Re: [SailfishDevel] Storing credentials safely in a python+QML app
profit is not writing real password each time, just some pin. -- Исходное сообщение -- От: "Marcin Mielniczuk"Кому: "Sailfish OS Developers" Копия: "Andrey Kozhevnikov" ; "J. Pablo" Отправлено: 15.09.2016 18:34:58 Тема: Re: [SailfishDevel] Storing credentials safely in a python+QML app I remember Harmattan uses accounts-qt framework (libaccountsetup0, libsignon0, etc.) for SSO support. Did Sailfish drop it? Marcin On 15.09.2016 15:02, J. Pablo wrote: But the master password should be remembered by the user? What's the difference then between this solution and just ask for the proper password each time? Thanks! El jueves, 15 de septiembre de 2016 11:46:01 (CEST) Andrey Kozhevnikov escribió: you should use master password for saving credentials, or ask every time to enter password and save only login. -- Исходное сообщение -- От: "J. Pablo" Кому: "Sailfish OS Developers mailing list (devel@lists.sailfishos.org)" Отправлено: 15.09.2016 16:44:22 Тема: [SailfishDevel] Storing credentials safely in a python+QML app Hello sailors! This is my first email in the list, although I've been reading for a while. I'm designing a simple app that show the user some info about its contract with its mobile carrier (pepephone, from Spain). Their API is pretty simple and you have to login each time with user and password and then the servers returns a sessionID. I'd like to keep username and password safely in the phone. Now, I'm aware that obfuscation is not an option, and any other safe method that come to my mind needs a master password. I've asked to other dev and he use a salt and the IMEI to encrypt it, but you only have to get other app into the phone and knowing the algorithm (easly checking the code on github) you can get the password. I wonder if SFOS has some kind of keyring like kde or gnome, or if there is no other way than the described above. Any suggestion is appreciated :) Cheers, Pablo. ___ SailfishOS.org Devel mailing list To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org ___ SailfishOS.org Devel mailing list To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org ___ SailfishOS.org Devel mailing list To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org ___ SailfishOS.org Devel mailing list To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org
Re: [SailfishDevel] Storing credentials safely in a python+QML app
I remember Harmattan uses accounts-qt framework (libaccountsetup0, libsignon0, etc.) for SSO support. Did Sailfish drop it? Marcin On 15.09.2016 15:02, J. Pablo wrote: > But the master password should be remembered by the user? What's the > difference then between this solution and just ask for the proper password > each time? > > Thanks! > > El jueves, 15 de septiembre de 2016 11:46:01 (CEST) Andrey Kozhevnikov > escribió: >> you should use master password for saving credentials, or ask every time >> to enter password and save only login. >> >> -- Исходное сообщение -- >> От: "J. Pablo">> Кому: "Sailfish OS Developers mailing list (devel@lists.sailfishos.org)" >> >> Отправлено: 15.09.2016 16:44:22 >> Тема: [SailfishDevel] Storing credentials safely in a python+QML app >> >>> Hello sailors! >>> >>> This is my first email in the list, although I've been reading for a >>> while. >>> >>> I'm designing a simple app that show the user some info about its >>> contract with its mobile carrier (pepephone, from Spain). >>> >>> Their API is pretty simple and you have to login each time with user >>> and password and then the servers returns a sessionID. >>> >>> I'd like to keep username and password safely in the phone. Now, I'm >>> aware that obfuscation is not an option, and any other safe method that >>> come to my mind needs a master password. I've asked to other dev and he >>> use a salt and the IMEI to encrypt it, but you only have to get other >>> app into the phone and knowing the algorithm (easly checking the code >>> on github) you can get the password. >>> >>> I wonder if SFOS has some kind of keyring like kde or gnome, or if >>> there is no other way than the described above. Any suggestion is >>> appreciated :) >>> >>> Cheers, >>> Pablo. >>> ___ >>> SailfishOS.org Devel mailing list >>> To unsubscribe, please send a mail to >>> devel-unsubscr...@lists.sailfishos.org >> ___ >> SailfishOS.org Devel mailing list >> To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org > ___ > SailfishOS.org Devel mailing list > To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org ___ SailfishOS.org Devel mailing list To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org
Re: [SailfishDevel] Storing credentials safely in a python+QML app
But the master password should be remembered by the user? What's the difference then between this solution and just ask for the proper password each time? Thanks! El jueves, 15 de septiembre de 2016 11:46:01 (CEST) Andrey Kozhevnikov escribió: > you should use master password for saving credentials, or ask every time > to enter password and save only login. > > -- Исходное сообщение -- > От: "J. Pablo"> Кому: "Sailfish OS Developers mailing list (devel@lists.sailfishos.org)" > > Отправлено: 15.09.2016 16:44:22 > Тема: [SailfishDevel] Storing credentials safely in a python+QML app > > >Hello sailors! > > > >This is my first email in the list, although I've been reading for a > >while. > > > >I'm designing a simple app that show the user some info about its > >contract with its mobile carrier (pepephone, from Spain). > > > >Their API is pretty simple and you have to login each time with user > >and password and then the servers returns a sessionID. > > > >I'd like to keep username and password safely in the phone. Now, I'm > >aware that obfuscation is not an option, and any other safe method that > >come to my mind needs a master password. I've asked to other dev and he > >use a salt and the IMEI to encrypt it, but you only have to get other > >app into the phone and knowing the algorithm (easly checking the code > >on github) you can get the password. > > > >I wonder if SFOS has some kind of keyring like kde or gnome, or if > >there is no other way than the described above. Any suggestion is > >appreciated :) > > > >Cheers, > >Pablo. > >___ > >SailfishOS.org Devel mailing list > >To unsubscribe, please send a mail to > >devel-unsubscr...@lists.sailfishos.org > > ___ > SailfishOS.org Devel mailing list > To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org ___ SailfishOS.org Devel mailing list To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org
Re: [SailfishDevel] Storing credentials safely in a python+QML app
you should use master password for saving credentials, or ask every time to enter password and save only login. -- Исходное сообщение -- От: "J. Pablo"Кому: "Sailfish OS Developers mailing list (devel@lists.sailfishos.org)" Отправлено: 15.09.2016 16:44:22 Тема: [SailfishDevel] Storing credentials safely in a python+QML app Hello sailors! This is my first email in the list, although I've been reading for a while. I'm designing a simple app that show the user some info about its contract with its mobile carrier (pepephone, from Spain). Their API is pretty simple and you have to login each time with user and password and then the servers returns a sessionID. I'd like to keep username and password safely in the phone. Now, I'm aware that obfuscation is not an option, and any other safe method that come to my mind needs a master password. I've asked to other dev and he use a salt and the IMEI to encrypt it, but you only have to get other app into the phone and knowing the algorithm (easly checking the code on github) you can get the password. I wonder if SFOS has some kind of keyring like kde or gnome, or if there is no other way than the described above. Any suggestion is appreciated :) Cheers, Pablo. ___ SailfishOS.org Devel mailing list To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org ___ SailfishOS.org Devel mailing list To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org
[SailfishDevel] Storing credentials safely in a python+QML app
Hello sailors! This is my first email in the list, although I've been reading for a while. I'm designing a simple app that show the user some info about its contract with its mobile carrier (pepephone, from Spain). Their API is pretty simple and you have to login each time with user and password and then the servers returns a sessionID. I'd like to keep username and password safely in the phone. Now, I'm aware that obfuscation is not an option, and any other safe method that come to my mind needs a master password. I've asked to other dev and he use a salt and the IMEI to encrypt it, but you only have to get other app into the phone and knowing the algorithm (easly checking the code on github) you can get the password. I wonder if SFOS has some kind of keyring like kde or gnome, or if there is no other way than the described above. Any suggestion is appreciated :) Cheers, Pablo. ___ SailfishOS.org Devel mailing list To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org
Re: [SailfishDevel] Connect to 2 databases
On Wed, 14 Sep 2016 23:40:50 +0200 Matthias Fehringwrote: > Am Donnerstag, 8. September 2016, 14:40:16 CEST schrieb Chris Walker: > > Can anybody point me in the direction of some C++ code to connect to > > two SQL databases please? > > Does it have to be pure C++ code? If not and if it can be the Qt way, > read on. :) > > > I want to have one set as read-only and the other as read-write. > > > > Whatever I'm doing is wrong as I always end up with a default > > connection. > > Have a look at QSqlDatabase and it's addDatabase() method. [1] Thank you Matthias for the examples. I'll take a look. ___ SailfishOS.org Devel mailing list To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org
Re: [SailfishDevel] Connect to 2 databases
On Wed, 14 Sep 2016 23:34:18 +0300 "E.S. Rosenberg"wrote: > Assuming you need SQLite since you are developing for SailfishOS the > first result here seems to be what you are looking for: > https://www.google.nl/search?q=c%2B%2B+sqlite > > Instead of creating one SQLite object you create 2 or more, one for > each database though if you are opening a lot of databases you > might want to consider if they shouldn't all be different tables in > the same database. I can't add the tables to the first database as I want to use that 'as is' and hence read only. > Of course you could also be more forthcoming about what exact db > you're trying to connect to and what you tried so that we don't do > double work for you, I believe as a community we need to be helpful > etc. but as a member looking for help I also need to do my due > diligence, without that expect short basic answers or none... As a beer drinker, I am a member of CAMRA - http://www.camra.org.uk/ They have an app for iOS and Android and while I do have the Android app on my phone I think it's awful. So I'm trying to write an app to use the CAMRA database which happens to be a sqlite file. CAMRA update the app and data annually and I want to be able to simply overwrite the existing database with the new one each year but retain my own database for noting things like which beers I've drunk. I've checked with the company that wrote the app for CAMRA and they say that they try to maintain the same database structure and numbering each year but it falls to CAMRA to maintain the numbering as they supply the data to the app company. I'm assuming (perhaps naively) that it will remain constant. I might also have another app for noting which pubs I've visited as CAMRA list pub data in the same sqlite database. > The general idea should be along these lines: > > sqlite3 *db1, *db2; > sqlite_open(path1, ); > sqlite_open(path2, ); > > Regards, > Eli Thanks very much. That gives me something to work with. I apologise if my first reply was a bit terse. That wasn't my intention. ___ SailfishOS.org Devel mailing list To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org