node register: token auth by default

5077a602 · Marco Mariani · 0d8decd8 · 5077a602 · 5077a602
Commit 5077a602 authored Jun 25, 2013 by Marco Mariani
Hide whitespace changes
Inline Side-by-side

Showing with 20 additions and 16 deletions

slapos/cli/register.py slapos/cli/register.py +7 -4

slapos/register/register.py slapos/register/register.py +13 -12

No files found.
--- a/slapos/cli/register.py
+++ b/slapos/cli/register.py
@@ -51,9 +51,13 @@ class RegisterCommand(Command):
        ap.add_argument('--ipv6-interface',
                        help='Interface name to get ipv6')

+        ap.add_argument('--login-auth',
+                        action='store_true',
+                        help='Force login and password authentication')
+
        ap.add_argument('--login',
-                        help="Your SlapOS Master login. If not provided, "
-                             "asks it interactively, then password.")
+                        help='Your SlapOS Master login. '
+                             'Asks it interactively, then password.')

        ap.add_argument('--password',
                        help='Your SlapOS Master password. If not provided, '
@@ -61,8 +65,7 @@ class RegisterCommand(Command):
                             'should be avoided for security reasons.')

        ap.add_argument('--token',
-                        help="SlapOS 'computer security' authentication token "
-                             "(use '--token ask' for interactive prompt)")
+                        help="SlapOS 'computer security' authentication token")

        ap.add_argument('-t', '--create-tap',
                        action='store_true',

--- a/slapos/register/register.py
+++ b/slapos/register/register.py
@@ -79,6 +79,10 @@ def get_certificate_key_pair(logger, master_url_web, node_name, token=None, logi
      msg = 'Please check username and password.'
    logger.critical('Access denied to the SlapOS Master. %s', msg)
    sys.exit(1)
+  elif not req.ok and 'NotImplementedError' in req.text and not token:
+    logger.critical('This SlapOS server does not support login/password '
+                    'authentication. Please use the token.')
+    sys.exit(1)
  else:
    req.raise_for_status()

@@ -251,18 +255,7 @@ def gen_auth(conf):
 def do_register(conf):
  """Register new computer on SlapOS Master and generate slapos.cfg"""

-  if conf.token == 'ask':
-    while True:
-      conf.token = raw_input('Computer security token: ').strip()
-      if conf.token:
-        break
-
-  if conf.token:
-    certificate, key = get_certificate_key_pair(conf.logger,
-                                                conf.master_url_web,
-                                                conf.node_name,
-                                                token=conf.token)
-  else:
+  if conf.login or conf.login_auth:
    for login, password in gen_auth(conf):
      if check_credentials(conf.master_url_web, login, password):
        break
@@ -275,6 +268,14 @@ def do_register(conf):
                                                conf.node_name,
                                                login=login,
                                                password=password)
+  else:
+    while not conf.token:
+      conf.token = raw_input('Computer security token: ').strip()
+
+    certificate, key = get_certificate_key_pair(conf.logger,
+                                                conf.master_url_web,
+                                                conf.node_name,
+                                                token=conf.token)

  # get computer id
  COMP = get_computer_name(certificate)