Add primary key password (inactivity) timeout

jbsarrodie commented 3 years ago

It would be good to be able to set two « timers »

Password Timeout is the maximum amount of time (expressed in minutes) between password prompts : the idea is to keep track of the unlock date/time when the user last entered the password to open the key. Then, each time coArchi needs to decrypt a git/ssh/proxy password, it checks if the current date/time is less than unlock + Password_Timeout, if not, then the key should be closed and the password asked again. Setting Password_Timeout to 0 (default value) should disable this control.
Password Inactivity Timeout is the maximum amout of time (expressed in minutes) between two password decryption : the idea is to keep track of the last call to EncryptedCredentialsStorage#getPassword() (lets call it last_decrypt). Then, each call to EncryptedCredentialsStorage#getPassword() should check if the current date/time is less than last_decrypt + Password_Inactivity_Timeout, if not, then the key should be closed and the password asked again. Setting Password_Inactivity_Timeout to 0 (default value) should disable this control.

Phillipus commented 3 years ago

Will work on this next.

Phillipus commented 3 years ago

This is ready for testing now.

Password constraints can be set in plugin_customization.ini as, for example:

org.archicontribs.modelrepository/passwordPrimaryTimeout=15
org.archicontribs.modelrepository/passwordInactivityTimeout=10

jbsarrodie commented 3 years ago

I've just tested and that's perfect, so closing this.

archimatetool / archi-modelrepository-plugin