support transparent encryption for feed passwords, bump schema to drop length limit of ttrss_feeds.auth_pass

2025-04-08 09:36:04 +03:00
parent 25d3ce4ee8
commit eedc1460e5
8 changed files with 53 additions and 8 deletions
--- a/classes/Feeds.php
+++ b/classes/Feeds.php
@@ -2376,5 +2376,29 @@ class Feeds extends Handler_Protected {
 		return [$query, $skip_first_id];
 	}

+
+	/** decrypts encrypted feed password if possible (key is available and data is a base64-encoded serialized object)
+	 *
+	 * @param $auth_pass possibly encrypted feed password
+	 *
+	 * @return string plaintext representation of an encrypted feed password if encrypted or plaintext password otherwise
+	 * */
+	static function decrypt_feed_pass(string $auth_pass) : string {
+		$key = Config::get(Config::ENCRYPTION_KEY);
+
+		if ($auth_pass && $key) {
+			$auth_pass_serialized = @base64_decode($auth_pass);
+
+			if ($auth_pass_serialized) {
+				$unserialized_data = @unserialize($auth_pass_serialized);
+
+				if ($unserialized_data !== false)
+					return Crypt::decrypt_string($unserialized_data);
+			}
+		}
+
+		return $auth_pass;
+	}
+
 }