Like many others I use a password manager, the one I've chosen being KeePass. My current setup is quite simple, have the database lie remotely on a server hosted by Digital Ocean which I connect to from the client on my computer and phone, keeps it nice and synced. However, if I ever want to use my passwords on another device, I won't be able to get any of them without first getting a client onto the device. Sure, I can go around with a USB everywhere I go with a client or maybe just a SD card, but I'm lazier than that.
My solution? Making an Android app that launches a web server that is able to access my password database on the phone on the same local network. Simple right? Yeah I thought so at first too, I wanted to cheat a little and make it easy on myself, but ended up having to start from square two (because of some help).
What I wanted was just to use a web based password manager called KeeWeb and serve it with a server and then everything would be fine and dandy. But I forgot some things...
However other users wanted the same kind of feature as me, but the devs aren't interested in making such a feature, so one person took it upon himself to make a plugin for it. Great! But it requires use of PHP for saving the database on the server, I even thought about making my own plugin but I couldn't find any documentation on how their structure work, only some basic infos and examples - not enough for me wanting to jump out into it.
I could use the guys plugin, but I quickly found out that trying to run PHP code as a server in Java was big task on its own - tried a project called Resin/Quercus but couldn't get it to work. Scratch that then.
So I snatched that and then found a great web server in Java called NanoHTTPD that is lightweight and easy to use.
All the basic features for managing the database is there, can create new groups and entries, can move, rename, and delete them, can edit and get data from entries.
Just one drawback... It can't save. Yeah, pretty big core feature missing that makes the project useless without it. As far as my understanding of the problem goes, NanoHTTPD encodes the data, or at least does something to it, that messes up what the server receives. I've created an issue and still waiting an answer, I can see from the Network Inspector tab in my browser that it is sending the send the correct data to the server, but it is not the same that it receives. Trying to encode it before sending doesn't help neither.
The project will be published to my GitHub when I think it is suitable (maybe when save function finally works) or might do it if a number of people request it out of interest etc.
Apart from the saving function I also still need to implement:
- SSL communication
- App can change master password
- A password generator for password fields
- Other small features and fixes