Garret McGraw
2018-09-21 18:22:13 UTC
Hi all,
I have spent a lot of time during the past year working on a web frontend
for ledger, specifically hledger, since it is my favorite. Thank you to
Simon and all the contributors for all for your hard work on it! I started
using hledger last year to track my home finances and realized that it
would be useful to be able to access my hledger file from anywhere and
allow my close family members to access our financial data too. I am very
interested in computer security and encryption so I knew that there are
many inherent risks in keeping one's finances available on the public
internet but I also realized that these risks can be mitigated by careful,
security conscious website design. I finally came up with a design of a web
UI that is based upon keeping the ledger file encrypted any time it is
stored in a file (on the server side). When the user is logged in to run
reports, it decrypts the ledger file using a PBKDF2 hash of the user's
password and then runs any reports and allows editing of the ledger using
the web UI. The decrypted ledger file is never written to the server's disk
and it is only decrypted to be passed via STDIN to hledger and then the
encryption key is thrown out until the next user request. Assuming no
long-running reports are still being processed by the server, closing the
browser tab discards any non-encrypted copy of the ledger file until the
user's next login, keeping all of the sensitive data private. Feel free to
read the "Security" section of the github README for many more details on
the security considerations.
Here are some of the highlights:
- Javascript and Python source code released under AGPL on
github: https://github.com/thecount2a/ledgeraccounting
- Supports editing ledger files using a friendly web UI grid
(double-click allows modifying any part of the ledger). Web UI also
collapses the splits in a nice way or allows you to expand all splits for a
more verbose view. Also, clicking the "Edit Text-based Ledger" button
allows you to edit the ledger in plain text, from the browser, if you
prefer that method.
- Web UI supports "balance" and "register" reports at this time. May
also include some hledger-specific reports in the future.
- Implements a custom, YNAB-style "envelope budgeting" approach for the
Budget reporting interface tab. The web UI allows transferring and
distributing income money among planned expenses from the budget report
page. Every envelope budgeting transaction is stored in a separate budget
ledger that is "overlayed" on the main ledger, for reporting purposes only.
Users may choose to ignore the budgeting feature entirely if they choose.
- Runs on Amazon Lambda and stores encrypted data within Amazon S3 so it
is fast, scalable, and always available. Logins are managed using Amazon
Cognito so the login code was written and audited by Amazon and therefore
should be pretty secure. The beta server will be available for free unless
it becomes too expensive for me to maintain in which case I may start
charging a small amount for ledger files above a certain size.
- Most simple text ledger files can be loaded and edited directly,
assuming they are a fairly basic portable ledger format. hledger directives
such as "P", "comment", or "account" are not supported at this point,
although I hope to add support for "P" to allow easier tracking of multiple
commodities.
- Supports import of OFX/QFX files and support for OFX direct connect to
banking institutions that support it. Also pulls data from ofxhome.com to
allow easy configuration of most OFX direct connect setups. All OFX direct
connect data is stored encrypted at rest within Amazon S3, again encrypted
using the user's password. All sensitive data may be sent to the server
decrypted in transit, since it must go to the server to be processed by
hledger and ofxclient but immediately after the request is finished, it is
discarded until the next request. Amazon Lambda's sandboxing features mean
that the data should be safe from attackers, while it is being processed in
the cloud. The only place the encryption key is stored long-term is in the
user's browser memory. As soon as the user closes the tab, the encryption
key is gone until next login. Users must backup their files regularly or
risk losing their financial data if they forget their password.
- Beta website is available at https://www.ledgeraccounting.org/
I hope some of you might find this tool useful. Please feel free to
contribute via pull requests on github or by offering feedback via email or
by using the issue tracker on github.
Best,
Garret
I have spent a lot of time during the past year working on a web frontend
for ledger, specifically hledger, since it is my favorite. Thank you to
Simon and all the contributors for all for your hard work on it! I started
using hledger last year to track my home finances and realized that it
would be useful to be able to access my hledger file from anywhere and
allow my close family members to access our financial data too. I am very
interested in computer security and encryption so I knew that there are
many inherent risks in keeping one's finances available on the public
internet but I also realized that these risks can be mitigated by careful,
security conscious website design. I finally came up with a design of a web
UI that is based upon keeping the ledger file encrypted any time it is
stored in a file (on the server side). When the user is logged in to run
reports, it decrypts the ledger file using a PBKDF2 hash of the user's
password and then runs any reports and allows editing of the ledger using
the web UI. The decrypted ledger file is never written to the server's disk
and it is only decrypted to be passed via STDIN to hledger and then the
encryption key is thrown out until the next user request. Assuming no
long-running reports are still being processed by the server, closing the
browser tab discards any non-encrypted copy of the ledger file until the
user's next login, keeping all of the sensitive data private. Feel free to
read the "Security" section of the github README for many more details on
the security considerations.
Here are some of the highlights:
- Javascript and Python source code released under AGPL on
github: https://github.com/thecount2a/ledgeraccounting
- Supports editing ledger files using a friendly web UI grid
(double-click allows modifying any part of the ledger). Web UI also
collapses the splits in a nice way or allows you to expand all splits for a
more verbose view. Also, clicking the "Edit Text-based Ledger" button
allows you to edit the ledger in plain text, from the browser, if you
prefer that method.
- Web UI supports "balance" and "register" reports at this time. May
also include some hledger-specific reports in the future.
- Implements a custom, YNAB-style "envelope budgeting" approach for the
Budget reporting interface tab. The web UI allows transferring and
distributing income money among planned expenses from the budget report
page. Every envelope budgeting transaction is stored in a separate budget
ledger that is "overlayed" on the main ledger, for reporting purposes only.
Users may choose to ignore the budgeting feature entirely if they choose.
- Runs on Amazon Lambda and stores encrypted data within Amazon S3 so it
is fast, scalable, and always available. Logins are managed using Amazon
Cognito so the login code was written and audited by Amazon and therefore
should be pretty secure. The beta server will be available for free unless
it becomes too expensive for me to maintain in which case I may start
charging a small amount for ledger files above a certain size.
- Most simple text ledger files can be loaded and edited directly,
assuming they are a fairly basic portable ledger format. hledger directives
such as "P", "comment", or "account" are not supported at this point,
although I hope to add support for "P" to allow easier tracking of multiple
commodities.
- Supports import of OFX/QFX files and support for OFX direct connect to
banking institutions that support it. Also pulls data from ofxhome.com to
allow easy configuration of most OFX direct connect setups. All OFX direct
connect data is stored encrypted at rest within Amazon S3, again encrypted
using the user's password. All sensitive data may be sent to the server
decrypted in transit, since it must go to the server to be processed by
hledger and ofxclient but immediately after the request is finished, it is
discarded until the next request. Amazon Lambda's sandboxing features mean
that the data should be safe from attackers, while it is being processed in
the cloud. The only place the encryption key is stored long-term is in the
user's browser memory. As soon as the user closes the tab, the encryption
key is gone until next login. Users must backup their files regularly or
risk losing their financial data if they forget their password.
- Beta website is available at https://www.ledgeraccounting.org/
I hope some of you might find this tool useful. Please feel free to
contribute via pull requests on github or by offering feedback via email or
by using the issue tracker on github.
Best,
Garret
--
You received this message because you are subscribed to the Google Groups "hledger" group.
To unsubscribe from this group and stop receiving emails from it, send an email to hledger+***@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
You received this message because you are subscribed to the Google Groups "hledger" group.
To unsubscribe from this group and stop receiving emails from it, send an email to hledger+***@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.