On Thu, 8 Aug 2024 at 13:46, Yogesh Mahajan <yogesh.maha...@enterprisedb.com> wrote:
> Hi Dave, > > Should I proceed with this approach? > Sure, go ahead. > > Thanks, > Yogesh Mahajan > EnterpriseDB > > > On Thu, Aug 8, 2024 at 6:14 PM Dave Page <dp...@pgadmin.org> wrote: > >> >> >> On Thu, 8 Aug 2024 at 13:38, Yogesh Mahajan < >> yogesh.maha...@enterprisedb.com> wrote: >> >>> >>> >>> Hi, >>> >>> On Thu, Aug 8, 2024 at 5:58 PM Dave Page <dp...@pgadmin.org> wrote: >>> >>>> >>>> >>>> On Mon, 5 Aug 2024 at 13:27, Yogesh Mahajan < >>>> yogesh.maha...@enterprisedb.com> wrote: >>>> >>>>> Hi Hackers, >>>>> >>>>> Issue #7076 <https://github.com/pgadmin-org/pgadmin4/issues/7076> has >>>>> been reported by many Mac users. Issue has popped up when python binary >>>>> version is changed for the pgadmin. >>>>> >>>>> To save server passwords, pgadmin uses os level secret storage (in >>>>> case of Mac it is keyring) and adds an entry for each save password. >>>>> Whenever the python binary version is changed, keychain (python lib used >>>>> to >>>>> access keychain) asks for a password 2 times for accessing each entry. If >>>>> you have 10 servers, then it will ask for 20 times. >>>>> >>>>> To fix the issue, pgadmin will follow the same approach as chrome. >>>>> 1.An encryption key will be auto-generated and will be stored in the >>>>> keychain. >>>>> 2.Whenever save password request is received, encryption key will be >>>>> used to encrypt password and encrypted password will be saved in the >>>>> pgadmin database. >>>>> 3.Similarly, while retrieving the password, encryption will be pulled >>>>> from the keychain and will be used to decrypt the password. >>>>> This will reduce password asks to 2 times on python binary version >>>>> change. >>>>> >>>> >>>> That sounds almost like returning to the way things used to work with >>>> the master password, except we auto-generate it, and store that in the >>>> keychain. >>>> >>> >>> Yeah. >>> >>> >>>> I assume we'd do the same on all platforms, using whatever the >>>> equivalent store is on each? >>>> >>> >>> Yes we will be doing the same on all supported platforms. >>> >>> >>>> >>>> Any idea why it asks for the login password twice per access on macOS? >>>> >>> >>> This <https://github.com/jaraco/keyring/issues/644> is a known issue >>> for keyring python lib. And this >>> <https://github.com/jaraco/keyring/issues/619> one where the keychain >>> asks for a password for accessing each entry. >>> >> >> OK, thanks. >> -- >> Dave Page >> pgAdmin: https://www.pgadmin.org >> PostgreSQL: https://www.postgresql.org >> EDB: https://www.enterprisedb.com >> >> PGDay UK 2024, 11th September, London: https://2024.pgday.uk/ >> >> -- Dave Page pgAdmin: https://www.pgadmin.org PostgreSQL: https://www.postgresql.org EDB: https://www.enterprisedb.com PGDay UK 2024, 11th September, London: https://2024.pgday.uk/
