Re: [SailfishDevel] Storing credentials safely in a python+QML app

[Andrey Kozhevnikov]

profit is not writing real password each time, just some pin.

-- Исходное сообщение --
От: "Marcin Mielniczuk" 
Кому: "Sailfish OS Developers" 
Копия: "Andrey Kozhevnikov" ; "J. Pablo" 


Отправлено: 15.09.2016 18:34:58
Тема: Re: [SailfishDevel] Storing credentials safely in a python+QML app


I remember Harmattan uses accounts-qt framework (libaccountsetup0,
libsignon0, etc.) for SSO support. Did Sailfish drop it?

Marcin

On 15.09.2016 15:02, J. Pablo wrote:
 But the master password should be remembered by the user? What's the 
difference then between this solution and just ask for the proper 
password each time?


 Thanks!

 El jueves, 15 de septiembre de 2016 11:46:01 (CEST) Andrey 
Kozhevnikov escribió:
 you should use master password for saving credentials, or ask every 
time

 to enter password and save only login.

 -- Исходное сообщение --
 От: "J. Pablo" 
 Кому: "Sailfish OS Developers mailing list 
(devel@lists.sailfishos.org)"

 
 Отправлено: 15.09.2016 16:44:22
 Тема: [SailfishDevel] Storing credentials safely in a python+QML app


 Hello sailors!

 This is my first email in the list, although I've been reading for 
a

 while.

 I'm designing a simple app that show the user some info about its
 contract with its mobile carrier (pepephone, from Spain).

 Their API is pretty simple and you have to login each time with 
user

 and password and then the servers returns a sessionID.

 I'd like to keep username and password safely in the phone. Now, 
I'm
 aware that obfuscation is not an option, and any other safe method 
that
 come to my mind needs a master password. I've asked to other dev 
and he
 use a salt and the IMEI to encrypt it, but you only have to get 
other
 app into the phone and knowing the algorithm (easly checking the 
code

 on github) you can get the password.

 I wonder if SFOS has some kind of keyring like kde or gnome, or if
 there is no other way than the described above. Any suggestion is
 appreciated :)

 Cheers,
 Pablo.
 ___
 SailfishOS.org Devel mailing list
 To unsubscribe, please send a mail to
 devel-unsubscr...@lists.sailfishos.org

 ___
 SailfishOS.org Devel mailing list
 To unsubscribe, please send a mail to 
devel-unsubscr...@lists.sailfishos.org

 ___
 SailfishOS.org Devel mailing list
 To unsubscribe, please send a mail to 
devel-unsubscr...@lists.sailfishos.org




___
SailfishOS.org Devel mailing list
To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org

Re: [SailfishDevel] Storing credentials safely in a python+QML app

[Marcin Mielniczuk]

I remember Harmattan uses accounts-qt framework (libaccountsetup0,
libsignon0, etc.) for SSO support. Did Sailfish drop it?

Marcin

On 15.09.2016 15:02, J. Pablo wrote:
> But the master password should be remembered by the user? What's the 
> difference then between this solution and just ask for the proper password 
> each time?
>
> Thanks!
>
> El jueves, 15 de septiembre de 2016 11:46:01 (CEST) Andrey Kozhevnikov 
> escribió:
>> you should use master password for saving credentials, or ask every time 
>> to enter password and save only login.
>>
>> -- Исходное сообщение --
>> От: "J. Pablo" 
>> Кому: "Sailfish OS Developers mailing list (devel@lists.sailfishos.org)" 
>> 
>> Отправлено: 15.09.2016 16:44:22
>> Тема: [SailfishDevel] Storing credentials safely in a python+QML app
>>
>>> Hello sailors!
>>>
>>> This is my first email in the list, although I've been reading for a 
>>> while.
>>>
>>> I'm designing a simple app that show the user some info about its 
>>> contract with its mobile carrier (pepephone, from Spain).
>>>
>>> Their API is pretty simple and you have to login each time with user 
>>> and password and then the servers returns a sessionID.
>>>
>>> I'd like to keep username and password safely in the phone. Now, I'm 
>>> aware that obfuscation is not an option, and any other safe method that 
>>> come to my mind needs a master password. I've asked to other dev and he 
>>> use a salt and the IMEI to encrypt it, but you only have to get other 
>>> app into the phone and knowing the algorithm (easly checking the code 
>>> on github) you can get the password.
>>>
>>> I wonder if SFOS has some kind of keyring like kde or gnome, or if 
>>> there is no other way than the described above. Any suggestion is 
>>> appreciated :)
>>>
>>> Cheers,
>>> Pablo.
>>> ___
>>> SailfishOS.org Devel mailing list
>>> To unsubscribe, please send a mail to 
>>> devel-unsubscr...@lists.sailfishos.org
>> ___
>> SailfishOS.org Devel mailing list
>> To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org
> ___
> SailfishOS.org Devel mailing list
> To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org

___
SailfishOS.org Devel mailing list
To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org

Re: [SailfishDevel] Storing credentials safely in a python+QML app

[J. Pablo]

But the master password should be remembered by the user? What's the difference 
then between this solution and just ask for the proper password each time?

Thanks!

El jueves, 15 de septiembre de 2016 11:46:01 (CEST) Andrey Kozhevnikov escribió:
> you should use master password for saving credentials, or ask every time 
> to enter password and save only login.
> 
> -- Исходное сообщение --
> От: "J. Pablo" 
> Кому: "Sailfish OS Developers mailing list (devel@lists.sailfishos.org)" 
> 
> Отправлено: 15.09.2016 16:44:22
> Тема: [SailfishDevel] Storing credentials safely in a python+QML app
> 
> >Hello sailors!
> >
> >This is my first email in the list, although I've been reading for a 
> >while.
> >
> >I'm designing a simple app that show the user some info about its 
> >contract with its mobile carrier (pepephone, from Spain).
> >
> >Their API is pretty simple and you have to login each time with user 
> >and password and then the servers returns a sessionID.
> >
> >I'd like to keep username and password safely in the phone. Now, I'm 
> >aware that obfuscation is not an option, and any other safe method that 
> >come to my mind needs a master password. I've asked to other dev and he 
> >use a salt and the IMEI to encrypt it, but you only have to get other 
> >app into the phone and knowing the algorithm (easly checking the code 
> >on github) you can get the password.
> >
> >I wonder if SFOS has some kind of keyring like kde or gnome, or if 
> >there is no other way than the described above. Any suggestion is 
> >appreciated :)
> >
> >Cheers,
> >Pablo.
> >___
> >SailfishOS.org Devel mailing list
> >To unsubscribe, please send a mail to 
> >devel-unsubscr...@lists.sailfishos.org
> 
> ___
> SailfishOS.org Devel mailing list
> To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org
___
SailfishOS.org Devel mailing list
To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org

Re: [SailfishDevel] Storing credentials safely in a python+QML app

[Andrey Kozhevnikov]

you should use master password for saving credentials, or ask every time 
to enter password and save only login.


-- Исходное сообщение --
От: "J. Pablo" 
Кому: "Sailfish OS Developers mailing list (devel@lists.sailfishos.org)" 


Отправлено: 15.09.2016 16:44:22
Тема: [SailfishDevel] Storing credentials safely in a python+QML app


Hello sailors!

This is my first email in the list, although I've been reading for a 
while.


I'm designing a simple app that show the user some info about its 
contract with its mobile carrier (pepephone, from Spain).


Their API is pretty simple and you have to login each time with user 
and password and then the servers returns a sessionID.


I'd like to keep username and password safely in the phone. Now, I'm 
aware that obfuscation is not an option, and any other safe method that 
come to my mind needs a master password. I've asked to other dev and he 
use a salt and the IMEI to encrypt it, but you only have to get other 
app into the phone and knowing the algorithm (easly checking the code 
on github) you can get the password.


I wonder if SFOS has some kind of keyring like kde or gnome, or if 
there is no other way than the described above. Any suggestion is 
appreciated :)


Cheers,
Pablo.
___
SailfishOS.org Devel mailing list
To unsubscribe, please send a mail to 
devel-unsubscr...@lists.sailfishos.org


___
SailfishOS.org Devel mailing list
To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org

[SailfishDevel] Storing credentials safely in a python+QML app

[J. Pablo]

Hello sailors!

This is my first email in the list, although I've been reading for a while.

I'm designing a simple app that show the user some info about its contract with 
its mobile carrier (pepephone, from Spain).

Their API is pretty simple and you have to login each time with user and 
password and then the servers returns a sessionID.

I'd like to keep username and password safely in the phone. Now, I'm aware that 
obfuscation is not an option, and any other safe method that come to my mind 
needs a master password. I've asked to other dev and he use a salt and the IMEI 
to encrypt it, but you only have to get other app into the phone and knowing 
the algorithm (easly checking the code on github) you can get the password.

I wonder if SFOS has some kind of keyring like kde or gnome, or if there is no 
other way than the described above. Any suggestion is appreciated :)

Cheers,
Pablo.
___
SailfishOS.org Devel mailing list
To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org

Re: [SailfishDevel] Connect to 2 databases

[Chris Walker]

On Wed, 14 Sep 2016 23:40:50 +0200
Matthias Fehring  wrote:

> Am Donnerstag, 8. September 2016, 14:40:16 CEST schrieb Chris Walker:
> > Can anybody point me in the direction of some C++ code to connect to
> > two SQL databases please?  
> 
> Does it have to be pure C++ code? If not and if it can be the Qt way,
> read on. :)
> 
> > I want to have one set as read-only and the other as read-write.
> > 
> > Whatever I'm doing is wrong as I always end up with a default
> > connection.  
> 
> Have a look at QSqlDatabase and it's addDatabase() method. [1]

Thank you Matthias for the examples. I'll take a look.
___
SailfishOS.org Devel mailing list
To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org

Re: [SailfishDevel] Connect to 2 databases

[Chris Walker]

On Wed, 14 Sep 2016 23:34:18 +0300
"E.S. Rosenberg"  wrote:

> Assuming you need SQLite since you are developing for SailfishOS the
> first result here seems to be what you are looking for:
> https://www.google.nl/search?q=c%2B%2B+sqlite
> 
> Instead of creating one SQLite object you create 2 or more, one for
> each database though if you are opening a lot of databases you
> might want to consider if they shouldn't all be different tables in
> the same database.

I can't add the tables to the first database as I want to use that 'as
is' and hence read only.

> Of course you could also be more forthcoming about what exact db
> you're trying to connect to and what you tried so that we don't do
> double work for you, I believe as a community we need to be helpful
> etc. but as a member looking for help I also need to do my due
> diligence, without that expect short basic answers or none...

As a beer drinker, I am a member of CAMRA - http://www.camra.org.uk/

They have an app for iOS and Android and while I do have the Android
app on my phone I think it's awful. So I'm trying to write an app to
use the CAMRA database which happens to be a sqlite file. CAMRA update
the app and data annually and I want to be able to simply overwrite the
existing database with the new one each year but retain my own database
for noting things like which beers I've drunk.

I've checked with the company that wrote the app for CAMRA and they say
that they try to maintain the same database structure and numbering
each year but it falls to CAMRA to maintain the numbering as they
supply the data to the app company. I'm assuming (perhaps naively) that
it will remain constant.

I might also have another app for noting which pubs I've visited as
CAMRA list pub data in the same sqlite database.

> The general idea should be along these lines:
> 
> sqlite3 *db1, *db2;
> sqlite_open(path1, );
> sqlite_open(path2, );
> 
> Regards,
> Eli

Thanks very much. That gives me something to work with.

I apologise if my first reply was a bit terse. That wasn't my intention.
___
SailfishOS.org Devel mailing list
To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org