daenamnu/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/all-in-one.git synced 2026-05-30 15:30:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

store and display deSEC password for user login at desec.io

Browse Source 
Agent-Logs-Url: https://github.com/nextcloud/all-in-one/sessions/4e99bcbc-4f32-45e6-af08-5026ce4b1f45

Co-authored-by: szaimen <42591237+szaimen@users.noreply.github.com>
This commit is contained in:
copilot-swe-agent[bot]
2026-04-24 21:48:19 +00:00
committed by GitHub
parent 83129d6a55
commit cb48bc5db0
4 changed files with 31 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
php/src/Controller/DesecController.php
View File

@@ -63,15 +63,16 @@ readonly class DesecController {
try {
if (!$accountAlreadyRegistered) {
// Register an account at deSEC and obtain an API token.
// The password is intentionally ephemeral: only the API token is needed for
// subsequent calls, so the password does not need to be stored.
// The password is stored so the user can log in to desec.io directly if needed.
$password = bin2hex(random_bytes(24));
$token = $this->registerDesecAccount($email, $password);
// Persist the token and email immediately so that a subsequent domain-registration
// failure leaves the account credentials stored and allows the user to retry.
// Persist the token, password and email immediately so that a subsequent
// domain-registration failure leaves the account credentials stored and allows
// the user to retry.
$this->configurationManager->startTransaction();
$this->configurationManager->setDesecToken($token);
$this->configurationManager->setDesecPassword($password);
$this->configurationManager->desecEmail = $email;
$this->configurationManager->commitTransaction();
}

16
php/src/Data/ConfigurationManager.php
View File

@@ -221,6 +221,22 @@ class ConfigurationManager
: '';
}
/**
* Stores the deSEC account password in the secrets store so the user can log in at desec.io.
*/
public function setDesecPassword(string $password): void {
$secrets = $this->get('secrets', []);
$secrets['DESEC_PASSWORD'] = $password;
$this->set('secrets', $secrets);
}
public function getDesecPassword(): string {
$secrets = $this->get('secrets', []);
return isset($secrets['DESEC_PASSWORD']) && is_string($secrets['DESEC_PASSWORD'])
? $secrets['DESEC_PASSWORD']
: '';
}
/**
* Returns true when the configured domain is a deSEC dedyn.io subdomain and a token is stored.
*/