Stored Authentication/Google API Token

[cmhamm]

Excellent job on this application. I appreciate the time and effort spent on this, and the UI is very nice.

I use the Google API to authenticate, and it would be great if you could store the API key, rather than the username and password in clear text. It would also give users a little more security, as you can generate a token request without having the user actually give a username/password. There are other stat managers that do exactly this, although none of them have the polished UI of PokeNurse.

Thanks again.

[mackhankins]

@cmhamm we currently use pogobuf for authentication which doesn't support token based authoriziation, but does support App Password.

[vinnymac]

@cmhamm yea I agree with you that the plain text password is not ideal. We will keep track of this and try to come up with a solution eventually. Hopefully pogobuf will update and we will be able to get rid of the accounts.json we currently rely on for remembering the credentials. The user still has the option of not storing any information, which is probably the most secure option right now, however it is inconvenient.

I think pogobuf has some plans on improving its authentication methods in 2.0, so maybe we will see the possibility of this come from those changes. https://github.com/cyraxx/pogobuf/issues/8

[cmhamm]

Understood. I appreciate the consideration, and will keep an eye out. I would offer to help, but I'm a network engineer. I couldn't code my way out of a wet paper bag.