Token is stored with read write permissions for user only.

2021-11-01 12:13:53 +01:00 · 2021-11-01 12:13:53 +01:00 · cf9ad69a04
parent 3373bda4b9
commit cf9ad69a04
1 changed files with 8 additions and 4 deletions
--- a/misc/userscripts/qute-1pass
+++ b/misc/userscripts/qute-1pass
@ -63,17 +63,21 @@ EOF
 }

 URL=$(echo "$QUTE_URL" | awk -F/ '{print $3}' | sed 's/www.//g')
+TOKEN_TMPDIR="${TMPDIR:-/tmp}"
+TOKEN_CACHE="$TOKEN_TMPDIR/1pass.token"
+
 echo "message-info 'Looking for password for $URL...'" >> "$QUTE_FIFO"

-if [ -f "$HOME/tmp/1pass.token" ]; then
-    TOKEN=$(cat "$HOME/tmp/1pass.token")
+if [ -f "$TOKEN_CACHE" ]; then
+    TOKEN=$(cat "$TOKEN_CACHE")
    if ! op signin --session="$TOKEN" --output=raw > /dev/null; then
        TOKEN=$(rofi -dmenu -password -p "1password: "| op signin --output=raw) || TOKEN=""
-        echo "$TOKEN" > "$HOME/tmp/1pass.token"
+        echo "$TOKEN" > "$TOKEN_CACHE"
    fi
 else
    TOKEN=$(rofi -dmenu -password -p "1password: "| op signin --output=raw) || TOKEN=""
-    echo "$TOKEN" > "$HOME/tmp/1pass.token"
+    install -m 600 /dev/null $TOKEN_CACHE
+    echo "$TOKEN" > "$TOKEN_CACHE"
 fi