Fixed issues preventing successful authentication:
- Corrected Argon2 memory limit handling (API sends bytes, not KB)
- Replaced Blake2b with crypto_kdf_derive_from_key for login subkey derivation
- Fixed serde field names to match API expectations (srpUserID, sessionID)
- Added non-interactive mode for CLI testing
- Added support for ENTE_ENDPOINT environment variable
The implementation now matches the web client's key derivation exactly,
enabling successful authentication with both local and production servers.
Co-Authored-By: Claude <noreply@anthropic.com>
Add comprehensive account management functionality with secure SRP authentication.
This enables users to add, list, update, and manage multiple Ente accounts
for photos, locker, and auth apps.
Key features:
- Complete account add flow with SRP authentication
- Two-factor authentication support (TOTP)
- Secure key decryption and storage
- Multi-account support with per-app configuration
- Account list and update commands
- Export directory management
- Interactive CLI prompts with dialoguer
The implementation integrates with the API client for authentication and
securely stores account credentials in SQLite.
Co-Authored-By: Claude <noreply@anthropic.com>
Add complete API client implementation with authentication, file operations,
and collection management. This enables the Rust CLI to interact with Ente
servers for photo backup and sync operations.
Key features:
- Multi-account token management with secure storage
- SRP authentication flow matching Go implementation
- Retry logic with exponential backoff for network resilience
- Full API coverage: auth, collections, files, trash, user details
- Request/response models for all API endpoints
- Separate download client for large file transfers
- Smart CDN routing for production file downloads
The implementation follows the conversion plan and maintains compatibility
with the existing Go CLI API patterns.
Co-Authored-By: Claude <noreply@anthropic.com>
Add detailed development commands, architecture overview, and module
descriptions to help future Claude instances understand the codebase
structure and development workflow.
Co-Authored-By: Claude <noreply@anthropic.com>
- Document current implementation status
- Detail API client implementation steps
- List all remaining components with specifications
- Include testing strategy and migration notes
- Provide file structure reference for navigation
- Add implementation guidelines and environment variables
This plan enables any developer to understand the project state
and continue the conversion work from the current point.
Co-Authored-By: Claude <noreply@anthropic.com>
- Replace sled with SQLite for better reliability and tooling
- Create schema with tables for accounts, secrets, collections, files, and sync state
- Implement account storage with multi-account support
- Add configuration and sync state management
- Support for storing encrypted credentials separately
- Add indices for performance optimization
SQLite provides ACID transactions, better debugging tools, and a proven
track record for reliability with user data.
Co-Authored-By: Claude <noreply@anthropic.com>
- Replace libc::c_char with std::ffi::c_char for password parameter
- Remove unnecessary libc dependency
- Use standard library FFI types (available since Rust 1.64)
This fixes the CI build error where libsodium expects *const c_char
for the password parameter in crypto_pwhash.
Co-Authored-By: Claude <noreply@anthropic.com>
For the current session cc was able to use that instruction to figure out all the linters etc to run. If that doesn't work in future sessions, we can use a longer instruction, something like what it itself suggested
## CI/CD Requirements
- Must pass `cargo fmt --check`
- Must pass `cargo clippy --all-targets --all-features`
- Must pass `RUSTFLAGS="-D warnings" cargo build`
- Fix all formatting before committing
- Address all clippy warnings
- Use `#![allow(dead_code)]` during development for unused code
## Code Quality
- Run `cargo fmt` before committing
- Fix clippy warnings: remove unnecessary casts, use idiomatic Rust
- Prefix unused variables with underscore
- Remove unused imports
- Fix code formatting with cargo fmt
- Remove unnecessary type casts
- Use range contains instead of manual comparison
- Prefix unused variables with underscore
- Remove unused imports
- Add allow(dead_code) for development phase
Co-Authored-By: Claude <noreply@anthropic.com>
Typical Claude Code commit message:
feat: implement user authentication
- Added login endpoint
- Implemented JWT tokens
- Created middleware
Created with Claude Code: https://claude.ai/code # <-- The promotional link
Co-authored-by: Claude <claude@anthropic.com> # <-- The co-author line
This memory is to ask claude to keep the co-author line but remove the self promo from the commit message it creates.
- Set up project structure mirroring Go CLI architecture
- Add dependencies with libsodium-sys-stable for all crypto operations
- Implement core crypto module with Argon2, ChaCha20-Poly1305, and Blake2b
- Create data models for accounts, files, and collections
- Set up Clap-based CLI framework with account, export, and version commands
- Add error handling with thiserror
- Configure for static linking to create standalone binaries
This establishes the foundation for converting the Ente CLI from Go to Rust,
with a focus on maintaining compatibility with existing libsodium-based crypto.
Co-Authored-By: Claude <noreply@anthropic.com>
This pr implements the feature to add a 2FA account by importing a QR
code image from the device gallery..
Adds a new "Import from gallery" button to the Floating Action Button
menu.
The button's text is localized, and its styling is consistent with the
app's theme.
How to Test:
Open the FAB menu and tap "Import from gallery".
1) Test with a valid 2FA QR code image. Expected: The account gets added
successfully.
2) Test with an image that has no QR code. Expected: A "No QR code
found" toast message appears.
3) Test with a QR code of plain text (like "hello "). Expected: An
"Invalid QR Code" dialog appears.
## Description
Implement TLS/SSL encryption for sending emails via SMTP. When an SMTP
provider explicitly requires TLS/SSL communication the current
implementation runs in a timeout and fails. A new configuration
parameter for smtp was added to enable TLS/SSL communication.
This would solve #5958
## Tests
I built a local docker image of my branch. The email provider I was
using is mailbox.org and using the tls configuration. Registering a new
user then resulted in a sent email containing the verification code.
I did not test a setup without TLS/SSL.
