Support for password input via command line (or generic password input)
redstreet opened this issue · 5 comments
I'm wondering if you'd be open to adding other means for password input than just python-keyring (which I don't and can't use). Here are a few suggestions:
-
--password
option so it can be specified on the command line. This sounds insecure at first glance, but this is for use in scripting (eg:--password $(/usr/bin/pass bank/login)
-
--password-command
option that is common in command line environments. Example:
export RCLONE_PASSWORD_COMMAND="pass rclone/config"
. The username specified by -u would need to be sent as a parameter to this command so it knows what password to return.
Thoughts/opinions?
Thank you for writing and maintaining ofxtools BTW, it's very helpful!
Sure, pass
is good stuff.
I think having a password
arg will be make for nicer code... let the shell handle its own business; we don't want ofxget
opening subprocesses, really.
The main thing is to ensure that passing the write
arg doesn't dump the p/w to user config file. Secondary priority is to ignore the p/w in config file if the user puts it there.
That just leaves it in the .bash_history
or what have you if the user types it in, and shoulder surfing. Getting down in the weeds of a realistic threat model for an obscure library used exclusively by technofinance weenies. Could put some language in the help
reminding the user not to do anything stupid.
Great. I'll send a PR when I have a bit of time later in the month.
Have at it. Should be pretty easy. Just a heads-up: add an empty string default for the new arg to ofxtools.scripts.ofxget.DEFAULTS
. Do not under any circumstances add password
to ofxtools.scripts.ofxget.configurable_user
.
PR #113. Turned out to be trivial because of CONFIGURABLE
-
--write
does not dump password (it doesn't, since it's not in CONFIGURABLE) - ignore password in config file (ditto)
- add to
ofxtools.scripts.ofxget.DEFAULTS
- do not add to
ofxtools.scripts.ofxget.configurable_user
Trivial is how I like it!