WHO Onboarding Wizard is a Windows desktop application built with Electron, Node.js, and Flask. It packages the desktop UI, backend, and required runtime tools together into a Windows application.
The application is intended to run as a local desktop application, but it also supports HTTPS-based local backend communication for stronger transport security between the Electron frontend and the backend service.
This application currently supports:
- Windows 10 (64-bit)
- Windows 11 (64-bit)
It is not intended for:
- 32-bit Windows
- macOS
- Linux
- Mobile platforms
Before you build or test the application locally, make sure the following are available.
Install Node.js on your local machine and verify it is working.
node -v
npm -vClone the repository and open the project folder.
git clone <your-repository-url>
cd <repository-folder>Before packaging the application, add the required runtime files manually in the following folders.
resources/
├── bin/
└── python/
Add the required executable tools used by the application, such as:
- Git
- GnuPG / GPG
- other related runtime binaries required by the application
Add the Python runtime required by the packaged application.
Run the following command in the project folder.
npm installFor simple local development and troubleshooting, you can start the application without HTTPS.
npm startFor local testing with HTTPS enabled, use PowerShell:
$env:WIZARD_BACKEND_SCHEME="https"
npm startAlthough this is a local desktop application, the frontend and backend still communicate locally. For that communication, the application supports both HTTP and HTTPS modes during development and testing.
The final application is intended to run in HTTPS mode because HTTPS provides stronger protection for the communication channel between the Electron application and the local backend.
Using HTTPS helps with:
- protecting local frontend-to-backend communication
- reducing the risk of interception or tampering on the local communication path
- providing stronger transport security for sensitive workflow operations
- aligning the application with a more secure production-style runtime model
Even on a local machine, HTTPS is used as an additional hardening measure for the desktop application architecture.
For local development and troubleshooting, running without HTTPS can be useful because it is simpler and easier to start quickly during testing.
That is why:
- testing/development can be done without HTTPS
- the final application runtime is intended to use HTTPS
- Use HTTP for quick local testing when simplicity is enough
- Use HTTPS when validating the secure local runtime behavior
- Treat HTTPS as the intended final application mode
To create the Windows build:
npm run distAfter a successful build, the generated application will be available in:
dist/
git clone <your-repository-url>
cd <repository-folder>
npm install
npm startgit clone <your-repository-url>
cd <repository-folder>
npm install
$env:WIZARD_BACKEND_SCHEME="https"
npm startgit clone <your-repository-url>
cd <repository-folder>
npm install
npm run dist- Use
npm startfor local testing. - Use
npm run distto generate the Windows package. - Make sure
resources/binandresources/pythonare populated before building. - The final application is intended to run in HTTPS mode.
- During development, you can test with or without HTTPS as needed.
Run:
npm installThen retry:
npm startVerify that the required runtime files were added correctly under:
resources/bin
resources/python
Make sure you are running the command in PowerShell:
$env:WIZARD_BACKEND_SCHEME="https"
npm start