git/admin-portal
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity
admin-portal/tech/tabs/03-third-parties/00_README.md
Frederico Falcao f2a6525224 init
2025-05-30 10:46:17 +01:00

2.5 KiB
Raw Blame History

03-third-parties — Password Manager Tab

This tab implements a web-based lightweight password manager for teams. It allows you to save, view, and manage passwords and related info for third-party accounts/services in a secure file.

Features

  • Store: Save site/service, username, password, OTP secret, and card details for each entry.
  • Password Generation: Generate strong random passwords.
  • Copy to Clipboard: Instantly copy any password to clipboard with one click (no password is exposed/revealed by default).
  • OTP Code Preview: If an OTP secret is stored, the current code is shown next to the entry.
  • Edit Protections: All form submissions use POST and require confirmation before deleting an entry.
  • Encrypted Storage: All credentials are saved in an encrypted JSON file (passwords.json.enc).

File Overview

  • 01_constants.php — Defines file paths and any constants for this tab.
  • 02_supportFuncs.php — Helper functions for managing and encrypting credentials, generating OTPs, etc.
  • 03_handler.php — Logic for processing form submissions and updating the password list.
  • 04_nav-item.html.php — Generates the navigation item for this password manager tab.
  • 05_content.html.php — Main UI and form rendering for password management, entry listing, and actions.
  • 06_modals.html.php — (Not used / empty or for modal dialogs).
  • 07_javascript.js — Handles client-side UX, e.g. copying passwords to clipboard.
  • passwords.json.enc — The encrypted vault file storing all team credentials.

Usage

  1. Navigate to the "Password Manager" tab in the interface.
  2. Add new credentials with their site, username, password, OTP, card details, etc.
  3. Use the 📋 button next to any password to copy it to your clipboard.
  4. To delete an entry, click the red ✖ button and confirm.

Security Notes

  • All credentials are stored only on the server, encrypted at rest.
  • Passwords are shown as dots by default; they can only be copied (not revealed) for safety.
  • Use secure team practices with this tool and limit exposure of your admin interface.

Customizing

  • To change storage or encryption, update 02_supportFuncs.php and references to passwords.json.enc.
  • UI layout can be modified in 05_content.html.php.
  • Client logic (like clipboard copying) is in 07_javascript.js.

This tab is intended for lightweight, shared team secrets/password management. For high-security requirements, use a dedicated enterprise password vault solution.