Commit 5077a602 authored by Marco Mariani's avatar Marco Mariani

node register: token auth by default

parent 0d8decd8
......@@ -51,9 +51,13 @@ class RegisterCommand(Command):
ap.add_argument('--ipv6-interface',
help='Interface name to get ipv6')
ap.add_argument('--login-auth',
action='store_true',
help='Force login and password authentication')
ap.add_argument('--login',
help="Your SlapOS Master login. If not provided, "
"asks it interactively, then password.")
help='Your SlapOS Master login. '
'Asks it interactively, then password.')
ap.add_argument('--password',
help='Your SlapOS Master password. If not provided, '
......@@ -61,8 +65,7 @@ class RegisterCommand(Command):
'should be avoided for security reasons.')
ap.add_argument('--token',
help="SlapOS 'computer security' authentication token "
"(use '--token ask' for interactive prompt)")
help="SlapOS 'computer security' authentication token")
ap.add_argument('-t', '--create-tap',
action='store_true',
......
......@@ -79,6 +79,10 @@ def get_certificate_key_pair(logger, master_url_web, node_name, token=None, logi
msg = 'Please check username and password.'
logger.critical('Access denied to the SlapOS Master. %s', msg)
sys.exit(1)
elif not req.ok and 'NotImplementedError' in req.text and not token:
logger.critical('This SlapOS server does not support login/password '
'authentication. Please use the token.')
sys.exit(1)
else:
req.raise_for_status()
......@@ -251,18 +255,7 @@ def gen_auth(conf):
def do_register(conf):
"""Register new computer on SlapOS Master and generate slapos.cfg"""
if conf.token == 'ask':
while True:
conf.token = raw_input('Computer security token: ').strip()
if conf.token:
break
if conf.token:
certificate, key = get_certificate_key_pair(conf.logger,
conf.master_url_web,
conf.node_name,
token=conf.token)
else:
if conf.login or conf.login_auth:
for login, password in gen_auth(conf):
if check_credentials(conf.master_url_web, login, password):
break
......@@ -275,6 +268,14 @@ def do_register(conf):
conf.node_name,
login=login,
password=password)
else:
while not conf.token:
conf.token = raw_input('Computer security token: ').strip()
certificate, key = get_certificate_key_pair(conf.logger,
conf.master_url_web,
conf.node_name,
token=conf.token)
# get computer id
COMP = get_computer_name(certificate)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment