pgcli icon indicating copy to clipboard operation
pgcli copied to clipboard
verified publisher icon dbcli

Adding port so keyring is not overwritten

Open bechampion opened this issue 1 month ago • 4 comments

Description

Keys in keychain are overwritten when same user/host is used (this happens a lot when you proxy over ssh where the host is always localhost and username pretty much is always the same)

Before change

image

After change

image

Checklist

  • [x] I've added this contribution to the changelog.rst.
  • [x] I've added my name to the AUTHORS file (or it's already there).
  • [x] I installed pre-commit hooks (pip install pre-commit && pre-commit install).
  • [x] Please squash merge this pull request (uncheck if you'd like us to merge as multiple commits)

bechampion avatar Nov 28 '25 13:11 bechampion

Yep, nice. Good catch.

DiegoDAF avatar Dec 03 '25 14:12 DiegoDAF

Thinking again, I could recommend user@host:port to be more like in ssh (or even pgpass format with colon)

And, maybe, or not, a "legacy" idea to try with the old format.

key_with_port = f"{user}@{host}:{port}"
passwd = auth.keyring_get_password(key_with_port)

if not passwd:
    key_legacy = f"{user}@{host}"
    passwd = auth.keyring_get_password(key_legacy)

# and ofc, save it in the new type with port
if passwd:
        auth.keyring_set_password(key_with_port, passwd)

DiegoDAF avatar Dec 03 '25 14:12 DiegoDAF

@DiegoDAF I think it's ok to not try for backwards compatibility in this case.

j-bennet avatar Dec 05 '25 00:12 j-bennet

yep, it's not necessary to keep the compatibility.

DiegoDAF avatar Dec 05 '25 18:12 DiegoDAF