Skip to content

geomi737/pm2p

Repository files navigation

PM2P Password Manager

Local Development

  1. Install dependencies

    • Backend
      python -m venv .venv
      source .venv/bin/activate
      pip install -e .[dev]
    • Frontend
      cd src/frontend
      pnpm install
  2. Environment variables
    Copy the template and customise:

    cp .env.example .env
  3. Run services

    • Backend: uvicorn src.main:api --reload
    • Frontend: cd src/frontend && pnpm dev
  4. Checks

    • Frontend build: pnpm run build

Docker Deployment

  1. Populate .env (based on .env.example). For local Docker usage keep:

    • REFRESH_COOKIE_SECURE=false
    • CORS_ALLOWED_ORIGINS=http://localhost:3000
  2. Build and start everything:

    docker compose up --build
  3. Published services:

Security Notes

  • Refresh tokens live in HttpOnly cookies; when deploying behind TLS set REFRESH_COOKIE_SECURE=true and update REFRESH_COOKIE_DOMAIN.
  • Credential secrets are encrypted client-side with AES-GCM using a key derived from the account password. After a page refresh the vault must be unlocked via the password prompt.
  • Rate limiting is handled in Redis; ensure the Redis instance is protected in production.

About

Password Manager Pet Project

Resources

Stars

0 stars

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors