diff --git a/assets/js/app.js b/assets/js/app.js index 84b7f9e..d3b8895 100644 --- a/assets/js/app.js +++ b/assets/js/app.js @@ -24,6 +24,7 @@ import JustPage from './pages/JustPage'; import ForPage from './pages/ForPage'; import YouPage from './pages/YouPage'; import AuthPage from './pages/AuthPage'; +import PrivacyPolicyPage from './pages/PrivacyPolicyPage'; let csrfToken = document.querySelector("meta[name='csrf-token']").getAttribute("content") let liveSocket = new LiveSocket("/live", Socket, {params: {_csrf_token: csrfToken}}) @@ -43,5 +44,5 @@ liveSocket.connect() window.liveSocket = liveSocket window.Components = { - SplashPage, JustPage, ForPage, YouPage, AuthPage + SplashPage, JustPage, ForPage, YouPage, AuthPage, PrivacyPolicyPage } diff --git a/assets/js/pages/ForPage.tsx b/assets/js/pages/ForPage.tsx index 6d15305..9d03c6d 100644 --- a/assets/js/pages/ForPage.tsx +++ b/assets/js/pages/ForPage.tsx @@ -34,12 +34,6 @@ const ForPage = (props: ForPageProps) => { }; const postContacts = async () => { - // const fragmentData = window.location.hash.split('.'); - // if (fragmentData.length <= 0) { - // alert("No key found in fragment URI"); - // return; - // } - const linkId = sessionStorage.getItem("link_id"); if (!linkId) { alert("No created link found in storage"); diff --git a/assets/js/pages/PrivacyPolicyPage.tsx b/assets/js/pages/PrivacyPolicyPage.tsx new file mode 100644 index 0000000..04637f4 --- /dev/null +++ b/assets/js/pages/PrivacyPolicyPage.tsx @@ -0,0 +1,62 @@ +import React from "react"; + +import { + CenteredContainer, + Header1, + Header3, + GlobalStyle, +} from "@intended/intended-ui"; + +const PrivacyPolicyPage = () => { + return ( + + + + + Privacy Policy + +

+ This instance of Intended Link collects as little data as + necessary to provide its service. It can not read the secret + message and secret file, and all data associated with a link is + deleted once it expires. +

+

+ Each link created will store the recipient's username or email and + its associated service for authorization purposes. It will store + the filename and filetype of the secret file, if it exists, to + make it easier for users to download and use the file once it's + decrypted. We store the timestamps of when the Link was created + and updated, along with when the link should expire. +

+

+ When you authenticate with one of our supported OAuth providers, + we receive the third party's response, and if verification was + successful, we store the account's username and verified emails in + a short-lived session store. This data is then used to determine + whether the user is permitted to download the link's associated + secret message and file. +

+

This software is licensed under LGPL.

+ + + + + ); +}; + +export default PrivacyPolicyPage; diff --git a/lib/entendu_web/controllers/page_controller.ex b/lib/entendu_web/controllers/page_controller.ex index 497e05a..44f74e8 100644 --- a/lib/entendu_web/controllers/page_controller.ex +++ b/lib/entendu_web/controllers/page_controller.ex @@ -10,4 +10,9 @@ defmodule EntenduWeb.PageController do |> clear_session() |> render("index.html") end + + def privacy(conn, _params) do + conn + |> render("privacy_policy.html") + end end diff --git a/lib/entendu_web/router.ex b/lib/entendu_web/router.ex index f591eba..3dbe911 100644 --- a/lib/entendu_web/router.ex +++ b/lib/entendu_web/router.ex @@ -35,6 +35,8 @@ defmodule EntenduWeb.Router do post "/just/for", LinkController, :for get "/just/for/you", LinkController, :you_page get "/just/for/you/:id", LinkController, :auth_page + + get "/privacy-policy", PageController, :privacy end scope "/auth", EntenduWeb do diff --git a/lib/entendu_web/templates/page/privacy_policy.html.eex b/lib/entendu_web/templates/page/privacy_policy.html.eex new file mode 100644 index 0000000..3879ef5 --- /dev/null +++ b/lib/entendu_web/templates/page/privacy_policy.html.eex @@ -0,0 +1,3 @@ +
+ <%= react_component("Components.PrivacyPolicyPage") %> +