This project is a secure purchase order management system for Secure Company Inc., developed with FastAPI, PostgreSQL, Bootstrap, and Docker, featuring encrypted email communication compatible with OpenPGP capable clients. It automates PGP key management, secures transactions with dual-signature protocols, and employs PGPy for cryptographic integrity, including verifiable timestamps to ensure transaction authenticity.
-
Clone this repository
-
Run these commands:
On first run:
docker compose up --buildAfterwards:
docker compose up -
Create OpenPGP key for your Admin user (e.g. https://pgpkeygen.com/, RSA)
-
Update
users.sqlandprivate_keys.sqlin/app/data/for the Admin user with your data and new keys (DO NOT CHANGE THE USER ID OR PASSWORD) -
Run the SQL insert queries in /app/data/
-
Login as your Admin user (password is
m), then create new User, Supervisor, and Purchaser accounts (supervisor and purchaser need valid emails) -
Log in as each and download each private key (option is in name dropdown, derived key to decrypt will be in the server log after you download)
-
Set up Supervisor and Purchaser emails in an OpenPGP capable email client (e.g. Thunderbird)
-
Download relevant public keys from Users tab
-
Add the private and public keys to Thunderbird
-
Enjoy.