alee/fieldwitness
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
fb0cc3e39d
fieldwitness/frontends/web/templates/attest/verify_result.html
Aaron D. Lee fb0cc3e39d Implement 14 power-user feature requests for field deployment 
Critical:
- FR-01: Chain verification now supports key rotation via signed rotation
  records (soosef/key-rotation-v1 content type). Old single-signer
  invariant replaced with authorized-signers set.
- FR-02: Carrier images stripped of EXIF metadata by default before
  steganographic encoding (strip_metadata=True). Prevents source
  location/device leakage.

High priority:
- FR-03: Session timeout (default 15min) + secure cookie flags
  (HttpOnly, SameSite=Strict, Secure when HTTPS)
- FR-04: CSRF protection via Flask-WTF on all POST forms. Killswitch
  now requires password re-authentication.
- FR-05: Collaborator trust store — trust_key(), get_trusted_keys(),
  resolve_attestor_name(), untrust_key() in KeystoreManager.
- FR-06: Production WSGI server (Waitress) by default, Flask dev
  server only with --debug flag.
- FR-07: Dead man's switch sends warning during grace period via
  local file + optional webhook before auto-purge.

Medium:
- FR-08: Geofence get_current_location() via gpsd for --here support.
- FR-09: Batch attestation endpoint (/attest/batch) with SHA-256
  dedup and per-file status reporting.
- FR-10: Key backup tracking with last_backup_info() and
  is_backup_overdue() + backup_reminder_days config.
- FR-11: Verification receipts signed with instance Ed25519 key
  (schema_version bumped to 2).
- FR-12: Login rate limiting with configurable lockout (5 attempts,
  15 min default).

Nice-to-have:
- FR-13: Unified `soosef status` pre-flight command showing identity,
  channel key, deadman, geofence, chain, and backup status.
- FR-14: `soosef chain export` produces ZIP with JSON manifest,
  public key, and raw chain.bin for legal discovery.

Tests: 157 passed, 1 skipped, 1 pre-existing flaky test.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-01 19:35:36 -04:00

133 lines
5.7 KiB
HTML
Raw Blame History

{% extends "base.html" %}
{% block title %}Verification Result — SooSeF{% endblock %}
{% block content %}
<div class="row justify-content-center">
<div class="col-lg-8">
{% if found %}
<div class="alert alert-success">
<i class="bi bi-patch-check me-2"></i>
<strong>{{ message }}</strong>
</div>
{% else %}
<div class="alert alert-warning">
<i class="bi bi-exclamation-triangle me-2"></i>
<strong>{{ message }}</strong>
</div>
{% endif %}
{# Query image hashes #}
<div class="card bg-dark border-secondary mb-4">
<div class="card-header">
<h6 class="mb-0"><i class="bi bi-hash me-2"></i>Image Hashes for <code>{{ filename }}</code></h6>
</div>
<div class="card-body">
<div class="mb-2">
<label class="form-label text-muted small">SHA-256</label>
<div><code class="text-warning small">{{ query_hashes.sha256 }}</code></div>
</div>
{% if query_hashes.phash %}
<div class="mb-2">
<label class="form-label text-muted small">pHash</label>
<div><code class="small">{{ query_hashes.phash }}</code></div>
</div>
{% endif %}
</div>
</div>
{# Matching attestations #}
{% for match in matches %}
<div class="card bg-dark border-{{ 'success' if match.match_type == 'exact' else 'info' }} mb-3">
<div class="card-header d-flex justify-content-between">
<span>
<i class="bi bi-patch-check me-2"></i>
Attestation <code>{{ match.record.short_id }}</code>
</span>
<span class="badge bg-{{ 'success' if match.match_type == 'exact' else 'info' }}">
{{ match.match_type }} match
</span>
</div>
<div class="card-body">
<div class="row g-3">
<div class="col-md-6">
<label class="form-label text-muted small">Attestor</label>
<div>
<code>{{ match.record.attestor_fingerprint[:16] }}...</code>
<span class="text-muted small ms-2">({{ match.attestor_name }})</span>
</div>
</div>
<div class="col-md-6">
<label class="form-label text-muted small">Attested At</label>
<div>{{ match.record.timestamp.strftime('%Y-%m-%d %H:%M:%S UTC') }}</div>
</div>
{% if match.record.captured_at %}
<div class="col-md-6">
<label class="form-label text-muted small">Captured At</label>
<div>{{ match.record.captured_at.strftime('%Y-%m-%d %H:%M:%S') }}</div>
</div>
{% endif %}
{% if match.record.location %}
<div class="col-md-6">
<label class="form-label text-muted small">Location</label>
<div>{{ match.record.location }}</div>
</div>
{% endif %}
{% if match.record.metadata.get('caption') %}
<div class="col-12">
<label class="form-label text-muted small">Caption</label>
<div>{{ match.record.metadata.caption }}</div>
</div>
{% endif %}
</div>
{% if match.distances %}
<hr class="border-secondary">
<h6 class="text-muted small">Hash Distances</h6>
<div class="d-flex gap-3 flex-wrap">
{% for name, dist in match.distances.items() %}
<span class="badge bg-{{ 'success' if dist == 0 else ('info' if dist < 5 else ('warning' if dist < 10 else 'danger')) }}">
{{ name }}: {{ dist }}
</span>
{% endfor %}
</div>
{% endif %}
</div>
</div>
{% endfor %}
{% if found %}
<div class="card bg-dark border-secondary mt-4">
<div class="card-header">
<h6 class="mb-0">Download Verification Receipt</h6>
</div>
<div class="card-body">
<p class="text-muted small mb-3">
Generate a signed JSON receipt for legal or archival use.
Re-upload the same image to produce the downloadable file.
</p>
<form action="/verify/receipt" method="post" enctype="multipart/form-data">
<input type="hidden" name="csrf_token" value="{{ csrf_token() }}"/>
<div class="mb-3">
<input class="form-control form-control-sm bg-dark text-light border-secondary"
type="file" name="image" accept="image/*" required>
</div>
<button type="submit" class="btn btn-outline-warning btn-sm">
Download Receipt (.json)
</button>
</form>
</div>
</div>
{% endif %}
<div class="d-grid gap-2 mt-4">
<a href="/verify" class="btn btn-outline-info">
Verify Another Image
</a>
<a href="/attest/log" class="btn btn-outline-secondary">
View Attestation Log
</a>
</div>
</div>
</div>
{% endblock %}
Reference in New Issue View Git Blame Copy Permalink