Skip to main content

CredentialsStore

lore_cli::cloud::credentials

Struct CredentialsStore

pub struct CredentialsStore { /* private fields */ }

Expand description

Credential storage abstraction.

By default, stores credentials in a JSON file (~/.lore/credentials.json). Can optionally use the OS keychain (macOS Keychain, GNOME Keyring, Windows Credential Manager) when enabled via use_keychain config option.

Implementations§

impl CredentialsStore

pub fn new() -> Self

Creates a new credential store with file-based storage (default).

Credentials are stored in ~/.lore/credentials.json with restricted permissions.

pub fn with_keychain(use_keychain: bool) -> Self

Creates a credential store with optional keychain support.

If use_keychain is true and the OS keychain is available, credentials will be stored in the keychain. Otherwise, falls back to file storage.

Note: On first keychain access, the OS may prompt for permission.

pub fn is_keyring_available() -> bool

Tests whether the keyring is available by attempting a dummy operation.

This is useful for checking if the OS keychain can be used before prompting the user about credential storage options.

pub fn is_secret_service_available() -> bool

Checks if a secret service is likely available on Linux.

On Linux, the keyring crate requires a running secret service (gnome-keyring, kwallet, etc.) to function. This method checks for common indicators that a secret service is available.

On non-Linux platforms, this always returns true since they have built-in credential storage (macOS Keychain, Windows Credential Manager).

pub fn store(&self, credentials: &Credentials) -> Result<(), CloudError>

Stores credentials securely.

Uses file storage by default, or keychain if enabled and available.

pub fn load(&self) -> Result<Option<Credentials>, CloudError>

Loads stored credentials.

Loads from keychain if enabled, otherwise from file storage. Also checks the alternate location for migration purposes.

pub fn delete(&self) -> Result<(), CloudError>

Deletes stored credentials.

Removes credentials from both file and keyring storage to ensure complete cleanup regardless of how they were stored.

pub fn store_encryption_key(&self, key_hex: &str) -> Result<(), CloudError>

Stores the derived encryption key securely.

The encryption key is stored separately from credentials and should be a hex-encoded string of the derived key bytes.

pub fn load_encryption_key(&self) -> Result<Option<String>, CloudError>

Loads the stored encryption key.

Returns the hex-encoded encryption key, or None if not stored.

pub fn delete_encryption_key(&self) -> Result<(), CloudError>

Deletes the stored encryption key.

Removes from both file and keyring to ensure complete cleanup.

Trait Implementations§

impl Default for CredentialsStore

fn default() -> Self

Returns the “default value” for a type. Read more

Auto Trait Implementations§

impl Freeze for CredentialsStore

impl RefUnwindSafe for CredentialsStore

impl Send for CredentialsStore

impl Sync for CredentialsStore

impl Unpin for CredentialsStore

impl UnwindSafe for CredentialsStore

Blanket Implementations§

impl<T> Any for T
where T: 'static + ?Sized,

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

impl<T> Borrow<T> for T
where T: ?Sized,

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

impl<T> BorrowMut<T> for T
where T: ?Sized,

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

impl<T> From<T> for T

fn from(t: T) -> T

Returns the argument unchanged.

impl<T> Instrument for T

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more

impl<T, U> Into<U> for T
where U: From<T>,

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

impl<T> PolicyExt for T
where T: ?Sized,

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow only if self and other return Action::Follow. Read more

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow if either self or other returns Action::Follow. Read more

impl<T> Same for T

type Output = T

Should always be Self

impl<T, U> TryFrom<U> for T
where U: Into<T>,

type Error = Infallible

The type returned in the event of a conversion error.

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

fn vzip(self) -> V

impl<T> WithSubscriber for T

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more