search

tijlleenders / ZinZen

Better together - an app to realize dreams together.
https://ZinZen.me
GNU Affero General Public License v3.0
42 stars 55 forks source link

Cloud backup per device #324

Open tijlleenders opened 2 years ago

tijlleenders commented 2 years ago

The UI should have an option in settings where a user can enable a daily backup to the cloud.
It is turned off by default, as some people might not want this.

  1. user opens ZinZen.me on device1 => generates deviceUuid1 for device1

BACKUP

  1. When Menu=>Backup=>'Make cloud backup' button pressed for the first time, this is the flow on device1:
    • call getBackupUuid API with deviceUuid1 => returns a backupUuid1
    • ask user for encryption password (type twice)
  2. If this was just set, or previously set, show the backupUuid1 and the encryption password. On this page, always ask user to store the backupUuid1 and the password outside of the device (easy copy/share button available to use a secure app to transfer out of device).
    "Make cloud backup now" button to continue.
  3. Make encrypted gzip of backup, with the usual filename that has a date
  4. PUT backup file on storeBackup API with backupUuid1 and deviceUuid1 as metadata
  5. give user choice of:
    • add existing creditsUuid (if person previously purchased ZZ credits and want to re-use those)
    • paying now (reduced fee of 100 ZZs/month, equivalent to 10 euro cents per month)
    • getting free backup for now and only pay IF it is ever needed (10 000 ZZs one time fee, equivalent to 10 euro) 5b. Optional payment, redirect device2 to Stripe payment link with backupUuid1 as the client_reference_id 5c. Optional, if payment is successful, Stripe will trigger ZZ backend with the client_reference_id (backupUuid1), sending a message to deviceUuid1 via the backend (to give peace of mind that payment has been received), including the creditsUuid that will be stored on the device1.
  6. repeat steps 4 and 5 every day (on days that app is active)

RESTORE

When device1 breaks, or gets lost/stolen:

  1. open ZinZen.me on the new device2 => auto-generates a deviceUuid2 for device2
  2. go to Menu=>Backup=>'Restore cloud backup'
  3. ask for manual input of backupUuid1 (the one stored by user outside of device1) and password
  4. upon receipt by backend to restore backupUuid1, backend sends a push message to uuid1 (as an extra safety mechanism)
  5. if not paid, give options:
    • add existing creditsUuid (if person previously purchased ZZ credits and want to re-use those to pay the 10 000 ZZs)
    • redirect device2 to Stripe payment link with backupUuid1 as the client_reference_id 5b. Optional, if payment is successful, Stripe will trigger ZZ backend with the client_reference_id (backupUuid1), sending a push message to deviceUuid1 (as an extra safety mechanism) and to deviceUuid2 that cloud backup can be downloaded. deviceUuid2 also gets a creditsUuid2
  6. since a payment is registered for backupUuid1, either by reduced payment upon setup, or by payment when it was actually needed, if device2 now calls the getCloudBackup API with the backupUuid1 and CreditsUuid(2). Since it has a valid backupUuid and a valid creditsUuid, it then gets a presigned URL to download the backup.
  7. download backup using presigned URL
  8. user can restore from encrypted file, using the password (stored by user outside of device1 when initiating cloud backup)

Additional context:
Initial draft of this issue had a restore process where you have to email restore@zinzen.me to receive a customer-password protected file. This is abandoned in favor of a process where an email is not required by ZinZen. The payment provider Stripe requires an email - but this is not stored by ZinZen ... and is not required to be a working email for the payment to go through?

tijlleenders commented 1 year ago

A free option for backing up is available by just auto-syncing between two devices that you own (for example, your laptop and phone). This will be implemented in #1944.
If you lose one device, you can buy a new one and setup a new account, then sync to that from the device you still have.
This makes the cloud backup option low prio - as it would only be useful for people who don´t have two devices - or people who are afraid of losing both simultaneously.

Setting up cloud backup is a first step towards cloud storage however, and in that sense interesting. Think of adding documents, photos etc in your own cloud storage as attachments in your goal hierarchy.