Optionally use a key for the smtp_password instead of a config

Open on Drupal.org →

Created on 12 June 2024, 13 days ago

Updated 13 June 2024, 12 days ago

Problem/Motivation

Currently the smtp_password is stored in plain text in config yml

We'd like to use the key module to store the smtp_password.

There are several key provider options with the key module.

Environment variable
Filesystem
Configuration
Contrib module key provider such as azure_key_vault and others

I am starting this out with a very simple patch. Perhaps it could be made better by adding this as an optional storage. So the phpmailer_smtp form would have to have a checkbox option for use "key" storage for smtp_password. If this is checked, there should be conditional use of this. By default I suggest this be disabled.

For now, I'm providing a patch that enables this by default and doesn't make it optional. The only thing that is optional with the very first version of this patch is the key provider and key name of course, there's a link to manage the key.

Steps to reproduce

Install phpmailer_smtp
Install the key module
Apply the patch

Proposed resolution

TBD

Remaining tasks

Review the ideas and patch(s) presented here

User interface changes

See issue summary

API changes

See issue summary

Data model changes

Key storage option

✨ Feature request

Status

Needs work

Version

2.2

Component

Code

Created by

🇨🇦Canada joseph.olstad

Live updates comments and jobs are added and updated live.

Sign in to follow issues

Merge Requests

!2Optionally use a key for the smtp_password instead of a config
Open
🇨🇦Canada joseph.olstad
updated 13 days ago

Comments & Activities

Issue created by @joseph.olstad
Merge request !2Issue #3454192 by joseph.olstad: Optionally use a key for the smtp_password instead of a config → (Open) created by joseph.olstad
Comment 13 days ago →
🇨🇦Canada joseph.olstad
Status changed to Needs review 13 days ago2:17pm 12 June 2024
Comment 13 days ago →
🇨🇦Canada joseph.olstad
Comment 13 days ago →
🇦🇺Australia imclean Tasmania
Thanks for the MR. If we were to integrate with the Key module then it should be an option, as you suggest, and then only if Key is installed.

That said, we're already using Key (+ Encrypt) with this module without supporting it directly. See Key's documentation → regarding overriding any configuration.

There's an issue with a patch for encrypting the value: ✨ Encrypt key value Needs work
Status changed to Needs work 12 days ago11:44pm 13 June 2024
Comment 12 days ago →
🇦🇺Australia imclean Tasmania
Have you tried overriding config for the password using the Key module as described in the documentation I linked to? Does this produce the desired outcome?
Comment 12 days ago →
🇦🇺Australia imclean Tasmania
NW due to Key not being optional.

contrib.social Blog FAQ Discussions

Production build 0.69.0 2024