diff options
| author | Andrew Dolgov <fox@fakecake.org> | 2025-04-08 09:36:04 +0300 |
|---|---|---|
| committer | Andrew Dolgov <fox@fakecake.org> | 2025-04-08 09:36:04 +0300 |
| commit | eedc1460e5dadb00a731c1974642a4db7ab30868 (patch) | |
| tree | d00876cda056fa5201365d3e0760317b7090b40f /classes/Feeds.php | |
| parent | 25d3ce4ee8f411a19c3a0e69ebb5c575c16243a8 (diff) | |
support transparent encryption for feed passwords, bump schema to drop length limit of ttrss_feeds.auth_pass
Diffstat (limited to 'classes/Feeds.php')
| -rw-r--r-- | classes/Feeds.php | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/classes/Feeds.php b/classes/Feeds.php index 7a81ec6c0..7d818598d 100644 --- a/classes/Feeds.php +++ b/classes/Feeds.php @@ -2376,5 +2376,29 @@ class Feeds extends Handler_Protected { return [$query, $skip_first_id]; } + + /** decrypts encrypted feed password if possible (key is available and data is a base64-encoded serialized object) + * + * @param $auth_pass possibly encrypted feed password + * + * @return string plaintext representation of an encrypted feed password if encrypted or plaintext password otherwise + * */ + static function decrypt_feed_pass(string $auth_pass) : string { + $key = Config::get(Config::ENCRYPTION_KEY); + + if ($auth_pass && $key) { + $auth_pass_serialized = @base64_decode($auth_pass); + + if ($auth_pass_serialized) { + $unserialized_data = @unserialize($auth_pass_serialized); + + if ($unserialized_data !== false) + return Crypt::decrypt_string($unserialized_data); + } + } + + return $auth_pass; + } + } |