use libsecret for password storage
This commit is contained in:
parent
e3a25e2429
commit
ff9bd114ab
2 changed files with 30 additions and 37 deletions
|
|
@ -17,6 +17,7 @@ audrey_deps = [
|
|||
dependency('gtk4', version: '>= 4.16'),
|
||||
dependency('json-glib-1.0', version: '>= 1.10'),
|
||||
dependency('libadwaita-1', version: '>= 1.6'),
|
||||
dependency('libsecret-1', version: '>= 0.21'),
|
||||
dependency('libsoup-3.0', version: '>= 3.6'),
|
||||
dependency('sqlite3'),
|
||||
]
|
||||
|
|
|
|||
|
|
@ -20,6 +20,13 @@ public class Ui.Setup : Adw.PreferencesDialog {
|
|||
private Sqlite.Statement db_get;
|
||||
private Sqlite.Statement db_set;
|
||||
|
||||
private static Secret.Schema secret_schema = new Secret.Schema (
|
||||
"eu.callcc.audrey",
|
||||
Secret.SchemaFlags.NONE,
|
||||
"server-url", Secret.SchemaAttributeType.STRING,
|
||||
"username", Secret.SchemaAttributeType.STRING
|
||||
);
|
||||
|
||||
construct {
|
||||
var app_config_dir = Path.build_filename (Environment.get_user_config_dir (), "audrey");
|
||||
|
||||
|
|
@ -54,12 +61,7 @@ public class Ui.Setup : Adw.PreferencesDialog {
|
|||
this.status = _("Connecting...");
|
||||
|
||||
string new_token, new_salt;
|
||||
if (this.password != "") {
|
||||
this.salt_password (this.password, out new_token, out new_salt);
|
||||
} else {
|
||||
new_token = this.token;
|
||||
new_salt = this.salt;
|
||||
}
|
||||
var api = new Subsonic.with_token (
|
||||
this.server_url,
|
||||
this.username,
|
||||
|
|
@ -101,27 +103,19 @@ public class Ui.Setup : Adw.PreferencesDialog {
|
|||
}
|
||||
assert (this.db_get.reset () == Sqlite.OK);
|
||||
|
||||
this.db_get.bind_text (1, "token");
|
||||
if (this.db_get.step () == Sqlite.ROW) {
|
||||
this.token = this.db_get.column_text (0);
|
||||
} else {
|
||||
this.token = "";
|
||||
this.authn_can_edit = false;
|
||||
Secret.password_lookup.begin (secret_schema, null, (obj, res) => {
|
||||
try {
|
||||
string? password = Secret.password_lookup.end (res);
|
||||
this.password = password ?? "";
|
||||
} catch (Error e) {
|
||||
error ("could not look up password in keyring: %s", e.message);
|
||||
}
|
||||
assert (this.db_get.reset () == Sqlite.OK);
|
||||
|
||||
this.db_get.bind_text (1, "salt");
|
||||
if (this.db_get.step () == Sqlite.ROW) {
|
||||
this.salt = this.db_get.column_text (0);
|
||||
} else {
|
||||
this.salt = "";
|
||||
}
|
||||
assert (this.db_get.reset () == Sqlite.OK);
|
||||
|
||||
this.password = "";
|
||||
|
||||
// first connection
|
||||
this.authn_can_validate = true;
|
||||
this.on_authn_validate_activated ();
|
||||
}, "server-url", this.server_url, "username", this.username);
|
||||
}
|
||||
|
||||
private void salt_password (string password, out string token, out string salt) {
|
||||
|
|
@ -152,16 +146,14 @@ public class Ui.Setup : Adw.PreferencesDialog {
|
|||
assert (this.db_set.step () == Sqlite.DONE);
|
||||
assert (this.db_set.reset () == Sqlite.OK);
|
||||
|
||||
this.db_set.bind_text (1, "token");
|
||||
this.db_set.bind_text (2, this.token);
|
||||
assert (this.db_set.step () == Sqlite.DONE);
|
||||
assert (this.db_set.reset () == Sqlite.OK);
|
||||
|
||||
this.db_set.bind_text (1, "salt");
|
||||
this.db_set.bind_text (2, this.salt);
|
||||
assert (this.db_set.step () == Sqlite.DONE);
|
||||
assert (this.db_set.reset () == Sqlite.OK);
|
||||
|
||||
this.password = "";
|
||||
this.authn_can_edit = false;
|
||||
Secret.password_store.begin (secret_schema, null, "Subsonic password", this.password, null, (obj, res) => {
|
||||
try {
|
||||
Secret.password_store.end (res);
|
||||
} catch (Error e) {
|
||||
error ("could not store password in keyring: %s", e.message);
|
||||
}
|
||||
this.authn_can_edit = true;
|
||||
}, "server-url", this.server_url, "username", this.username);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue