Stop storing remote credentials in recent state
This commit is contained in:
@@ -152,8 +152,6 @@ type recentVaultRecord struct {
|
||||
type recentRemoteRecord struct {
|
||||
BaseURL string `json:"baseUrl"`
|
||||
Path string `json:"path"`
|
||||
Username string `json:"username,omitempty"`
|
||||
Password string `json:"password,omitempty"`
|
||||
LastGroup []string `json:"lastGroup,omitempty"`
|
||||
UsedAt string `json:"usedAt,omitempty"`
|
||||
}
|
||||
@@ -359,7 +357,6 @@ type ui struct {
|
||||
cancelLifecycleProgress widget.Clickable
|
||||
retryLifecycleOpen widget.Clickable
|
||||
approvalPermanent widget.Bool
|
||||
rememberRemoteAuth widget.Bool
|
||||
apiPolicyAllow widget.Bool
|
||||
apiPolicyGroupScopeW widget.Bool
|
||||
apiTokenDisabled widget.Bool
|
||||
@@ -1083,9 +1080,6 @@ func (u *ui) openRemoteAction() error {
|
||||
u.noteRecentRemote(
|
||||
strings.TrimSpace(u.remoteBaseURL.Text()),
|
||||
strings.TrimSpace(u.remotePath.Text()),
|
||||
strings.TrimSpace(u.remoteUsername.Text()),
|
||||
u.remotePassword.Text(),
|
||||
u.rememberRemoteAuth.Value,
|
||||
)
|
||||
u.resetPasswordPeek()
|
||||
u.restoreRecentRemoteGroup(strings.TrimSpace(u.remoteBaseURL.Text()), strings.TrimSpace(u.remotePath.Text()))
|
||||
@@ -1125,9 +1119,6 @@ func (u *ui) startOpenRemoteAction() {
|
||||
u.noteRecentRemote(
|
||||
strings.TrimSpace(u.remoteBaseURL.Text()),
|
||||
remotePath,
|
||||
strings.TrimSpace(u.remoteUsername.Text()),
|
||||
u.remotePassword.Text(),
|
||||
u.rememberRemoteAuth.Value,
|
||||
)
|
||||
u.resetPasswordPeek()
|
||||
u.restoreRecentRemoteGroup(strings.TrimSpace(u.remoteBaseURL.Text()), remotePath)
|
||||
@@ -1709,7 +1700,7 @@ func (u *ui) setAutofillNoticePreference(value autofillNoticeMode) {
|
||||
u.saveUIPreferences()
|
||||
}
|
||||
|
||||
func (u *ui) noteRecentRemote(baseURL, path, username, password string, rememberAuth bool) {
|
||||
func (u *ui) noteRecentRemote(baseURL, path string) {
|
||||
baseURL = strings.TrimSpace(baseURL)
|
||||
path = strings.TrimSpace(path)
|
||||
if baseURL == "" || path == "" {
|
||||
@@ -1724,10 +1715,6 @@ func (u *ui) noteRecentRemote(baseURL, path, username, password string, remember
|
||||
if len(record.LastGroup) == 0 {
|
||||
record.LastGroup = u.recentRemoteGroup(baseURL, path)
|
||||
}
|
||||
if rememberAuth {
|
||||
record.Username = strings.TrimSpace(username)
|
||||
record.Password = password
|
||||
}
|
||||
next := []recentRemoteRecord{record}
|
||||
for _, existing := range u.recentRemotes {
|
||||
if existing.BaseURL == baseURL && existing.Path == path {
|
||||
@@ -1830,7 +1817,6 @@ func (u *ui) switchToLifecycleSelection(mode string) {
|
||||
u.remotePath.SetText("")
|
||||
u.remoteUsername.SetText("")
|
||||
u.remotePassword.SetText("")
|
||||
u.rememberRemoteAuth.Value = false
|
||||
u.selectedRemoteConnection = false
|
||||
default:
|
||||
u.vaultPath.SetText("")
|
||||
@@ -1838,7 +1824,6 @@ func (u *ui) switchToLifecycleSelection(mode string) {
|
||||
u.remotePath.SetText("")
|
||||
u.remoteUsername.SetText("")
|
||||
u.remotePassword.SetText("")
|
||||
u.rememberRemoteAuth.Value = false
|
||||
u.selectedRemoteConnection = false
|
||||
}
|
||||
u.requestMasterPassFocus = u.hasSelectedLifecycleTarget()
|
||||
@@ -1861,10 +1846,8 @@ func (u *ui) latestRecentRemote() (recentRemoteRecord, bool, time.Time) {
|
||||
|
||||
func (u *ui) currentRemoteRecord() recentRemoteRecord {
|
||||
return recentRemoteRecord{
|
||||
BaseURL: strings.TrimSpace(u.remoteBaseURL.Text()),
|
||||
Path: strings.TrimSpace(u.remotePath.Text()),
|
||||
Username: strings.TrimSpace(u.remoteUsername.Text()),
|
||||
Password: u.remotePassword.Text(),
|
||||
BaseURL: strings.TrimSpace(u.remoteBaseURL.Text()),
|
||||
Path: strings.TrimSpace(u.remotePath.Text()),
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1884,33 +1867,25 @@ func (u *ui) selectedRecentRemoteRecord() (recentRemoteRecord, bool) {
|
||||
func (u *ui) applyRecentRemoteRecord(record recentRemoteRecord) {
|
||||
u.remoteBaseURL.SetText(record.BaseURL)
|
||||
u.remotePath.SetText(record.Path)
|
||||
u.remoteUsername.SetText(record.Username)
|
||||
u.remotePassword.SetText(record.Password)
|
||||
u.remotePassword.Mask = '•'
|
||||
u.rememberRemoteAuth.Value = strings.TrimSpace(record.Username) != "" || record.Password != ""
|
||||
u.selectedRemoteConnection = true
|
||||
}
|
||||
|
||||
func (u *ui) remotePreferencesCurrentSummary() string {
|
||||
selected, hasSelected := u.selectedRecentRemoteRecord()
|
||||
switch {
|
||||
case !u.rememberRemoteAuth.Value:
|
||||
return "Current choice: KeePassGO will remember only the WebDAV location for this connection."
|
||||
case hasSelected && (strings.TrimSpace(selected.Username) != "" || selected.Password != ""):
|
||||
return "Current choice: a successful open will update the saved sign-in for this connection on this device."
|
||||
case strings.TrimSpace(u.remoteUsername.Text()) != "" || u.remotePassword.Text() != "":
|
||||
return "Current choice: a successful open will save the entered sign-in for this connection on this device."
|
||||
return "Current choice: the entered WebDAV sign-in is used for this open. To persist it, store it in the vault and bind this vault to the remote profile."
|
||||
default:
|
||||
return "Current choice: sign-in retention is enabled, but no username or password is entered yet."
|
||||
return "Current choice: KeePassGO remembers this connection's location only. Remote credentials belong in the vault, not device state."
|
||||
}
|
||||
}
|
||||
|
||||
func (u *ui) remotePreferencesAlwaysSavedSummary() string {
|
||||
return "Recent Connections always stores the WebDAV base URL, remote path, and the last group you opened for that connection."
|
||||
return "Recent Connections stores only the WebDAV base URL, remote path, and the last group you opened for that connection."
|
||||
}
|
||||
|
||||
func (u *ui) remotePreferencesRetentionSummary() string {
|
||||
return "KeePassGO keeps up to six recent connections. Turning off Remember sign-in and reopening rewrites that connection without the saved username or password."
|
||||
return "KeePassGO keeps up to six recent connections. Store remote credentials in the vault if this connection should persist across devices or reinstalls."
|
||||
}
|
||||
|
||||
func (u *ui) noteCurrentRemotePath() {
|
||||
@@ -3257,7 +3232,6 @@ func (u *ui) layout(gtx layout.Context) layout.Dimensions {
|
||||
u.remotePath.SetText("")
|
||||
u.remoteUsername.SetText("")
|
||||
u.remotePassword.SetText("")
|
||||
u.rememberRemoteAuth.Value = false
|
||||
u.state.ErrorMessage = ""
|
||||
u.state.StatusMessage = ""
|
||||
u.requestMasterPassFocus = true
|
||||
|
||||
Reference in New Issue
Block a user