Skip to content

PE-8578: feat-implement-per-drive-password-system#2076

Open
vilenarios wants to merge 10 commits intodevfrom
simple-wander-login
Open

PE-8578: feat-implement-per-drive-password-system#2076
vilenarios wants to merge 10 commits intodevfrom
simple-wander-login

Conversation

@vilenarios
Copy link
Copy Markdown
Collaborator

@vilenarios vilenarios commented Sep 22, 2025
edited by github-actions Bot
Loading

  • Implements individual passwords for each private drive
  • Fixes security issue with drive keys persisting after logout
  • Improves UX with password visibility toggles and multi-drive unlock

Breaking Changes

Users must now set individual passwords for each private drive instead of relying on a single
master password.

--- Releases ---
Android release: https://appdistribution.firebase.google.com/testerapps/1:305132849030:android:6cf0cd5ec064fad3ffce07/releases/5ml8l39iggib8

@vilenarios
wip
72387ed
@vilenarios
Merge remote-tracking branch 'origin/dev' into simple-wander-login
1ebf44a
@vilenarios
chore: clears private drive passwords correctly on full log out
b42ebf9
@vilenarios
feat: implement per-drive password system for enhanced security
c13a310 
  - Each private drive now requires its own password, decoupled from session password
  - All users (Wander/ArConnect, JSON wallet, EthAReum) set individual passwords when creating
  private drives
  - Fixed critical security issue where drive keys persisted in memory after logout
  - Added password visibility toggles and checkbox to unlock multiple drives with same password
  - Updated authentication flow to accept any valid private drive password for login
  - Improved password prompts with context-aware messaging for different user scenarios
  - Ensured all drives appear in navigation with lock indicators for inaccessible ones
  - Added new DrivePasswordFormField component for consistent password input UI

  BREAKING CHANGE: Users must now set individual passwords for each private drive instead of
  relying on a single master password. Existing drives retain their original passwords.
@github-actions
Copy link
Copy Markdown

github-actions Bot commented Sep 22, 2025

⚠️ Your PR title does not match the required pattern. Please update the title in the format PE-{number}: {description}.

@vilenarios vilenarios changed the title feat: implement per-drive password system pe-8578-feat-implement-per-drive-password-system Sep 22, 2025
@github-actions
Copy link
Copy Markdown

github-actions Bot commented Sep 22, 2025

⚠️ Your PR title does not match the required pattern. Please update the title in the format PE-{number}: {description}.

@github-actions
Copy link
Copy Markdown

github-actions Bot commented Sep 22, 2025

⚠️ Your PR title does not match the required pattern. Please update the title in the format PE-{number}: {description}.

@github-actions
Copy link
Copy Markdown

github-actions Bot commented Sep 22, 2025

⚠️ Your PR title does not match the required pattern. Please update the title in the format PE-{number}: {description}.

@vilenarios vilenarios changed the title pe-8578-feat-implement-per-drive-password-system pe-8578: feat-implement-per-drive-password-system Sep 22, 2025
@github-actions
Copy link
Copy Markdown

github-actions Bot commented Sep 22, 2025

⚠️ Your PR title does not match the required pattern. Please update the title in the format PE-{number}: {description}.

kobe-ThiagoCarvalho
kobe-ThiagoCarvalho reviewed Sep 22, 2025
View reviewed changes
Comment thread lib/blocs/drive_create/drive_create_cubit.dart Outdated
passwordToUse = drivePassword;
} else {
// Public drives don't need a password
passwordToUse = profile.user.password.isNotEmpty ? profile.user.password : '';
Copy link
Copy Markdown

@kobe-ThiagoCarvalho kobe-ThiagoCarvalho Sep 22, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it necessary?

Copy link
Copy Markdown
Collaborator Author

@vilenarios vilenarios Sep 23, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nope! Cleaned it up.

@vilenarios
chore: simplifies the code by just
aa6db92 
  passing an empty string for public drives, since they don't need
  any password. The previous logic checking
  profile.user.password.isNotEmpty was unnecessary complexity
@github-actions
Copy link
Copy Markdown

github-actions Bot commented Sep 22, 2025

⚠️ Your PR title does not match the required pattern. Please update the title in the format PE-{number}: {description}.

@github-actions
Copy link
Copy Markdown

github-actions Bot commented Sep 23, 2025

⚠️ Your PR title does not match the required pattern. Please update the title in the format PE-{number}: {description}.

@vilenarios vilenarios changed the title pe-8578: feat-implement-per-drive-password-system PE-8578: feat-implement-per-drive-password-system Sep 23, 2025
@github-actions
Copy link
Copy Markdown

github-actions Bot commented Sep 23, 2025

Visit the preview URL for this PR (updated for commit 9ed371a):

https://ardrive-web--pr2076-simple-wander-login-xfiujrkn.web.app

(expires Tue, 30 Sep 2025 22:10:08 GMT)

🔥 via Firebase Hosting GitHub Action 🌎

Sign: a224ebaee2f0939e7665e7630e7d3d6cd7d0f8b0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@kobe-ThiagoCarvalho kobe-ThiagoCarvalho kobe-ThiagoCarvalho left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@vilenarios @kobe-ThiagoCarvalho @kunstmusik