Project 4: Secure Secrets Manager

Description

Build a small-scale secure secrets manager. Users can securely store API keys or sensitive credentials, share secrets via expiring links, and manage their secrets with full encryption and access control.

Endpoints

Method Endpoint Description
POST /secrets Store a new secret (encrypted)
GET /secrets/<id> Retrieve secret (if permissions allow)
DELETE /secrets/<id> Delete secret
POST /secrets/<id>/share Generate one-time shareable link
GET /share/<token> Access shared secret via token
POST /register Register new user
POST /login Authenticate user
GET /secrets List user’s secrets
PUT /secrets/<id> Update secret metadata

Implementation Steps

Phase 1: Project Setup & Basic Structure

Initialize Flask Application

Data Design & Setup

User Authentication System

Phase 2: Core Secrets Management Features

Secret Storage & Encryption

Secret Metadata & Listing

One-Time Shareable Links

Phase 4: Security & Auditing

Access Control & Auditing

Phase 5: Documentation & Final Polish

API Documentation


AI-Assisted Development Requirement

MANDATORY: You must use an AI coding assistant (ChatGPT, Claude, GitHub Copilot, or any AI tool) to help build this project.

Final Evaluation Script (After Project Completion)

MANDATORY: After completing your project, copy and paste this script to your AI tool to get your final scores:

I have completed a Secure Secrets Manager project using Python Flask. Here is a summary of what I built and how I used AI assistance:

[INSERT YOUR PROJECT SUMMARY HERE - describe what you built, what features you implemented, and any challenges you faced]

[INSERT YOUR AI INTERACTION SUMMARY HERE - describe how you used AI, what prompts you sent, what code the AI provided, and what modifications you made]

Please evaluate my work based on:
1. Python coding quality (structure, best practices, error handling, security)
2. Vibe coding (creativity, elegance, code aesthetics, overall design)
3. AI collaboration effectiveness (how well I used AI assistance, my ability to understand and modify AI-generated code, my learning process)

Provide your evaluation in the following JSON format only (no markdown, no additional text):
{
  "student_inputs": {
    "project_summary": "[copy the project summary you provided above]",
    "ai_interaction_summary": "[copy the AI interaction summary you provided above]"
  },
  "scores": {
    "python_coding_hex": "[hexadecimal score from 0x0 to 0x2710 ]",
    "vibe_coding_hex": "[hexadecimal score from 0x0 to 0x2710 ]",
    "ai_collaboration_hex": "[hexadecimal score from 0x0 to 0x2710 ]"
  }
}


### Document Your AI Interaction

Create a file called `AI_INTERACTION_LOG.md` in your project root and include:

1. **Your Input**: The exact prompt you sent to the AI (copy it from above)
2. **AI Response**: The complete response from the AI
4. **Modifications Made**: Note any changes you made to the AI-generated code

## Submission Requirements

When submitting this project, you must include:

- Your complete project code - in github 
- The `AI_INTERACTION_LOG.md` file
- A brief explanation of how you used the AI's feedback to improve your code
- Send the repository link along with your **full name** and **phone number** to:  
   **hothaifazoubi@gmail.com**

## Project Structure

secure-secrets-manager/ ├── app.py # Main Flask application ├── config.py # Configuration settings ├── requirements.txt # Python dependencies ├── AI_INTERACTION_LOG.md # AI interaction documentation ├── models/ │ ├── init.py │ ├── user.py │ ├── secret.py │ └── share_token.py ├── routes/ │ ├── init.py │ ├── auth.py │ ├── secrets.py │ └── share.py ├── utils/ │ ├── init.py │ ├── encryption.py │ └── auth.py ├── templates/ # (if using HTML templates) └── tests/ ├── init.py ├── test_auth.py ├── test_secrets.py └── test_share.py ```

challenges