alee/fieldwitness
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
fb0cc3e39d
fieldwitness/frontends/web/templates/fieldkit/status.html
Aaron D. Lee fb0cc3e39d Implement 14 power-user feature requests for field deployment 
Critical:
- FR-01: Chain verification now supports key rotation via signed rotation
  records (soosef/key-rotation-v1 content type). Old single-signer
  invariant replaced with authorized-signers set.
- FR-02: Carrier images stripped of EXIF metadata by default before
  steganographic encoding (strip_metadata=True). Prevents source
  location/device leakage.

High priority:
- FR-03: Session timeout (default 15min) + secure cookie flags
  (HttpOnly, SameSite=Strict, Secure when HTTPS)
- FR-04: CSRF protection via Flask-WTF on all POST forms. Killswitch
  now requires password re-authentication.
- FR-05: Collaborator trust store — trust_key(), get_trusted_keys(),
  resolve_attestor_name(), untrust_key() in KeystoreManager.
- FR-06: Production WSGI server (Waitress) by default, Flask dev
  server only with --debug flag.
- FR-07: Dead man's switch sends warning during grace period via
  local file + optional webhook before auto-purge.

Medium:
- FR-08: Geofence get_current_location() via gpsd for --here support.
- FR-09: Batch attestation endpoint (/attest/batch) with SHA-256
  dedup and per-file status reporting.
- FR-10: Key backup tracking with last_backup_info() and
  is_backup_overdue() + backup_reminder_days config.
- FR-11: Verification receipts signed with instance Ed25519 key
  (schema_version bumped to 2).
- FR-12: Login rate limiting with configurable lockout (5 attempts,
  15 min default).

Nice-to-have:
- FR-13: Unified `soosef status` pre-flight command showing identity,
  channel key, deadman, geofence, chain, and backup status.
- FR-14: `soosef chain export` produces ZIP with JSON manifest,
  public key, and raw chain.bin for legal discovery.

Tests: 157 passed, 1 skipped, 1 pre-existing flaky test.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-01 19:35:36 -04:00

60 lines
2.6 KiB
HTML
Raw Blame History

{% extends "base.html" %}
{% block title %}Fieldkit Status — SooSeF{% endblock %}
{% block content %}
<h2><i class="bi bi-speedometer2 me-2"></i>Fieldkit Status</h2>
<p class="text-muted">Security monitors and system health.</p>
<div class="row g-4">
{# Dead Man's Switch #}
<div class="col-md-6">
<div class="card bg-dark border-secondary">
<div class="card-body">
<h5 class="card-title">
<i class="bi bi-clock-history me-2"></i>Dead Man's Switch
{% if deadman_status.armed %}
{% if deadman_status.overdue %}
<span class="badge bg-danger ms-2">OVERDUE</span>
{% else %}
<span class="badge bg-success ms-2">Armed</span>
{% endif %}
{% else %}
<span class="badge bg-secondary ms-2">Disarmed</span>
{% endif %}
</h5>
{% if deadman_status.armed %}
<p class="text-muted small">
Interval: {{ deadman_status.interval_hours }}h
({{ deadman_status.grace_hours }}h grace)<br>
Last check-in: {{ deadman_status.last_checkin or 'Never' }}<br>
{% if deadman_status.get('next_due') %}
Next due: {{ deadman_status.next_due }}
{% endif %}
</p>
<form method="POST" action="{{ url_for('fieldkit.deadman_checkin') }}">
<input type="hidden" name="csrf_token" value="{{ csrf_token() }}"/>
<button type="submit" class="btn btn-success btn-sm">
<i class="bi bi-check-circle me-1"></i>Check In Now
</button>
</form>
{% else %}
<p class="text-muted small">Not currently armed. Enable in config or via CLI.</p>
{% endif %}
</div>
</div>
</div>
{# Killswitch #}
<div class="col-md-6">
<div class="card bg-dark border-secondary">
<div class="card-body">
<h5 class="card-title"><i class="bi bi-exclamation-octagon me-2 text-danger"></i>Killswitch</h5>
<p class="text-muted small">Emergency data destruction. Destroys all keys, attestation logs, and auth data.</p>
<a href="{{ url_for('fieldkit.killswitch') }}" class="btn btn-outline-danger btn-sm">
<i class="bi bi-exclamation-octagon me-1"></i>Killswitch Panel
</a>
</div>
</div>
</div>
</div>
{% endblock %}
Reference in New Issue View Git Blame Copy Permalink