Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve pws subcommand #139

Open
4 of 5 tasks
robinkrahl opened this issue Apr 4, 2021 · 6 comments
Open
4 of 5 tasks

Improve pws subcommand #139

robinkrahl opened this issue Apr 4, 2021 · 6 comments
Assignees
@robinkrahl

Comments

@robinkrahl
Copy link
Collaborator

robinkrahl commented Apr 4, 2021
edited

Last week, I've used the PWS functionality for the first time with real data. I had some issues with our current PWS commands:

  • The user has to provide the password as a CLI argument. This might lead to leaks via the history file, logs or the process list.
  • There are three typical use cases:
    1. Adding a new site. Currently, I have to check which slots are currently programmed (pws status), keep track of the first unprogrammed slot and then call pws set.
    2. Updating existing information. Currently, this requires me to re-enter all information for the pws set command instead of just listing the information to update.
    3. Deleting a site. This works fine.

So I suggest to replace the current pws set command with:

  • pws set [--overwrite] <slot> <name> <login> [<password>|-]. If the password is set to -, it is read from stdin. If it is not set, it is prompted from the user. Unless --overwrite (or --force?) is set, this makes sure that the slot is currently unprogrammed to avoid accidental data loss.
  • pws add <name> <login> [<password>|-]. The same as pws set, but it queries the first unprogrammed slot and writes the data to this slot.
  • pws update <slot> [--name <name>] [--login <login>] [--password <password>]. Overwrites the given data on the given slot without changing the other fields.

If we want to be even more interactive, we could also make the slot, name and login arguments optional and prompt them from the user if not set.

@d-e-s-o What do you think?

Tracking:
@d-e-s-o
Copy link
Owner

d-e-s-o commented Apr 6, 2021
edited

Hi @robinkrahl, your suggestions sound fine to me. It seems as if we should make pws update --password also work with stdin then, though, should we? I wouldn't say that we need to make input of slot, name, and login interactive.

@robinkrahl robinkrahl self-assigned this Apr 9, 2021
@robinkrahl
Copy link
Collaborator Author

robinkrahl commented Apr 9, 2021 via email

This was referenced Apr 14, 2021
Closed
Closed
Closed
@d-e-s-o
Copy link
Owner

d-e-s-o commented Apr 17, 2021

Is there some fundamental difference in OTP handling that we don't provide a similar interface there?

@robinkrahl
Copy link
Collaborator Author

No, that would be my next step. I started with the PWS because the commands are more complex and data loss might hurt more.

This was referenced Apr 18, 2021
Closed
Open
Closed
Closed
@d-e-s-o
Copy link
Owner

d-e-s-o commented May 9, 2021

It seems as if this issue can be closed, correct? From what I can tell #163 was the last outstanding issue. Or is there something else missing, Robin?

@robinkrahl
Copy link
Collaborator Author

I also intended to add a password prompt. Just reading from stdin is fine for piping, but if the user wants to manually type the password, it’s a bit awkward.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@robinkrahl robinkrahl

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@robinkrahl @d-e-s-o