This module provides a way for securely storing passwords and other secrets.
It uses D-Bus Secret Service API that is supported by GNOME Keyring, KWallet (since version 5.97) and KeePassXC.
The main classes provided are
secretstorage.Item, representing a secret
item (that has a label, a secret and some attributes) and
secretstorage.Collection, a place items are stored in.
SecretStorage supports most of the functions provided by Secret Service, including creating and deleting items and collections, editing items, locking and unlocking collections.
The documentation can be found on secretstorage.readthedocs.io.
Building the module
SecretStorage 3.x supports Python 3.6 and newer versions. If you have an older version of Python, install SecretStorage 2.x:
pip install "SecretStorage < 3"
SecretStorage requires these packages to work:
To build SecretStorage, use this command:
python3 setup.py build
If you have Sphinx installed, you can also build the documentation:
python3 setup.py build_sphinx
Testing the module
First, make sure that you have the Secret Service daemon installed. The GNOME Keyring is the reference server-side implementation for the Secret Service specification.
Then, start the daemon and unlock the
default collection, if needed.
The testsuite will fail to run if the
default collection exists and is
locked. If it does not exist, the testsuite can also use the temporary
session collection, as provided by the GNOME Keyring.
Then, run the Python unittest module:
python3 -m unittest discover -s tests
If you want to run the tests in an isolated or headless environment, run this command in a D-Bus session:
dbus-run-session -- python3 -m unittest discover -s tests
Get the code
SecretStorage is available under BSD license. The source code can be found on GitHub.