When closing client app and reopening it, authorization setting are not saved (only desktop)

[vadim-a-yegorov]

Description

When closing client app and reopening it, nor server IP, nor login and password are not saved.

Details

Every time the app is opened, it requires user to put server and login information again, which is not an expected behavior.

How to solve

• Debug server data saving mechanism which is completely broken
• Debug authorization saving mechanism which is completely broken
• Consider using reliable and sustainable storage for server data and login such as localStorage.
• Consider using safe and secure storage for passwords only such as safeStorage

[CheatCod]

This should be fixed in the latest 0.5.0 beta release

[CheatCod]

Passwords hashes are salted and stored securely per industry standard. We never store plain passwords.

[CheatCod]

Note that this issue is not related to data saving mechanism at all. The problem is if you have any instance running when you close the app, Lodestone Core, which includes a web server, will still be running in the background.

Now if you open the app again, it will try to start another core, which will fail since you can't start two web servers the same address, so it will connect to the core in the background and gets really confused.

The latest beta partially fixed this issue by first quitting the app to the system tray, and when you right click and click "quit" on the tray item it will issue shutdown to all running instances.

Lodestone-Team/lodestone_core#174 This PR will ensure that only one core runs at any time.
#279 Aims to add an error screen if core cannot start up

[CheatCod]

actually, this could be a safari issue since I just noticed you are using MacOS. If what I said above is not the case (I'm assuming you are connecting to a remote core), then please use https://www.lodestone.cc/ to connect to your core on a chromium browser for now

[vadim-a-yegorov]

Passwords hashes are salted and stored securely per industry standard. We never store plain passwords.

Somehow important how secure passwords are stored but more important that they are not stored at all.

[CheatCod]

Passwords hashes are salted and stored securely per industry standard. We never store plain passwords.

Somehow important how secure passwords are stored but more important that they are not stored at all.

This issues are related to each other: #284, #285, #287

Can you verify that the credentials are created by visiting ~/.lodestone/stores/users.json?

[vadim-a-yegorov]

Should be labeled as a bug.

[CheatCod]

There are quite a lot of variables at play. I am assuming that you are using the desktop client on MacOS to connect to a remote core. In that case, it may be a problem with how Safari handles localstorage. Can you try using https://www.lodestone.cc/ on a chromium browser and see if the issue persists?

[vadim-a-yegorov]

More explanation from me:

1. I delete ~/.lodestone folder to reset everything.
2. I'm opening Lodestone GUI app and it requires me to setup localhost lodestone_core, doesn't allow me to setup remote connection first but okay.
3. I do localhost setup and login to localhost, but I don't need to work with localhost and I'm logging out.
4. Now I have an option to connect to remote host, I'm connecting to remote host and putting my login credentials.
5. Now if I will close the app and reopen it, remote server IP and credentials are not saved but localhost ones are saved.

Can you verify that the credentials are created by visiting ~/.lodestone/stores/users.json?

Yes, I see in users.json only my localhost credentials and they are not updating when I'm trying to add remote.

[CheatCod]

I'm opening Lodestone GUI app and it requires me to setup localhost lodestone_core

I will try to see if this behavior can be changed. Tracked in #290

Confirmed defect, reproduced on Windows.

Sorry for the inconvenience, but the best way to get around this issue while we work on a fix is to use https://www.lodestone.cc/ on a chromium browser, and see if that solves your problem

[vadim-a-yegorov]

This issue occurs only on:

• Electron (macOS Monterey 12.3.1 tested)

[CheatCod]

I'm not sure why this still happens on chrome as I couldn't reproduce it on my end.

Confirm that after you successfully connect and login to a remote core, the web app does not automatically log you back in when reopened?