-
Notifications
You must be signed in to change notification settings - Fork 1.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
PR3296 auto export (DRAFT) #3451
base: dev
Are you sure you want to change the base?
Conversation
@Milos Needs some help on Quality checks please? |
where is the password stored? |
On the phone's local storage (app's data store). Unencrypted but "protected" as one needs to connect through the debugger to get access). Stored password will be removed when not used as per expiry setting. Even though not encrypted, question is what encryption would add? Module has "hooks" for encryption/decryption but that would need another password/key, filling in needs additional research. (You already suggested using the NS token?). |
Quality Gate failedFailed conditions See analysis details on SonarCloud Catch issues before they fail your Quality Gate with our IDE extension SonarLint |
Testing this PR. All seems to be working as expected. No psw is asked for settings export (after Medtrum Nano activation) and the automation is exporting settings as planned. |
Working on a new PR that is securely encrypting the password required for unattended exporting. |
Tested ok with an expiration of 7 days. I made an automation that automaticly exported settings when cannula age was less the 0,1 hours. It worked great! My biggest wish for this is not to be needed to re enter password and eventually add upload to google drive! Great work! |
Great to here 👍
Exporting to alternative locations like Cloud can be in a follow up PR which builds on this. |
Can password then be stored indefinetely? To import settings on another phone, if that what we are afraid of, it will be needed to re-enter password. |
I think, it is better to ask for the psw regularly. If not, the day when it will be needed, nobody will remember it... Most people do not use password apps. ATM, the number of days is set by the user. |
I see your point. My android phone saves password in google account. I also keep a backup of it in another file just in case. It should surely be an option if you dont want to re enter if it is possible |
Current PR only discards when user does not use the stored password. Nope. In the final PR (expect soon) password expires after 4 weeks, with 1 week grace period.
That was why we thought it would be best to ask the user to-reenter regularly. |
Exactly that 👍
In the new PR - no longer. Expiry will be fixed at 4 weeks. |
This PR#3451 enables automated settings export.
As settings export needs the master password for encryption the password is stored on the local phone's app datastore on manually exporting settings from the maintenance menu. Password will expire/wipe when not used for the number of days set.
Stored password wil be wiped on settings master password (or forced with file 'ExportPasswordReset' in /AAPS/extra)
Functionality is enabled through a new setting in Maintenance preferences.
Once enabled (and password set through manual export) user can define the automatic settings export from automation.
Actions also wil be in registered to "Treatments" (careportal/User entry)
TODO: Review/determine if storing the master password unencrypted local phone's app storage is acceptable.
See also issue #3296
Additional note:
This PR implementation should enable implementation for auto exporting to alternate storage locations (like the Downloads folder or Cloud). But this will be subject for another PR.