haiwen / seadroid

Android client for Seafile
Other
540 stars 277 forks source link

Seafile app forgots library passwords, perhaps it does not use client-side encryption and decryption #979

Closed deahbe closed 1 year ago

deahbe commented 1 year ago

I am currently setting up my new Samsung Galaxy S23 Ultra device. Like my previous device, the Samsung Galaxy A72, it operates with Android 13. The Seafile app with version 2.3.4 forgets the library passwords on the S23 as soon as the app is closed. On the A72 the passwords remain stored and I do not have to reenter it after reopening the app.

In the forum someone says, that he had to activate client-side decryption and it worked again. I remember, that older versions of Seafile for Android had such a setting. But version 2.3.4 does not have this choice in the settings menu. I have installed several older versions back to 2.1.x and even then no such setting is available. But on an iOS client I can see the setting "local decryption".

In addition to the A72, I also use the Seafile app on a Samsung Galaxy Tab S3 and it doesn’t forget the library passwords either. Over several updates from the Play Store I also use version 2.3.4 on the Tab S3. Not setting about local decryption there also.

deahbe commented 1 year ago

Would it be possible that local decryption could be turned back on? This setting has been missing in the Android client for some time. If client-side decryption used to be able to be turned on, it will still work after the setting disappears from the app, but you can no longer turn it on on new devices. Please, it is very tedious to have to enter the password of each library over and over again.

freeplant commented 1 year ago

Hi, for the sake of reducing maintenance cost, we have removed the client side encryption for the Android client. We don't have a plan to add the feature back.

deahbe commented 1 year ago

Why only for Android, does this function remain included in the iOS version? Which app version has this feature removed? And why does client-side decryption still work after an app update, but no longer works after a new installation?

deahbe commented 1 year ago

I installed app version 2.1.0 and logged in with a user who doesn't have MFA because this version doesn't support MFA yet. Afterwards I activated client-side encryption in the settings. I then updated the app to the current version in the Play Store, logged in with my own user and now the client-side encryption works again.