu4gQkc58akMYt4IIAt+JdKPwgpZTUoggJUfivxnAdQIHbAjah/Xg
+N8gUoUUP1quHT7FFXVLzOVC01dzm/tNj0Wazg145cDqwqEBWq1CvsPIjShlJbXJK
+fpz5fem0yF+E+Ug4lErtqC7k9LQnUzUj4vRApaNVM0h1lzjOt0Actck87nCQOMw=
+=hs5V
+-----END PGP SIGNATURE-----
+
+```
+
+<!-- END SIGNATURES -->
+
+### Begin signed statement 
+
+#### Expect
+
+```
+size     exec  file                  contents                                                        
+               ./                                                                                    
+1028578          kbpgp-2.0.8-min.js  621a3644724ba31510277c53e74a893f8214039640afd2d16f8d0ceccb2b3af4
+1706976          kbpgp-2.0.8.js      e0c71bdea43b8246641f5e3ca61cccd8af4c55afbce195ab42c16171d87d82b2
+```
+
+#### Ignore
+
+```
+/SIGNED.md
+```
+
+#### Presets
+
+```
+none  # don't ignore anything
+```
+
+<!-- summarize version = 0.0.9 -->
+
+### End signed statement
+
+<hr>
+
+#### Notes
+
+With keybase you can sign any directory's contents, whether it's a git repo,
+source code distribution, or a personal documents folder. It aims to replace the drudgery of:
+
+  1. comparing a zipped file to a detached statement
+  2. downloading a public key
+  3. confirming it is in fact the author's by reviewing public statements they've made, using it
+
+All in one simple command:
+
+```bash
+keybase dir verify
+```
+
+There are lots of options, including assertions for automating your checks.
+
+For more info, check out https://keybase.io/docs/command_line/code_signing