Check for session validity/expected timeout?
Previously (pre 1.0) I could check if there was a valid session, and work out when it would time out like this:
function getoplimit { shopt -s nullglob; for file in $TMPDIR/com.agilebits.op.`id -u`/.??*; do jsq accessed < $file done | \ sed -Ee 's/\.[0-9]{4,}//g' -e 's/"//g' -e 's/([-+][0-9]{2}):([0-9]{2})/\1\2/g' | \ while read date; do date -jf "%FT%T%z" -v+30m "$date" "+%s" done | \ max }
Now the accessed field is gone, and I am left wondering if decoding the file contents would tell me what I want (it seems to be some kind of jwe encoded data?), or if there's a better way to find this?
1Password Version: cli 1.0.0
Extension Version: Not Provided
OS Version: 10.15.4
Sync Type: Not Provided
Comments
-
Hi @CamJN ! We had to change this because when multiple
op
processes ran in parallel, they would potentially update the session file at the same time which could result in corrupt JSON data. Apparently cross-platform file locking isn't straightforward.So instead we just directly update the last modified time of the file via platform specific system calls. So getting the modification time via
ls
might work?However, I think we should either add a command to check the existence or a session or use a specific exist code to indicate that no session is available (for a specific account at least).
0 -
Ah gotcha, so the file modification time should be reasonably reliable as a "last accessed" timestamp. I can work with that for now.
0 -
I updated the function as follows:
function getoplimit { shopt -s nullglob; for file in $TMPDIR/com.agilebits.op.`id -u`/.??*; do stat -t '%s' -f '%Sm' "$file" done | while read date; do date -jf "%s" -v+30M "$date" "+%s" done | max 2>/dev/null }
Seems to work.
0 -
Great! Thanks for the update. :)
Ben
0 -
Useful post - I was looking for something around this.
I'm sure there are plenty of priorities :) ... but it would be great if
op signin shorthand
could (optionally?) shortcut when a session is already active.This would make it much easier to generate aliases of chained commands for feeding passwords via stdin into other things (without having to manually check timestamps and work it out ourselves)
0 -
@danhopkins we are working on an improved solution for this, stay tuned :)
0 -
@cohix great to hear, thanks for the response :)
0 -
On behalf of cohix, you are very welcome @danhopkins :)
0