marius-wieschollek / passwords Goto Github PK
View Code? Open in Web Editor NEWA simple, yet feature rich password manager for Nextcloud
License: GNU Affero General Public License v3.0
A simple, yet feature rich password manager for Nextcloud
License: GNU Affero General Public License v3.0
re: #2 (comment)
Logging this separately so it doesn't drown in that other convoluted issue:
Tags on the main view would be useful for visual cues. They could either be fully worded or just 4px coloured borders on the left hand side (unless someone has another idea).
Your video shows images on passwords, however, I can't seem to do this or find a how to guide.
Please help
Hi, is there a way to load a csv export from legacy password app into the new app ?
is it hard to maintain php 7.0? In debian 9 it is the devault version,
After upgrading from 2018.3.0 to 2018.4.0 app crashes with errors.
open Passwords app
app does not load creates an error
Interner Serverfehler
Der Server konnte die Anfrage nicht fertig stellen.Sollte dies erneut auftreten, sende bitte die nachfolgenden technischen Einzelheiten an Deinen Server-Administrator.
Weitere Details können im Server-Protokoll gefunden werden.
Technische Details
Entfernte Adresse: 217.xxx.xxx.xxx
Anfragekennung: Wty36E4fQbwAACB8L2gAAAAH
Error-Log in backend displays message as follows:
Error index ParseError: syntax error, unexpected end of file
/var/www/REPLACED_FILE-FOLDER_LOCATION/lib/private/Template/Base.php - line 151: OC\Template\Base->load('/var/www/REPLACED_FILE-FOLDER_LOCATION...', NULL)
/var/www/REPLACED_FILE-FOLDER_LOCATION/lib/private/legacy/template.php - line 204: OC\Template\Base->fetchPage(NULL)
/var/www/REPLACED_FILE-FOLDER_LOCATION/lib/public/AppFramework/Http/TemplateResponse.php - line 157: OC_Template->fetchPage()
/var/www/REPLACED_FILE-FOLDER_LOCATION/lib/private/AppFramework/Http/Dispatcher.php - line 114: OCP\AppFramework\Http\TemplateResponse->render()
/var/www/REPLACED_FILE-FOLDER_LOCATION/lib/private/AppFramework/App.php - line 115: OC\AppFramework\Http\Dispatcher->dispatch(Object(OCA\Passwords\Controller\PageController), 'index')
/var/www/REPLACED_FILE-FOLDER_LOCATION/lib/private/AppFramework/Routing/RouteActionHandler.php - line 47: OC\AppFramework\App main('OCA\Passwords\C...', 'index', Object(OC\AppFramework\DependencyInjection\DIContainer), Array)
[internal function] OC\AppFramework\Routing\RouteActionHandler->__invoke(Array)
/var/www/REPLACED_FILE-FOLDER_LOCATION/lib/private/Route/Router.php - line 297: call_user_func(Object(OC\AppFramework\Routing\RouteActionHandler), Array)
/var/www/REPLACED_FILE-FOLDER_LOCATION/lib/base.php - line 998: OC\Route\Router->match('/apps/passwords...')
/var/www/REPLACED_FILE-FOLDER_LOCATION/index.php - line 37: OC handleRequest()
{main}
2018-04-22T18:27:21+0200
Passwords settings in backend displays error message as follows:
t('PHP %s is no longer supported.', [PHP_VERSION])); ?> t('Please check the system requirements.')); ?>
t('Passwords requires HTTPS.')); ?> t('Please check the system requirements.')); ?>
app should show stored password entries
Just updated as the NextCloud notification said a new version of Password was available.
After the update internal server error occured.
Simply deleted the app to get the nextcloud working again.
Updated from previous version porperly the password-legacy.
It seems, there are a few possibilities to import passwords from csv (passwords, passman, other). I have a csv file from keepass, which has the following columns:
"Account","Login Name","Password","Web Site","Comments"
Of cource I could work my notepad++ magic and change stuff around, but I do not know what the importer expects. What I did is, to export a password from passwords to csv, and then fill the fields like the export does, regarding, that I do not have an ID and Version ID String, nor a changedate. Since that did not work, I need better instructions how to modify my csv, so that it gets imported.
The migration tool made everything [username]@[website], but that's not very useful in the long term or for usability. I also wouldn't insert things like that as I want to be able to scroll down via the website name not my username.
Either the username needs to be generally visible or a "Copy username" needs to be in the menu and/or the sidebar needs to be able to pinned open.
If I need to get a password via a mobile device it'll be hard to access currently.
Hi, great work. very nice app.
If you have users mapped from LDAP usernames are not suitable for user search to share a password.
It would be better searching users by their external names. A hit list with incomplete name input would be great.
What does happen?
What should happen?
Thanks a lot for your work Marius - very usefull app!
exporting from Keepass to CSV (just one password or a bunch of passwords)
try to import whatever preselected structur - generic, Keepass (thx for putting in Keepass!)
direct after opening the file i get this javascript error: wrong file type {type} produced by app.js
Same CSV worked with Passman App.
I tried a lot of different things but always the same result.
I don't have ideas anymore - except putting in hundred passwords manualy ;-)
Thx a lot
Kai
It would be nice to support passwords without the requirement of specifying a user name. I would for example like to store the administration password of my local router (AVM FritzBox) which just requires a password but no user name.
Currently the web interface requires me to enter a user.
Hi
I just found your app and it looks great.
Is it possible to share a folder or tag to other users or groups?
I would love to find a easy way, sharing bunch of passwords to team
Thanks
Chris
The plugin deactivates itself after round about 1 minute. There are no logs for this plugin visible.
Plugin is deactivated
Plugin shall remain activated
Install passwords app and update over the web interface.
Update fails due to following error:
PHP Fatal error: Interface 'OCP\Migration\IMigrationStep' not found in /var/www/nextcloud/apps/passwords/lib/Migration/LegacyDatabaseMigration.php on line 24
The error is probably caused by the IMigrationStep interface introduced in nextcloud 13 which is not present in nexcloud 12 and breaks the update of the passwords app.
Update goes through without problems.
I downloaded the new Nextcloud Version 13.0.2 and upgraded my instance following the guide in the wiki Wiki
Hello,
When we press the update button for the newest version from the app list of NextCloud, the button text stays in updating and the server gets stuck in maintenance mode. This is only happening with this update, and we have tried 3 times with the same result.
Best regards,
Fernando Covecino
I had been using the password app from fcturner. After I have migrated nc11 from standalone ubuntu to nc 12 on debian docker, I have lost my passwords in password app.
I have tried to reexecute the migration, but without success. All passwords seem to be still in db.
I applied my old instanceid and secret. How could I manully decrypt or restore my passwords?
I really like that the app checks if its running on https. Unfortunately I'm running nextcloud behing a reverse proxy which prevents me from using the app.
Checking "X-Forwarded-Proto" would fix this problem :)
Hello,
I installed this app on my Nextcloud today. The problem is that I'm getting the "HTTPS REQUIRED" page, blocking access to the app. The fun part is that my domain is fully in HTTPS 😃
I guess the problem is that my Nextcloud server is internally forwarded (in HTTP) to a reverse proxy, which then serves it in HTTPS to the client (me). The check of your app seems to be on server side, although the most important part is the final request sent to the client.
I hope my explanation is clear. Here is my setup:
OS: Debian 9 (stretch) up-to-date
Server: nginx/1.12.2 (reverse proxy that forwards requests to Apache/2.4.25. Nextcloud is processed by Apache)
HTTPS: Yes, enabled in nginx (with Let's Encrypt)
PHP version: 7.2.2
Nextcloud version: 13.0.0
Thank you for your help and your awesome work!
Hi
I'm running Nextcloud via docker, behind another ontainer which is dealing with HTTPS. Seems your apps doesn't acknowledge that, it's preventing me from using it with a splash screen asking for HTTPS...
Please add a button so an admin user can ignore the warning.
Best regards,
Currently, no activities are created for adding/editing/deleting passwords. This is of course a minor issue, but would be nice to have to allow auditing of passwords.
No activities recorded.
The Passwords app should create activities whenever passwords are
So after the request here to test the app I gave it a go.
I backed up the db, made sure I was on 2017.11 and then downloaded the master.zip from this repo, unpacking the src folder to the nextcloud/apps folder as passwords.
I did the upgrade, let it do the haveibeenpwned.com web service checks and then tried to access the app via the link and was presented with a blank screen.
The console log of the browser states it is unable to find the files in js/Static/
Hi,
Im sure the feature set wouldnt be as good, but can we have passwords at least work in ie & edge
Thanks
ZT
I am using a fresh install under NC13. When I am starting the app, the spinner in the middle of the empty page never stops. When I am trying to add a folder or password, the message at the top "creation of the folder failed" (maybe not 100% correct due to translation) pops up. Any ideas? File rights in passwords folder are 755 and owner is apache.
Currently the behaviour is the edit time changes regardless of the data changed, it should only reflect the modification time of the password (and possibly the username).
'New Password' form doesn't warn user about truncating of content, which exceeds length limit. User may loose his data, because he doesn't know about this.
I checked only Notes field, but probably the problem occurs on the other fields.
Saved text is shorter than text in step 3.
All my passwords seem to have been breached, but when i look for them on the haveibeenpowned website they aren't breached. How is this possible that all of my passwords get this insecure status when the source where it checks (haveibeenpowned) doesn't report them as breached?
Im reporting this since i found it really weird that all of my passwords have been breached, since some of them have been generated by the passwords app and are not for online services, but for use only internally so they cannot have been leaked.
They shouldn't have been reported as breached, since the website doesn't report them as breached.
It would be useful to have possibility to attach files like RSA keys.
Currently in passwords view, no matter if it is all passwords view or folder view, passwords list has only name, password strenght indicator, more indicator, date changed.
It is very important that this list has also username column which in case of two different usernames for the same name, one could easly distinguish the difference.
The workaround for this is to add the username manually to name filed but it make it more cumbersone.
In folder view search should be working accross all folders, but it is not.
I think it is more feature request than an issue.
As email and notification settings are getting added to the latest git version, I was hoping to request these settings to also appear in the Admin --> Activity --> Default Settings. This way new users could automatically be setup for emails on passwords being shared with them, should the admin deem this necessary.
It would greatly simplify our usage. Thanks!
Hi, first of all thanks for the great work :)
Just upgraded from NC 12.0.5 to NC 13.0.0 RC3 and I can't activate Passwords anymore :/
root@host1:/var/www/nextcloud# sudo -u www-data php occ app:enable passwords
[Exception]
App "Passwords" cannot be installed because it is not compatible with this version of the server.
app:enable [-g|--groups GROUPS] [--]
root@host1:/var/www/nextcloud#
You state Passwords works on "Nextcloud 12+", does that include NC13 or if this true for NC12* only ?
Regards
I did install the nightly version (27 Feb) and now I am having new problems, I did not have before:
When I click on details, I get " the module Marked could not get loaded. Possibly the connection to Nextcloud is broken" and when I click on edit, I get " the module SimpleMde could not get loaded. Possibly the connection to Nextcloud is broken" and the NoticeBox is no longer present. I translated the error messages, so they are not verbatim.
I reverted to another nightly (23 Feb) working fine. If you cannot reproduce those errors and need me to investigate more, I will install it and try again, but until you order me to do that, I will stay with the working version.
Create password, attempt to share with another user, select username from autocomplete.
Error shows up on top of Nextcloud window, stating: "Unable to share password: Invalid receiver uid"
Username should show up in Shared list.
I am using LDAP users. Sharing worked fine on previous version of Password 2018-v3.0
{"reqId":"095ukOijSl9Mn83Nnfky","level":3,"time":"2018-04-26T13:14:34-05:00","remoteAddr":"X.X.X.X","user":"bob","app":"passwords","method":"POST","url":"/index.php/apps/passwords/api/1.0/share/create","message":"Exception: {"Exception":"OCA\\Passwords\\Exception\\ApiException","Message":"Invalid receiver uid","Code":256,"Trace":"#0 [internal function]: OCA\\Passwords\\Controller\\Api\\ShareApiController->create('c0e9d810-0544-4...', 'alice', 'user', NULL, false, true)\n#1 \/var\/www\/nextcloud\/lib\/private\/AppFramework\/Http\/Dispatcher.php(161): call_user_func_array(Array, Array)\n#2 \/var\/www\/nextcloud\/lib\/private\/AppFramework\/Http\/Dispatcher.php(91): OC\\AppFramework\\Http\\Dispatcher->executeController(Object(OCA\\Passwords\\Controller\\Api\\ShareApiController), 'create')\n#3 \/var\/www\/nextcloud\/lib\/private\/AppFramework\/App.php(115): OC\\AppFramework\\Http\\Dispatcher->dispatch(Object(OCA\\Passwords\\Controller\\Api\\ShareApiController), 'create')\n#4 \/var\/www\/nextcloud\/lib\/private\/AppFramework\/Routing\/RouteActionHandler.php(47): OC\\AppFramework\\App::main('ShareApiControl...', 'create', Object(OC\\AppFramework\\DependencyInjection\\DIContainer), Array)\n#5 [internal function]: OC\\AppFramework\\Routing\\RouteActionHandler->__invoke(Array)\n#6 \/var\/www\/nextcloud\/lib\/private\/Route\/Router.php(297): call_user_func(Object(OC\\AppFramework\\Routing\\RouteActionHandler), Array)\n#7 \/var\/www\/nextcloud\/lib\/base.php(998): OC\\Route\\Router->match('\/apps\/passwords...')\n#8 \/var\/www\/nextcloud\/index.php(37): OC::handleRequest()\n#9 {main}","File":"\/var\/www\/nextcloud\/apps\/passwords\/lib\/Controller\/Api\/ShareApiController.php","Line":199}","userAgent":"Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.183 Safari/537.36 Vivaldi/1.96.1147.32","version":"13.0.1.1"}
Hi, it would be a nice feature to have extra password fields (or other types of text fields) for PINs/PUKs (Mobil-Simcard) or second password for account restore and so on.
Example: In the app passman it is possible (not perfect) to add extra fields with different field types (simple textarea, password field, ...).
In KeyPass it is also possible to add custom fields to login.
/apps/passwords/#/folders
+
-> New Folder
Yes
Folder not created. Error notice appears on top with: Creating folder failed
Folder shpuld be created.
Doctrine\DBAL\Exception\DriverException: An exception occurred while executing
'INSERT INTO "passwords_entity_folder_revision"("user_id","uuid","deleted","created","updated","model","favourite","label","parent",
"cse_type","hidden","trashed","edited","sse_type","client","sse_key")
VALUES(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)'
with params ...
SQLSTATE[22001]: String data, right truncated: 7 ERROR: value too long for type character varying(32)
ERROR: value too long for type character varying(32)
for attribute sse_key
Im getting the error:
HTTPS Required
I think this is because im on a reverse proxy, and the traffic from my reverse proxy to nextcloud is http it doesnt recognize this. Is there a way to fix this? I dont want to get rid of my reverse proxy since it handles all my certificates and renews them automatically.
I would love a solution.
If you need more info just drop me reply
What does happen?
What should happen?
I can export the csv file.
See https://help.nextcloud.com/t/firefox-extension-cannot-save-new-passwords/31556
Firefox 60.0
Firefox Passwords extension 1.5.0
NextCloud 13.0.2
NextCloud Passwords 2018.5.1
Error in NextCloud logs
Error index ArgumentCountError: Too few arguments to function OCA\Passwords\Services\Object \PasswordRevisionService::create(), 13 passed in /var/www/nextcloud/apps/passwords/lib/Controller/Api/Legacy/LegacyPasswordApiController.php on line 162 and exactly 14 expected
/var/www/nextcloud/apps/passwords/lib/Controller/Api/Legacy/LegacyPasswordApiController.php - line 162: OCA\Passwords\Services\Object\PasswordRevisionService->create('ff22255e-2a40-4...', 'xxx', 'gcotnoir', 'none', '', '[email protected]...', 'https //git.mdn...', '', '00000000-0000-0...', '1526000974', 0, false, false)
[internal function] OCA\Passwords\Controller\Api\Legacy\LegacyPasswordApiController->create('xxx', 'gcotnoir', 'https //git.mdn...', NULL, NULL)
/var/www/nextcloud/lib/private/AppFramework/Http/Dispatcher.php - line 161: call_user_func_array(Array, Array)
/var/www/nextcloud/lib/private/AppFramework/Http/Dispatcher.php - line 91: OC\AppFramework\Http\Dispatcher->executeController(Object(OCA\Passwords\Controller\Api\Legacy\LegacyPasswordApiController), 'create')
/var/www/nextcloud/lib/private/AppFramework/App.php - line 115: OC\AppFramework\Http\Dispatcher->dispatch(Object(OCA\Passwords\Controller\Api\Legacy\LegacyPasswordApiController), 'create')
/var/www/nextcloud/lib/private/AppFramework/Routing/RouteActionHandler.php - line 47: OC\AppFramework\App main('LegacyPasswordA...', 'create', Object(OC\AppFramework\DependencyInjection\DIContainer), Array)
[internal function] OC\AppFramework\Routing\RouteActionHandler->__invoke(Array)
/var/www/nextcloud/lib/private/Route/Router.php - line 297: call_user_func(Object(OC\AppFramework\Routing\RouteActionHandler), Array)
/var/www/nextcloud/lib/base.php - line 999: OC\Route\Router->match('/apps/passwords...')
/var/www/nextcloud/index.php - line 37: OC handleRequest()
{main}
I tried installing this plugin on my NC12.0.5 on a shared OVH host (runs NC quite crappy to be honest) but I just get a blank page. No error message in the NC log or the browser console that seems to be related.
Is there any requirement for this app to work? Maybe some security setting without it displays nothing?
I suspect this is already todo, but currently the two options are both entirely letter based (and quite short).
I've already run in to the issue that a website REQUIRES a number, but neither automatic option provide this.
Also a length option would be desirable as well as a special char option like the old app.
See:
passwords/src/js/ApiClient/EnhancedApi.js
Line 682 in dfb5db2
Throws: Content Security Policy: The page's settings blocked the loading of a resource at http://localhost/core/img/filetypes/folder.svg
The http://localhost part probably wants to be qualified properly using window.location
?
In the upgrade process errors are thrown, e. g.
0/3 [>---------------------------] 0%Repair warning: Failed migrating password #4: Too few arguments to function OCA\Passwords\Services\Object\PasswordRevisionService::create(), 13 passed in /var/nextcloud/apps/passwords/lib/Migration/Legacy/LegacyPasswordMigration.php on line 141 and exactly 14 expected in /var/nextcloud/apps/p... [message is cut here]
Migration should run without errors and passwords should show up.
Furthermore, if I try to run again by repeating "occ config:app:set passwords installed_version --value 2017.12" and afterwards "occ upgrade" the upgrade mechanism is no longer triggered. Is this intended?
There is a bug a latest firefox version (here is 60)
Clicking on a password field on the extension popup immediately closes the popup
here is the bug report
https://bugzilla.mozilla.org/show_bug.cgi?id=1461591
Any thought on a workaround ?
Hey there,
is it possible to share complete folders or tags with a user group? Such feature would be awesome, e.g. for board/marketing/presales/customers groups :-)
PS: Thank you for the great alternative, which is much more integrated into nextcloud.
So i have found that after being in Passwords App, if i go back to my File list (which is only made up of External Storage mounts), they are then not accessible.
The Auth against External mounts, when this fails is
I did notice that if the external mounts uses these settings its ok
Also when in this 'state' the desktop client can also no longer sync those external mounts either !
Thanks
ZT
The minimum version to install this app is PHP 7.1. The maximum version number of Debian without backports is 7.0. I''ve running a Openmediavault nas with debian Jessie. The default php version on Jessie is 5.6. Is it possible to get this app running with an older version of PHP?
Otherwise i cant' install this app and the only alternative is to run Passman.
Describe your issue here and remember not to include personal data as this is public.
Using Nextcloud behind Nginx reverse proxy and HTTPS not detected even though it's working perfectly fine.
HTTPS failure in Passwords app.
Passwords app should work since HTTPS is working.
I browsed through closed threads about this issue. My config.php has both 'overwriteprotocol' => 'https', and 'forcessl' => true, and I'm still having this issue. There are no errors in the Nextcloud logs and https is working perfectly in Nextcloud. Any idea how to overcome this issue? Thanks.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.