gmail: switch to ~/.netrc for login storage
Login information is now kept in the ~/.netrc file, which should be readable only by the owner. This should solve futher problems with unquoted characters addressed in the last commit. The format of the ~/.netrc file is as follows (also documented in the README): machine mail.google.com login user password pass
This commit is contained in:
Adrian C. (anrxc)
parent
1c0cefff8b
commit
77d1a0ba2f
15
README
15
README
|
|
@ -131,11 +131,12 @@ great for saving power.
|
|||
|
||||
Security
|
||||
--------
|
||||
|
||||
At the moment only one widget type (Gmail) requires auth. information
|
||||
in order to get to the data. In the future there could be more, and
|
||||
you should give some thought to the issue of protecting your data. The
|
||||
Gmail widget type by default stores login information in the module it
|
||||
self, and you are advised to make sure that file is only readable by
|
||||
Gmail widget type by default stores login information in the ~/.netrc
|
||||
file, and you are advised to make sure that file is only readable by
|
||||
the owner. Other than that we can not force all users to conform to
|
||||
one standard, one way of keeping it secure, like in some keyring.
|
||||
|
||||
|
|
@ -152,11 +153,9 @@ be done with tools like "dbus-send" and "qdbus". The Gnome keyring
|
|||
should support the same, so those with parts of Gnome installed could
|
||||
use that keyring.
|
||||
|
||||
Some users move their login into an external file and read it from
|
||||
there. Not much different than keeping it in the module, but what if
|
||||
you encrypt the file with your GPG key? Users of the GPG Passphrase
|
||||
Agent could decrypt the file transparently while their session is
|
||||
active.
|
||||
Users of GnuPG (and its agent) could consider encrypting the netrc
|
||||
file with their GPG key. Trough the GPG Passphrase Agent they could
|
||||
then decrypt the file transparently while their session is active.
|
||||
|
||||
|
||||
Widget types
|
||||
|
|
@ -271,6 +270,8 @@ vicious.widgets.gmail
|
|||
- takes an (optional) argument, if it's a number subject will be
|
||||
truncated, if a table, with 1st field as maximum lenght and 2nd
|
||||
the widget name (i.e. "gmailwidget"), scrolling will be used
|
||||
- keeps login information in the ~/.netrc file, example:
|
||||
machine mail.google.com login user password pass
|
||||
- returns a table with string keys: {count} and {subject}
|
||||
|
||||
vicious.widgets.entropy
|
||||
|
|
|
|||
24
gmail.lua
24
gmail.lua
|
|
@ -8,8 +8,11 @@ local type = type
|
|||
local tonumber = tonumber
|
||||
local io = { popen = io.popen }
|
||||
local setmetatable = setmetatable
|
||||
local string = { match = string.match }
|
||||
local helpers = require("vicious.helpers")
|
||||
local string = {
|
||||
find = string.find,
|
||||
match = string.match
|
||||
}
|
||||
-- }}}
|
||||
|
||||
|
||||
|
|
@ -21,37 +24,32 @@ module("vicious.gmail")
|
|||
local rss = {
|
||||
inbox = {
|
||||
"https://mail.google.com/mail/feed/atom",
|
||||
"Gmail - Inbox for "
|
||||
"Gmail %- Inbox"
|
||||
},
|
||||
unread = {
|
||||
"https://mail.google.com/mail/feed/atom/unread",
|
||||
"Gmail - Label 'unread' for "
|
||||
"Gmail %- Label"
|
||||
},
|
||||
--labelname = {
|
||||
-- "https://mail.google.com/mail/feed/atom/labelname",
|
||||
-- "Gmail - Label 'labelname' for "
|
||||
-- "Gmail %- Label"
|
||||
--},
|
||||
}
|
||||
|
||||
-- Todo: safer storage, maybe hook into Kwallet
|
||||
local cfg = {
|
||||
user = "", -- user@gmail.com
|
||||
pass = "", -- users password
|
||||
feed = rss.unread -- default is all unread
|
||||
}
|
||||
-- Default is all unread
|
||||
local feed = rss.unread
|
||||
-- }}}
|
||||
|
||||
|
||||
-- {{{ Gmail widget type
|
||||
local function worker(format, warg)
|
||||
local auth = cfg.user ..":".. cfg.pass
|
||||
local mail = {
|
||||
["{count}"] = 0,
|
||||
["{subject}"] = "N/A"
|
||||
}
|
||||
|
||||
-- Get info from the Gmail atom feed
|
||||
local f = io.popen("curl --connect-timeout 1 -m 3 -fsu '"..auth.."' "..cfg.feed[1])
|
||||
local f = io.popen("curl --connect-timeout 1 -m 3 -fsn " .. feed[1])
|
||||
|
||||
-- Could be huge don't read it all at once, info we are after is at the top
|
||||
for line in f:lines() do
|
||||
|
|
@ -61,7 +59,7 @@ local function worker(format, warg)
|
|||
-- Find subject tags
|
||||
local title = string.match(line, "<title>(.*)</title>")
|
||||
-- If the subject changed then break out of the loop
|
||||
if title ~= nil and title ~= cfg.feed[2] .. cfg.user then
|
||||
if title ~= nil and not string.find(title, feed[2]) then
|
||||
-- Check if we should scroll, or maybe truncate
|
||||
if warg then
|
||||
if type(warg) == "table" then
|
||||
|
|
|
|||
Loading…
Reference in New Issue