Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[New Feature] Using node-keytar to store github token in safe place #321

Open
wants to merge 4 commits into
base: master
Choose a base branch
from

Conversation

khanhicetea
Copy link

Try to resolve #319

@hackjutsu
Copy link
Owner

Thanks. Will have a look this weekend.

```bash
$ npm run electron-rebuild
```

Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we avoid treating Linux as a special case?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

OSes use different things to store secret so node-keytar (a native node module) have to deal with this issue.

From what I know, we have to rebuild native node modules b/c some pre-build libs won't work.

Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for explaining:) I'm hesitant to add extra build steps for particular platforms, especially introducing external dependency by installing prerequisites. This often (significantly) increases the maintenance cost by making it hard to dig out or reproduce bugs, especially when the bug is related to the launch step. Maybe this module is not ready for integration at this moment.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yah, you're right. Using this module can increase failure rate and it's not safe as we want (atom/node-keytar#88)

app/index.js Outdated
const cachedImage = electronLocalStorage.get('image')
logger.debug(`-----> [${cachedImage.status}] cachedImage is ${cachedImage.data}`)

if (cachedProfile.status && cachedImage.status) {
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Only the profile cache and token cache are required for launching. The image cache is optional. Given there is a relatively higher failure rate for image caching, this check will propagate this higher failure rate to the app launching.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yah, I pushed a commit to remove cachedImage.status

updateDashboardModalStatus = { updateDashboardModalStatus }
updateActiveGistAfterClicked = { updateActiveGistAfterClicked } />
</Provider>,
<Async
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we use regular Promise?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry, I'm not good at JS so I don't get it. Could you teach me why using regular Promise is better ? Thanks !

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

[Feature Request] Store token in safe place like keychain
2 participants