op login --refresh option to sign in only if not currently signed in?

Community Member

I use the new 1password CLI (which is great!) heavily in shell scripts an aliases, to help me keep sensitive information out of my command-line history file, off the screen, away from possible clipboard attacks, etc.

It would be a lot easier and more convenient to do so if the CLI offered an option to "log in only if a valid session is not already established, otherwise no-op". I want to have

op signin --account myaccount --refresh

that checks for the existing OP_SESSION_foo env-var, checks the session isn't expired, and simply returns 0 without doing anything if the existing session is valid.

I presently work around this with a shell alias like

alias opsignin='if [ -z "$(op account list --format json | jq -r "(.[]|select(.shorthand==\"MY_TEAM_NAME\")|.user_uuid|(\"OP_SESSION_\"+.)|env[.]) // \"\"")" ]; then eval $(op signin --account MY_TEAM_NAME); else echo "already signed in to account MY_TEAM_NAME"; fi'

which is really something I'd like the CLI to provide. It should be a pretty trivial feature, and doesn't have significant security implications. Thoughts?

1Password Version: 2.0.1
Extension Version: Not Provided
OS Version: Fedora 36

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file