ubuntu-phone team mailing list archive

Thread
Date

Re: Store username/password

To: Omer Akram <om26er@xxxxxxxxxx>
From: Rutger Hendriks <rutgerhendriks@xxxxxxxxx>
Date: Thu, 19 May 2016 20:57:05 +0000
Cc: Ubuntu Phone <ubuntu-phone@xxxxxxxxxxxxxxxxxxx>
In-reply-to: <CAB6cYk7xjG3Gpgkp=2SU5Xj7dJ4NGvREiv56W5Wo1FQXpg+1Pg@mail.gmail.com>

It's a 3rd party web service indeed. It is using https, so not too bad, but
if I would store plain text, that would be bad indeed.
I will have a look at your JS helpers, thanks!

Op do 19 mei 2016 om 22:48 schreef Omer Akram <om26er@xxxxxxxxxx>:

> Hi!
>
> if you are the owner of the web service, I would suggest to change the
> authentication to token-based. If its a third-party service, then you might
> probably want to check if the service supports a more secure way to
> authenticate/login. If the web service really only supports basic
> authentication and you don't want to deal with Online accounts, then I
> guess you could write username/password so a sqlite database. I know its
> ugly but a little bit less uglier than just writing to a plain text file.
>
> Here are some simple JS helpers[1] that I wrote for my purpose but you can
> easily adapt that for your usecase.
>
> [1]
> http://bazaar.launchpad.net/~om26er/ubuntu-soundcloud-app/trunk/view/head:/UbuntuSoundcloudApp/DbHelpers.js#L10
>
> Thanks!
>
> On Fri, May 20, 2016 at 1:27 AM, Rutger Hendriks <rutgerhendriks@xxxxxxxxx
> > wrote:
>
>> Hi list,
>>
>> I'm creating a QML app with the Ubuntu SDK IDE. This app uses
>> XMLHttpRequests to authenticate to an online service and then can get it's
>> data from there.
>> This all works fine, but I need to always type in the username and
>> password. Now what I want is to store this information so that it can be
>> read on application start.
>> How would I go about doing this?
>> I've found https://wiki.ubuntu.com/OnlineAccounts but that clearly
>> states:
>> -----------------------------
>> The purpose of Online Accounts in Ubuntu is to simplify the overall
>> experience, by reducing your need to enter sign-in details for an online
>> service in multiple apps.
>>
>> This time saving comes at a cost: the mental complexity of dealing with a
>> separate thing, “Online Accounts”. Therefore, Online Accounts should be
>> involved only where it is reasonably likely to save time. So it should not
>> be used to handle special-purpose accounts that are only ever used for one
>> app; that would make the overall experience more complex for no gain.
>> -----------------------------
>>
>> Well, as you might have guessed, my app will be the only one to use the
>> account. Now what is the preferred way to store my account settings? I
>> guess it needs to be somewhat secure... Wouldn't want anyone to read it...
>> but then again, that might be step 2..
>>
>> Thanks for any help!
>>
>> Kind regards,
>>
>> Rutger Hendriks
>
>
>>
>>
>> --
>> Verzonden via Dekko vanaf mijn Ubuntu-apparaat
>>
>> --
>> Mailing list: https://launchpad.net/~ubuntu-phone
>> Post to     : ubuntu-phone@xxxxxxxxxxxxxxxxxxx
>> Unsubscribe : https://launchpad.net/~ubuntu-phone
>> More help   : https://help.launchpad.net/ListHelp
>>
>

References

Store username/password
From: Rutger Hendriks, 2016-05-19
Re: Store username/password
From: Omer Akram, 2016-05-19