Sesame is a toolchain that enables passphrase-protected, temporary data views. On this website, it is used to hide notes and assets behind an access code. Unlocked notes are revealed through a temporary one-time URL. Sesame can be set up to use one or more single-use or permanent access codes.

When Sesame is enabled for an item, such as an individual note, a passphrase or access code is salted and Sha256-hashed, then stored in a Redis key that equals the Sha256-hashed note UID. When somebody tries to access a sesame-protected note and enters a passphrase, the user input is hashed and compared to the value of the stored note hash in Redis. If the two match, a temporary URL hash is generated, under which the note UID is stored.

The user is then redirected to this temporary URL which looks up and fetches the corresponding note via the note's UID that was previously stored for the temporary URL. The temporary URL key-value pair is deleted from Redis and the note is displayed to the user.

Easy peasy!