Merge branch 'session-encryption' into 'master'

add optional encryption for stored session data using Sodium library See merge request tt-rss/tt-rss!117
author: Andrew Dolgov <fox@fakecake.org> 2025-04-08 10:54:24 +0000
committer: Andrew Dolgov <fox@fakecake.org> 2025-04-08 10:54:24 +0000
commit: 008c518d5d8e60c0168cd107dbfd1f23f9c4a701 (patch)
tree: 8f3d8afbbf73ae7d59791a3347a557c194f691d0 /classes/Pref_Feeds.php
parent: bb2c4b380165731c3f8abf0596fffb2a0953265b (diff)
parent: 17b4e98249462a1feb71586d10cd5293d9487ab8 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/classes/Pref_Feeds.php b/classes/Pref_Feeds.php
index 537cc3c86..bc059b99f 100644
--- a/classes/Pref_Feeds.php
+++ b/classes/Pref_Feeds.php
@@ -560,6 +560,7 @@ class Pref_Feeds extends Handler_Protected {
 			ob_end_clean();
 
 			$row["icon"] = Feeds::_get_icon($feed_id);
+			$row["auth_pass"] = Feeds::decrypt_feed_pass($row["auth_pass"]);
 
 			$local_update_intervals = $update_intervals;
 			$local_update_intervals[0] .= sprintf(" (%s)", $update_intervals[Prefs::get(Prefs::DEFAULT_UPDATE_INTERVAL, $_SESSION['uid'])]);
@@ -746,6 +747,11 @@ class Pref_Feeds extends Handler_Protected {
 
 		$feed_language = clean($_POST["feed_language"] ?? "");
 
+		$key = Config::get(Config::ENCRYPTION_KEY);
+
+		if ($key && $auth_pass)
+			$auth_pass = base64_encode(serialize(Crypt::encrypt_string($auth_pass)));
+
 		if (!$batch) {
 
 			/* $sth = $this->pdo->prepare("SELECT feed_url FROM ttrss_feeds WHERE id = ?");
author	Andrew Dolgov <fox@fakecake.org>	2025-04-08 10:54:24 +0000
committer	Andrew Dolgov <fox@fakecake.org>	2025-04-08 10:54:24 +0000
commit	008c518d5d8e60c0168cd107dbfd1f23f9c4a701 (patch)
tree	8f3d8afbbf73ae7d59791a3347a557c194f691d0 /classes/Pref_Feeds.php
parent	bb2c4b380165731c3f8abf0596fffb2a0953265b (diff)
parent	17b4e98249462a1feb71586d10cd5293d9487ab8 (diff)