How to check if a session is active? (feature request)

cliKing
cliKing
Community Member
in CLI

In shell scripts I want to check that a session is active and valid and that it will still be active for the next x minutes.

The only output I need is an exit code: 0 or 1

AFAIK there is no built in command to do that so with CLI v1 I was using this:

if ! op list vault >/dev/null 2>&1; then
    printf 'No 1Password session. Run \e[35meval $(op signin "$OP_ACCOUNT")\e[m.\n' >&2
    exit 1
fi

With CLI v2, I'm transforming this as:

if ! op vault list >/dev/null 2>&1; then
    printf 'No 1Password session. Run \e[35meval $(op signin)\e[m.\n' >&2
    exit 1
fi

Is there a better way?

op whoami doesn't check the session.
op account get is slower than op vault list (mesured with time).
op user get --me is slow too.

Feature request: new command op signin --check or op session check

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: macOS
Browser:_ Not Provided

Comments

  • cliKing
    cliKing
    Community Member
    edited September 2022

    Cc: @ringerc (you posted a related question a few months ago)

  • jwhett
    jwhett
    Community Member

    I know this isn't a built-in, but I've been checking for the presence of OP_SESSION_RANDOMSTRING in the environment. grep returns non-zero when there isn't a match so something like env | grep OP_SESSION would give you the switch you're looking for until something is baked into the CLI.

    Hope this helps.

  • andi.t_1P
    andi.t_1P

    Hi @cliKing , so to confirm, what you are asking is a command that tells you for how many minutes will your current session still be active. If you would just like to find whether a session is still active or not op whoami should actually do the trick and it gives the same but cleaner answer about whether you are still in an active session than op vault list, and is pretty fast. op user get --me will show you when your last authentication was done but this is not deterministic for when your session will expire since the session is active for around half an hour since the last command you executed (for biometric unlock is 10 minutes), and not since your last sign in/authentication.

    So in order to determine for how many minutes you session will still be active, it's a matter of executing op whoami, and then if it succeeds, it will let you know that you do have a valid active session, and also you will know that this session will be active for 30 more minutes (or 10 if you are using biometric unlock) from that point on, since you just executed a command (op whoami). Otherwise, you need to sign in again, and then you will also know that your current session will last 30/10 more minutes.

    Let me know if you have further questions. All the best,
    Andi

This discussion has been closed.