use libsecret for password storage
This commit is contained in:
parent
e3a25e2429
commit
ff9bd114ab
2 changed files with 30 additions and 37 deletions
|
@ -17,6 +17,7 @@ audrey_deps = [
|
||||||
dependency('gtk4', version: '>= 4.16'),
|
dependency('gtk4', version: '>= 4.16'),
|
||||||
dependency('json-glib-1.0', version: '>= 1.10'),
|
dependency('json-glib-1.0', version: '>= 1.10'),
|
||||||
dependency('libadwaita-1', version: '>= 1.6'),
|
dependency('libadwaita-1', version: '>= 1.6'),
|
||||||
|
dependency('libsecret-1', version: '>= 0.21'),
|
||||||
dependency('libsoup-3.0', version: '>= 3.6'),
|
dependency('libsoup-3.0', version: '>= 3.6'),
|
||||||
dependency('sqlite3'),
|
dependency('sqlite3'),
|
||||||
]
|
]
|
||||||
|
|
|
@ -20,6 +20,13 @@ public class Ui.Setup : Adw.PreferencesDialog {
|
||||||
private Sqlite.Statement db_get;
|
private Sqlite.Statement db_get;
|
||||||
private Sqlite.Statement db_set;
|
private Sqlite.Statement db_set;
|
||||||
|
|
||||||
|
private static Secret.Schema secret_schema = new Secret.Schema (
|
||||||
|
"eu.callcc.audrey",
|
||||||
|
Secret.SchemaFlags.NONE,
|
||||||
|
"server-url", Secret.SchemaAttributeType.STRING,
|
||||||
|
"username", Secret.SchemaAttributeType.STRING
|
||||||
|
);
|
||||||
|
|
||||||
construct {
|
construct {
|
||||||
var app_config_dir = Path.build_filename (Environment.get_user_config_dir (), "audrey");
|
var app_config_dir = Path.build_filename (Environment.get_user_config_dir (), "audrey");
|
||||||
|
|
||||||
|
@ -54,12 +61,7 @@ public class Ui.Setup : Adw.PreferencesDialog {
|
||||||
this.status = _("Connecting...");
|
this.status = _("Connecting...");
|
||||||
|
|
||||||
string new_token, new_salt;
|
string new_token, new_salt;
|
||||||
if (this.password != "") {
|
|
||||||
this.salt_password (this.password, out new_token, out new_salt);
|
this.salt_password (this.password, out new_token, out new_salt);
|
||||||
} else {
|
|
||||||
new_token = this.token;
|
|
||||||
new_salt = this.salt;
|
|
||||||
}
|
|
||||||
var api = new Subsonic.with_token (
|
var api = new Subsonic.with_token (
|
||||||
this.server_url,
|
this.server_url,
|
||||||
this.username,
|
this.username,
|
||||||
|
@ -101,27 +103,19 @@ public class Ui.Setup : Adw.PreferencesDialog {
|
||||||
}
|
}
|
||||||
assert (this.db_get.reset () == Sqlite.OK);
|
assert (this.db_get.reset () == Sqlite.OK);
|
||||||
|
|
||||||
this.db_get.bind_text (1, "token");
|
this.authn_can_edit = false;
|
||||||
if (this.db_get.step () == Sqlite.ROW) {
|
Secret.password_lookup.begin (secret_schema, null, (obj, res) => {
|
||||||
this.token = this.db_get.column_text (0);
|
try {
|
||||||
} else {
|
string? password = Secret.password_lookup.end (res);
|
||||||
this.token = "";
|
this.password = password ?? "";
|
||||||
|
} catch (Error e) {
|
||||||
|
error ("could not look up password in keyring: %s", e.message);
|
||||||
}
|
}
|
||||||
assert (this.db_get.reset () == Sqlite.OK);
|
|
||||||
|
|
||||||
this.db_get.bind_text (1, "salt");
|
|
||||||
if (this.db_get.step () == Sqlite.ROW) {
|
|
||||||
this.salt = this.db_get.column_text (0);
|
|
||||||
} else {
|
|
||||||
this.salt = "";
|
|
||||||
}
|
|
||||||
assert (this.db_get.reset () == Sqlite.OK);
|
|
||||||
|
|
||||||
this.password = "";
|
|
||||||
|
|
||||||
// first connection
|
// first connection
|
||||||
this.authn_can_validate = true;
|
this.authn_can_validate = true;
|
||||||
this.on_authn_validate_activated ();
|
this.on_authn_validate_activated ();
|
||||||
|
}, "server-url", this.server_url, "username", this.username);
|
||||||
}
|
}
|
||||||
|
|
||||||
private void salt_password (string password, out string token, out string salt) {
|
private void salt_password (string password, out string token, out string salt) {
|
||||||
|
@ -152,16 +146,14 @@ public class Ui.Setup : Adw.PreferencesDialog {
|
||||||
assert (this.db_set.step () == Sqlite.DONE);
|
assert (this.db_set.step () == Sqlite.DONE);
|
||||||
assert (this.db_set.reset () == Sqlite.OK);
|
assert (this.db_set.reset () == Sqlite.OK);
|
||||||
|
|
||||||
this.db_set.bind_text (1, "token");
|
this.authn_can_edit = false;
|
||||||
this.db_set.bind_text (2, this.token);
|
Secret.password_store.begin (secret_schema, null, "Subsonic password", this.password, null, (obj, res) => {
|
||||||
assert (this.db_set.step () == Sqlite.DONE);
|
try {
|
||||||
assert (this.db_set.reset () == Sqlite.OK);
|
Secret.password_store.end (res);
|
||||||
|
} catch (Error e) {
|
||||||
this.db_set.bind_text (1, "salt");
|
error ("could not store password in keyring: %s", e.message);
|
||||||
this.db_set.bind_text (2, this.salt);
|
}
|
||||||
assert (this.db_set.step () == Sqlite.DONE);
|
this.authn_can_edit = true;
|
||||||
assert (this.db_set.reset () == Sqlite.OK);
|
}, "server-url", this.server_url, "username", this.username);
|
||||||
|
|
||||||
this.password = "";
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue