Light

thijskuilman / account-purser Goto Github PK

View Code? Open in Web Editor NEW

8.0 1.0 0.0 214 KB

Retrieve a list of all accounts you own. Check if your accounts are stored in a password manager.

HTML 20.03% JavaScript 75.49% CSS 4.49%

account-purser's Introduction

Account Purser

Account Purser is a self-hosted web application which scans your Gmail inbox to generate a list of all accounts you own. You can also gain insight into your security by checking which accounts are stored in your password manager, for example 1Password and LastPass.

How does it work?

You sign into your Gmail Account
Purser will perform search queries in your Gmail inbox to find your registred accounts. It will use queries like gdpr and thank you for signing up. (you can find the full list in search_queries.js)
Your accounts will be presented in a table. You can see the account name, email address and website

Optionally you can check which accounts are stored in your password manager:

Drag an export file of your password manager in Purser
The list of accounts will now show if the account is found in the export file

How does Purser deal with sensitive data?

I completely understand if you're wary of using an application like this; the reason I wrote this app is because I don't want to trust my sensitive data to a third party app. I have taken some steps to ensure Purser is safe to use:

It's open source
It's self-hosted
You have to set up the Gmail API yourself
It's written in (minimal) vanilla Javascript without using any third party libraries.
It doesn't communicate with any third party service (apart from the Gmail API)
You can import your password manager exports without it containing your actual passwords

Set up

Requirements

A (local) web server
Gmail account

Steps

Clone the repo to any folder
Turn on the Gmail API. See Step 1 of the Google quickstart for instructions.
Rename .env.example to .env and place your Gmail Client_ID in this file
Start a web server. You could start a quick server with Python: Python 2.X: python -m SimpleHTTPServer 8000, Python 3.X python -m http.server 8000
Load the URL http://localhost:8000/ into your browser.

Contribute

Add new search queries

You can add new search queries in the search_queries.js file. Add quotes (") to be more precise with your search queries.

account-purser's People

Contributors

Stargazers

Watchers

account-purser's Issues

Optimize search queries

Add GDPR to search terms

We have all received countless mails regarding privacy updates due to GDPR. This is a great way to find additional registered accounts, so let´s add them to the search terms.

Fix and improve message preview

The message preview is currently not working in Firefox. The preview should be a modal instead of an alert.

Add option to hide accounts in list

The user should be able to hide accounts in the list. This can be useful for certain use cases, such as:

An account is irrelevant or deleted
The search result returned a non-account

The name of the hidden accounts can be stored in the localStorage for convenience. It should be possible to unhide an account.

Store accounts in cache / use Vue

Integrate haveibeenpwned

Haveibeenpwned has a public API which shows services with recent hacks. It would be nice if these services woud be highlighted in account purser.

Add gmail API instructions to readme

Make result table sortable

The columns of the result table should be sortable.

Write tests for Keepass, 1password, lastpass exports

Write some tests to check if the parsing of password exports is working.

Improve search function

For example by using RegEx or fuzzy search

Apply key-value structure to .env file

The .env file currently onlly contains the client_id. However, it would be better if this would be structured in a key-value file, for example:

CLIENT_ID = X
SERVICES = gmail

Remove default client_id

Add favicon

Add a GIF / image to readme

Improve UX / design

The UI should be a bit more straightforward.

Hide table / dragzone when not signed in
Implement loading animations
Add hover effects for dropzone
Disable dropzone after a file has been dropped

Add option to rename account titles

Sometimes you want to change the account title. For example, for my LoadImpact account the generated title is 'Hakan Tylen' since that is the sender of my verification email. In this case I want to change 'Hakan Tylen' to 'LoadImpact'. These changes should be stored in localstorage.

Implement try/catch in addMessage method

To prevent errors in the console log

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.