Quick way check if session valid?

ramblingpolak
ramblingpolak
Community Member

Saw a few other discussions previously on both topics, wanted to add my 2¢ about looking for similar functionality.

I'm using fish shell and in order to keep my session available across terminals I have a function that currently does the following:

if test -z "$OP_SESSION_accountname"
  if test -e ~/.config/op/session
    set -gx OP_SESSION_accountname (cat ~/.config/op/session)
    op get account > /dev/null 2>&1
  else if test $status -ne 0
    set cmd (op signin | sed '/#/d; s/export/set -gx/; s/=/ /; s/"//g')
    eval $cmd
    echo "$OP_SESSION_accountname" > ~/.config/op/session
  end
end

The idea being to store the token in a file so it can be retrieved to avoid re-auth per tab. The only thing is, it's pretty slow to open a new terminal because op get account used to validate the session can take some time to return so it's not something I'm currently able to put in my ~/.config/fish/config.fish to run at each session start.


1Password Version: OP CLI 1.10.0
Extension Version: Not Provided
OS Version: macOS 11.4
Sync Type: Not Provided

Comments

  • Hello @ramblingpolak,

    That's a neat way to share your session across terminal tabs!

    You may be referring to a few other discussions about session duration, where we mention that the command-line tool has a 30-minute session timeout (an internal detail which is subject to change).

    We have been hearing more and more people ask about being able to modify this "auto-lock" value, similar to the feature in our other apps, or in your case, just being able to know if the session is still valid. It's something that we're talking about moving up in our project/feature sequence as a result. As usual, I can't make promises on timelines, but customer feedback always helps.

    Ultimately, the server is responsible for definitively knowing whether or not or session is valid, so, a definitive answer to the question "Is my session valid?" is going to require a network request. However, I think it might be useful in your case to have a non-definitive "It's been less than 30 minutes since your last command so you're probably still good to make another request" answer. A way for the command-line tool to answer the "Am I still logged in?" question, given that every other app makes that visually obvious.

    I'll forward such a request to the rest of the team. and we'll take a look at it.

    In the meantime, you might be able to write a wrapper function in fish around the op tool, that stores a time stamp to a specific file, such as ~/.config/op/timestamp. And then, your config.fish can read that time stamp and see if it's within 30 minutes or not, and use that to judge whether it is (likely) signed in or not. It's a bit of a workaround, I'll admit, but it might be fun to get working!

    I hope that this helps. Please let us know what you think, and feel free to write back if you have any other further questions.

  • ramblingpolak
    ramblingpolak
    Community Member

    Thanks for the quick reply! Here's an updated version then if it helps anyone. I've also changed the function name to shadow op so you don't need to run this at login, it'll just be evaluated lazily when you try to use the CLI.

    place in ~/.config/fish/functions/op.fish

    function op -d "Wrapper for the 1Password CLI to prompt you to sign in only when session is expiring"
      set op_bin "/usr/local/bin/op"
      if test -e ~/.config/op/session; and test (cat ~/.config/op/session_expiry) -gt (date +'%s')
        set -gx OP_SESSION_account_name (cat ~/.config/op/session)
      else
        set cmd ($op_bin signin | sed '/#/d; s/export/set -gx/; s/=/ /; s/"//g')
        eval $cmd
        echo "$OP_SESSION_account_name" > ~/.config/op/session
        echo (math -- (date +'%s') + 1500) > ~/.config/op/session_expiry
      end
      $op_bin $argv
    end
    
  • I'm glad to hear that it works. Thanks for sharing your updated script with the community!

This discussion has been closed.