PAZATOR DOCS
SYNC
INFRASTRUCTURE — v0.May1726

Sync
Server.

PZLS (Pazator Sync Server) is a lightweight Node.js backend that provides data sync, account management, entity resolution, and remote SQL query execution. It lets you push and pull your Pazator data across devices with per-user isolation and token-based authentication.

Quick Start

1

Clone and install.

git clone https://github.com/AIX-32/PZLS.git
cd PZLS
npm install
2

Start the server.

npm start

Runs on http://localhost:3456 by default. Set PORT to change it:

PORT=8080 npm start
3

Configure Pazator to connect. Click the logo → Sync Config → enter the server URL → Test Connection.

4

Create your account. Type a username + password (6+ chars) and click Register. The first user is admin; everyone after is analyst.

5

Push your data. Logo → Push uploads your local data to the server. Pull downloads server data to your local app.

Account System

Authentication is handled via Bearer tokens. Register once, then login from any Pazator instance to access your data. Tokens persist in localStorage and auto-renew on page load.

POST /api/auth/registerCreate account — {username, password}
POST /api/auth/loginLogin — {username, password}{token, user}
POST /api/auth/logoutInvalidate session token
GET /api/auth/meGet current user info
POST /api/auth/change-passwordChange password — {currentPassword, newPassword}

Passwords are hashed with scrypt + a random salt. Tokens are UUIDs stored in data/tokens.json.

Data Sync

Each user gets their own isolated data namespace. Sync operations only affect the authenticated user's data.

GET /api/syncPull all data for the authenticated user
POST /api/syncPush data — {clientVersion, stores: {...}}
GET /api/sync/changes?since=NList changelog entries after version N
GET /api/sync/statusServer health + account stats (partial info without auth)

All sync endpoints require a valid Bearer token:

Authorization: Bearer <your-token>

Push format

{
  "clientVersion": 0,
  "stores": {
    "humans": { "id1": { "name": "..." } },
    "others": {},
    "tags": {},
    "cases": {},
    "chats": {},
    "relationships": {}
  }
}

Other Endpoints

GET /api/resolve?threshold=0.6Jaro-Winkler entity resolution against user's data
POST /api/queryExecute SQL — {connectionString, query} (MySQL/Postgres)
GET /api/admin/usersList all users (admin only)
DELETE /api/admin/users/:idDelete a user (admin only)

Architecture

The server stores everything as flat JSON files in a data/ directory. No database required. 

PZLS/
  server.js              # Main server
  package.json
  README.md
  data/                  # Created on first run (gitignored)
    users.json           # Registered users
    tokens.json          # Active session tokens
    repo.json            # Legacy — migrated to per-user on first registration
    repo_<userId>.json    # Per-user data stores
    changelog_<userId>.json

If you were running the old (pre-auth) server with a repo.json, it will be automatically migrated to the first registered user's namespace.

From Pazator

The logo menu in the app shows your connection status at a glance:

  • Green — logged in and connected
  • Orange — connected but not logged in
  • Grey — not configured

Click Sync Config to change server URL, login, register, or logout. Use Push and Pull to transfer data on demand.

Related

See the COLLAB docs for the local user role system and permissions. The sync server account system is separate — it controls server access, while COLLAB controls in-app permissions.