ethanlipnik / opensesame Goto Github PK
View Code? Open in Web Editor NEWNative and encrypted password manager for iOS and macOS.
License: MIT License
Native and encrypted password manager for iOS and macOS.
License: MIT License
From what I can tell nonces are saved to the keychain and reused here.
Describe the solution you’d like
Similar to how it’s done in 1Password, I would like the account/login name and website to be separate. For some websites, I have multiple accounts that I want to clearly label inside OpenSesame. Additionally, the account name (and website URL) should be editable. Right now, only the username and password fields are editable.
On my first app open, I just hit enter in the master password, and I’m unable to change it. Also, I don’t think users should be able to do this.
Edit: forgot to mention that the reason it locks out the master password box is because it lets you set the password to blank, but on reopen, it doesn’t let you enter blank text in the master unlock page. How can I change the password after?
The README should also show screenshots of OpenSesame on Mac :)
Account names for saved logins
Sometimes a login doesn't have to have a website associated with it (e.g. computer logins, database credentials,...). Adding a account name field would
Describe the bug
On iOS app doesn’t add an item if the app is locked in the background
To Reproduce
Expected behavior
Lockscreen should be on top of the dialog. And it should be possible to add that item after unlocking.
Smartphone (please complete the following information):
Testing on an iPad Pro running iOS 15, on first launch when prompted to enter a new master password, the password field is not properly masked as a password and shows the full text entry.
Describe the bug
OpenSesame seems to keep crashing in the background without actually being open. It probably wouldn't matter when the app is on the App Store because there are no alerts for this but on the TestFlight build it's really annoying lol. I don't really know when it happens, but the device seems to be doing something in the background. When I use the device in the morning I get about 10 alerts at the same time about how OpenSesame crashed.
To Reproduce
I have no idea, probably just wait?
Expected behavior
It shouldn't crash
Screenshots
Couldn't get a screen recording of it because you can't open the control center when an alert is shown, I'll try to do that tomorrow morning via my computer. Hopefully it'll work.
iPad (please complete the following information):
Additional context
It's possible that this is an issue caused by the iOS 15 beta, but I haven't noticed this with any other app. I think I shared a crash report once, but didn't do it again because I don't wanna spam your ASC dashboard lol
When trying to import passwords from a CSV file generated by Safari, OpenSesame shows all entries, but clicking the Import
button has no effect whatsoever.
To Reproduce
Steps to reproduce the behaviour:
File
→ Import…
→ Web Browser…
in OpenSesameImport
Expected Behaviour
When clicking Import
, OpenSesame should import all passwords from the CSV file.
System Information
Is your feature request related to a problem? Please describe.
As title
Describe the solution you'd like
As title
Describe alternatives you've considered
N/A
Additional context
N/A
Originally posted by @EthanLipnik in #25 (comment)
Crashing on viewing saved passwords, autofill does nothing, exporting does nothing.
I noticed that the AppDelegates for both iOS/macOS - perform a call to registerForRemoteNotifications - yet neither has appropriate calls to get the DeviceToken e.g. application(_:didRegisterForRemoteNotificationsWithDeviceToken:) or to handle the error.
https://www.hackingwithswift.com/read/33/8/delivering-notifications-with-cloudkit-push-messages-ckquerysubscription suggests that the DeviceToken is silently made available to CK
If there was no error, we call registerForRemoteNotifications(), which creates a unique device token that can be used to message this device. That device token is silently handed off to CloudKit, so we don’t need to do anything other than request it.
I haven't seen in the app where CloudKit is using those notifications - so the probably naive question is...
Is the call to registerForRemoteNotifications needed for CloudKit integration or are both AppDelegates not needed? (and could the RemoteNotification entitlement be removed too?)
On macOS, the button for unlocking the vault with Face ID/Touch ID should show the Touch ID icon.
When you click on "Go to website", the app takes the domain entered by the user and prefixes "https://".
This is probably not ideal because of two cases (I can think of right now):
some sites might not support https. While this is generally bad, https isn't necessarily needed for local/internal websites. This might result in the site not being reachable because it doesn't have https and can't respond.
If the user added the url scheme to the "Website" field when adding a new account to the app (or possibly importing it from somewhere else?), the app/the browser can't open the site. example:
User input: https://google.com
Opened url: https://https://google.com
edit (because it's related to the url scheme thing): The name of the account is capitalized, which looks a bit weird when there's already a scheme in the url:
Bug description
When clicking the little "i" at the top right on the lock screen view, it shows an alert with an option to reset the password, but there's no way for the user to cancel the operation other than relaunching the app.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
There should be an option to dismiss the alert and to not reset the password. I clicked on it because I was curious what it is. Maybe the "Reset password" option should also have the descructive
attribute to make it red.
Is there a backup of the data stored when resetting the password? Because currently it's a bit easy to reset it and delete all data which is really bad when you store all logins within the app.
Device
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.