Skip to content

feat(keymaster): add identity, session expiry, vault file permissions#41

Merged
Undline merged 1 commit intomainfrom
dev
Apr 7, 2026
Merged

feat(keymaster): add identity, session expiry, vault file permissions#41
Undline merged 1 commit intomainfrom
dev

Conversation

@Undline
Copy link
Copy Markdown
Contributor

@Undline Undline commented Apr 7, 2026

  • POST /identities/new: passphrase re-encrypts vault.json, append Ed25519 profile, refresh session
  • Nav + dashboard link; profile detail redirect; copy clarifies same passphrase as unlock
  • Session idle (30m) and max lifetime (8h) pruning + middleware; replace_session_vault after save
  • Unix: vault.json 0o600, vault dir 0o700 after write (no chmod on Windows)
  • Tests: session expiry, add identity HTTP + disk, wrong passphrase unchanged vault

@Undline
feat(keymaster): add identity, session expiry, vault file permissions
7a5f65c 
- POST /identities/new: passphrase re-encrypts vault.json, append Ed25519 profile, refresh session
- Nav + dashboard link; profile detail redirect; copy clarifies same passphrase as unlock
- Session idle (30m) and max lifetime (8h) pruning + middleware; replace_session_vault after save
- Unix: vault.json 0o600, vault dir 0o700 after write (no chmod on Windows)
- Tests: session expiry, add identity HTTP + disk, wrong passphrase unchanged vault

Made-with: Cursor
chatgpt-codex-connector[bot]
chatgpt-codex-connector bot reviewed Apr 7, 2026
View reviewed changes
Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 7a5f65ce53

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

keymaster/src/modulr_keymaster/app.py
status_code=500,
)

replace_session_vault(sessions, sid, UnlockedVault(profiles))
Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector bot Apr 7, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Synchronize all active sessions after writing new identity

POST /identities/new writes the updated profile list to disk but only calls replace_session_vault for the current sid. If the vault is unlocked in another active session (for example, a second browser/profile), that session keeps an out-of-date in-memory UnlockedVault, so /identities and /identities/{id} can show stale results until re-unlock. This inconsistency is introduced by the new mutable add-identity flow and is user-visible whenever multiple session records exist concurrently.

Useful? React with 👍 / 👎.

@Undline Undline merged commit 8ecd0c3 into main Apr 7, 2026
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chatgpt-codex-connector chatgpt-codex-connector[bot] chatgpt-codex-connector[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Undline