Locksidian: Enhancing Note Security in Obsidian

You know, every notes app, from Notion to Evernote, has some form of in-app password protection. Obsidian doesn't have this. Now it’s not entirely surprising considering that Obsidian uses only .md files to store notes and acts somewhat like a glorified text editor. But even then, there must be a solution. After some research, I compromised my dreams and settled on an achievable first step. Making a simple password prompt on vault enter so you can’t view your notes in Obsidian through the app without a password (of course you could just open the .md file in another application). I decided I could achieve this first - which might seem trivial, but to a beginner coder like me, was a behemoth of a task - and then focus on the encryption side of things.

Armed with Chat GPT and the Obsidian documentation, I started coding. First, following this tutorial, I compiled and built the sample plugin. Then I followed the examples in the documentation and got used to how coding a plugin works. Now the main code is actually in TypeScript (a programming language developed by Microsoft that automatically transpires to Javascript) and it was actually somewhat easy to understand. I hopped onto Git Hub and looked through other people's code (main.tv) to get an idea of how they were using it.

Now I wanted to get something done, so to make myself feel like I’m doing something productive, I edited the manifest.json to show all of my plugin’s metadata. Next, unfortunately, it was time to get to the actual code. Using the Obsidian documentation, the skeleton the sample plugin gave me and the brief understanding I gained from looking through other people's code, I managed to scrape together something that looks like this:

import { App, Modal, Notice, Plugin, PluginSettingTab, Setting } from 'obsidian';export default class PasswordPromptPlugin extends Plugin { // ...}

Now I ran into a couple errors on the way, so I was not entirely modest in my use of Chat GPT to speed things up. Well, the next step was to actually define the PasswordPromptModal class, so I read up a little on how classes work in typescript. Knowledge absorbed, I started coding the basics. I got the simple prompt designed and I got it working against a hardcoded password.

class PasswordPromptModal extends Modal { // ... onOpen() { // ... } onClose() { // ... } open() { // ... }}

As of now, it looks like this:

There was a problem here though. I had to painfully move my mouse to click the submit button every time and - far more pressingly - if you wanted to bypass the password prompt, all you had to do was press the small ‘x’ on the window. At this point, I got lazy and asked Chat GPT to fix this for me. It fixed up the entry problem fine but it really could not make the window unclosable. In the end, I decided I had to do it myself and researched a bit. Strike that. Quite a lot more than a bit. In the end, I solved the problem by calling back the prompt when the user tried to close the window.

onClose() { if (this.preventClose) { modal.open().then(checkPassword); } else { let { contentEl } = this; contentEl.empty(); } }

And, surprisingly, that’s the bulk of the code finished. Next, all I had to do was get the in-app plugin settings set up. For this, I used the existing skeleton from the sample and just edited all the details. It ended up looking something like this.

class PasswordPromptSettingsTab extends PluginSettingTab { // ... display() { // ... }}

With that done, I refreshed everything and did one final check of its functionality in the app from installation. It was then I ran into the hopefully final roadblock. As the password is now decided in settings instead of being hardcoded, there was no longer a default password set on application installation. So the user can’t enter their vault themselves directly after installation. Oops. I added these lines of code to fix the problem:

interface PasswordPromptSettings { enablePassword: boolean; password: string;}const DEFAULT_SETTINGS: PasswordPromptSettings = { enablePassword: true, password: 'password123',};

Done! I recovered my dusty old GitHub account, gave it a refresh and pushed everything to a new repo.

Heres a breakdown of the plugins features:

1. Password Protection: Locksidian adds a password prompt to the Obsidian app, ensuring that unauthorized users cannot access your notes without the correct password. This feature enhances the security of your vault (against uneducated intruders 😅) and provides peace of mind.

2. Easy Setup: The plugin offers a user-friendly settings interface within the Obsidian app, allowing you to configure and customize the password protection feature effortlessly. You can enable or disable the password prompt and set your desired password.

3. Flexibility and Customization: The plugin allows you to customize the password based on your preferences. You can set a strong, unique password to ensure maximum security for your vault. Additionally, you have the flexibility to enable or disable the password protection feature according to your needs.

If you want to download my new Plugin right now, you can get it directly from the repo here. You could also wait for it to become an official community plugin (I’ve submitted a pull request) and download it directly from the app.

Stay tuned for future updates and new features as I continue to enhance Locksidian. Your virtual vault deserves the best protection, and Locksidian will soon be here to deliver. And really, if you want to make a plugin, don't be afraid to start. If a beginner like me can do it, anyone can.