Add support for keyring password storage #29
Conversation
|
I encountered a merge conflict with |
|
For what it's worth, I tested this branch locally (on MacOS) and worked great for me! |
|
That's excellent news, thank you! I need someone with Windows and someone with a Linux system (that has a keyring installed) to test it. I may be able to test a Linux keyring (I don't currently have one installed) but I do not have a Windows system available at this time. |
I might be able to test Ubuntu a little bit later, I've got it installed on a VM. |
|
Do not attempt to build df1594d, it is broken, pushed only to sync end-of-day changes (I'll rebase this whole mess before merging). |
|
Sadly didn't go as well on Ubuntu 23.04 with Gnome keyring. Was able to log in and add the password to keyring, but starting neonmodem after that crashes. Went over it with delve, looks like system.New() returns a nil The error is that |
|
OK, after sleeping on it I have simpliefied the whole workflow with a fresh perspective. I've confirmed that it works on Linux without a keyring present and on MacOS with the MacOS keychain. |
|
|
||
| // Open system keyring object | ||
| ring, _ := keyring.Open(keyring.Config{ | ||
| ServiceName: "NeonModem - Lemmy", |
There was a problem hiding this comment.
So that this is reusable, the keyring entry should probably be the url for the system being added.
There was a problem hiding this comment.
Unfortunately it is a little bit more complicated than that. Check the following helpful interaction I had with the KeePassX guys a while ago: keepassxreboot/keepassxc#8475
| // Attempt to save the password to system keyring | ||
| // If we can't, ask if should save it in clear text | ||
| err = ring.Set(keyring.Item{ | ||
| Key: "password", |
There was a problem hiding this comment.
Just thinking out loud... maybe we should also store the username in the keyring. I'm not super familiar with keyring integration on different systems but if we were using the system url AND we had username and password stored in the keyring, maybe we could check if the user already has their credentials saved for the url (from a web browser, for example)... thinking about how password managers do it... maybe food for later thought.
There was a problem hiding this comment.
Yes, indeed, the complete login can be stored in the keyring.
| func SetPassword() (string, *PasswordError) { | ||
| // Prompt for password input | ||
| fmt.Println("Please enter your password (will not echo): ") | ||
| bytepw, err := term.ReadPassword(int(syscall.Stdin)) |
There was a problem hiding this comment.
Will check to see if the promptui package has a feature for a no-echo prompt so this can be simplified and have a consistent feel to the yes/no prompt when a supported keyring is not available.
| @@ -144,9 +145,25 @@ func (sys *System) Load() error { | |||
| credentials[k] = v.(string) | |||
| } | |||
|
|
|||
| ring, _ := keyring.Open(keyring.Config{ | |||
There was a problem hiding this comment.
Only initialize this if we find the password should be in the keyring below.
There was a problem hiding this comment.
Hey @tedwardd, thank you for taking the initiative, I appreciate it!
The keyring stuff seems a bit fiddly and I'm mainly worried that we might overcomplicate and thereby break stuff for individual platforms on which there is no keyring implementation available or for users that might not require it.
Hence my suggestion would be build an abstraction on top of the keyring library -- e.g. credentials.go -- and allow each system to use the Credentials service to store and retrieve credentials. The Credentials service in turn would implement different backends, one of which is the keyring library, the other one the plaintext config; Another one could be a command runner (e.g. for using pass ...). These backends would reside in dedicated files, which we could prefix with the respective // +build tag for Go. That way we wouldn't include the feature/dependency on platforms on which it isn't available anyway.
Wdyt?
| func SetPassword() (string, *PasswordError) { | ||
| // Prompt for password input | ||
| fmt.Println("Please enter your password (will not echo): ") | ||
| bytepw, err := term.ReadPassword(int(syscall.Stdin)) |
|
|
||
| // Open system keyring object | ||
| ring, _ := keyring.Open(keyring.Config{ | ||
| ServiceName: "NeonModem - Lemmy", |
There was a problem hiding this comment.
Unfortunately it is a little bit more complicated than that. Check the following helpful interaction I had with the KeePassX guys a while ago: keepassxreboot/keepassxc#8475
| // Attempt to save the password to system keyring | ||
| // If we can't, ask if should save it in clear text | ||
| err = ring.Set(keyring.Item{ | ||
| Key: "password", |
There was a problem hiding this comment.
Yes, indeed, the complete login can be stored in the keyring.
| }) | ||
| if err != nil { | ||
| fmt.Println("Unable to save password to a keyring. Would you like to proceed to save the password in clear text in the neonmodem.toml?") | ||
| if resp, _ := YesNo(); resp != true { |
There was a problem hiding this comment.
This seems to be the only instance of YesNo, hence I'd probably even use scanner.Scan() in order to keep dependencies low. See the connect.go files of the systems for example.
|
|
||
| var password string | ||
|
|
||
| if credentials["password"] == "password_in_keyring" { |
There was a problem hiding this comment.
It might make sense to store the keyring identifier, prefixed with a special preamble/symbol here, so that it can reference a specific entry rather than just say password_in_keyring, e.g. @lemmy_myaccount123, where lemmy_myaccount123 is the identifier of the keyring item. However, this depends on the implementation of the keyring, which is yet tbc.
Add support for secure password storage in system keyring. Addresses #20
First pass just adds keyring support for Lemmy but it's a repeatable pattern. Might be better to consolidate in to a global method we can call to clean it up a little... might do that before merging...