'Remember Me' option doesn't work

[apprehensions]

the 'Remember Me' option at the login page, when checked (X), it does not remember me the next time i launch discordo.

[apprehensions]

2023/03/03 15:29:26 github.com/diamondburned/arikawa/v3@v3.2.0/utils/ws/ws.go:16: Gateway error: websocket: close sent
2023/03/03 15:29:26 github.com/ayn2op/discordo/main.go:74: websocket closed, reason: 4004 Authentication failed.

[r3k2]

Hmm, it does not look like the dev is paying any attention to the issues here :(

[ayn2op]

Hello there! Sorry for the delayed response; I am currently busy with work. I have tried to reproduce the issue, but unfortunately, I am unable to reproduce the issue. Discordo stores the authentication token in the OS-specific keyring when the "Remember Me" option is turned on. You will need a keyring software that implements secret-service interface (gnome-keyring for GNOME, kwallet for KDE Plasma, etc) on Linux.

[apprehensions]

You will need a keyring software that implements secret-service interface (gnome-keyring for GNOME, kwallet for KDE Plasma, etc) on Linux.

dude. is there seriously not some other way to do this completely natively and not using some shitty, bloated software? at least some keyring or crypto go library out there somewhere.

[ayn2op]

You will need a keyring software that implements secret-service interface (gnome-keyring for GNOME, kwallet for KDE Plasma, etc) on Linux.

dude. is there seriously not some other way to do this completely natively and not using some shitty, bloated software? at least some keyring or crypto go library out there somewhere.

Not that I am aware of. Please do recommend alternatives. For now, I am closing this issue.

[apprehensions]

This issue has not been solved. I cannot use the software that discordo uses for password storing, due to limitations of my setup and my distribution.

[ayn2op]

This issue has not been solved. I cannot use the software that discordo uses for password storing, due to limitations of my setup and my distribution.

Unfortunately, there is not much I can do from my side, Discordo requires keyring software that implements secret-service interface to store the authentication token securely. Please join the Discordo Discord server for further assistance.

[r3k2]

I am the same I use sway/wayland dont have gnome or kde for most things. I use GPG and its native keyring and I also see this issue

[r3k2]

This issue has not been solved. I cannot use the software that discordo uses for password storing, due to limitations of my setup and my distribution.

Unfortunately, there is not much I can do from my side, Discordo requires keyring software that implements secret-service interface to store the authentication token securely. Please join the Discordo Discord server for further assistance.

you could have it so it can get the credentials from gopass/pass/bitwarden-cli etc like most TUI/Cli tools do? check aerc email client also GO that I use all the time, gomux a go matrix chat client etc etc.. I have implemented this myself on my own tools, so is really not hard at all, the go libs are out there already. This is an example of one of my GO tools that in the config allows calling gopass/pass or any password mananager https://git.sr.ht/~rek2/goTootRamdonVideo/tree/master/item/config.ini @ayn2op

[apprehensions]

Why isn't the password stored similar to how browsers or programs do it? Like, in a file as a base64 encoded or some database with an encryption key, etc, pin, etc. Relying on external software is probably less secure since it would still be sort of the same method if Discordo just did it on its own.

'Remember me' should mean that the software always remembers the credentials.

[ghost]

Got an idea. After authenticating, save the user's token in $HOME/.config/discordo/token, then check for it exist on startup, if that's true, use it as the authentication method.

[apprehensions]

Basically what i had suggested, but with even worse security.

[emanueljg]

you could have it so it can get the credentials from gopass/pass/bitwarden-cli etc like most TUI/Cli tools do? check aerc email client also GO that I use all the time, gomux a go matrix chat client etc etc.. I have implemented this myself on my own tools, so is really not hard at all, the go libs are out there already. This is an example of one of my GO tools that in the config allows calling gopass/pass or any password mananager https://git.sr.ht/~rek2/goTootRamdonVideo/tree/master/item/config.ini

You are free to submit a PR especially since you seem to have experience implementing a solution to this problem. I think it would be a really good feature (particularly since I'm using solely pass for password management myself and would benefit from this directly). My current bandaid has been to pass the sops-encrypted token by the command line by reading it from a file in my home (just like suggested by jumps-are-op) which of course is not ideal.

[ayn2op]

you could have it so it can get the credentials from gopass/pass/bitwarden-cli etc like most TUI/Cli tools do? check aerc email client also GO that I use all the time, gomux a go matrix chat client etc etc.. I have implemented this myself on my own tools, so is really not hard at all, the go libs are out there already. This is an example of one of my GO tools that in the config allows calling gopass/pass or any password mananager https://git.sr.ht/~rek2/goTootRamdonVideo/tree/master/item/config.ini

You are free to submit a PR especially since you seem to have experience implementing a solution to this problem. I think it would be a really good feature (particularly since I'm using solely pass for password management myself and would benefit from this directly). My current bandaid has been to pass the sops-encrypted token by the command line by reading it from a file in my home (just like suggested by jumps-are-op) which of course is not ideal.

You can use something like this to expose secret-service DBus API with pass as backend.