Commit 5077a602 authored by Marco Mariani's avatar Marco Mariani

node register: token auth by default

parent 0d8decd8
...@@ -51,9 +51,13 @@ class RegisterCommand(Command): ...@@ -51,9 +51,13 @@ class RegisterCommand(Command):
ap.add_argument('--ipv6-interface', ap.add_argument('--ipv6-interface',
help='Interface name to get ipv6') help='Interface name to get ipv6')
ap.add_argument('--login-auth',
action='store_true',
help='Force login and password authentication')
ap.add_argument('--login', ap.add_argument('--login',
help="Your SlapOS Master login. If not provided, " help='Your SlapOS Master login. '
"asks it interactively, then password.") 'Asks it interactively, then password.')
ap.add_argument('--password', ap.add_argument('--password',
help='Your SlapOS Master password. If not provided, ' help='Your SlapOS Master password. If not provided, '
...@@ -61,8 +65,7 @@ class RegisterCommand(Command): ...@@ -61,8 +65,7 @@ class RegisterCommand(Command):
'should be avoided for security reasons.') 'should be avoided for security reasons.')
ap.add_argument('--token', ap.add_argument('--token',
help="SlapOS 'computer security' authentication token " help="SlapOS 'computer security' authentication token")
"(use '--token ask' for interactive prompt)")
ap.add_argument('-t', '--create-tap', ap.add_argument('-t', '--create-tap',
action='store_true', action='store_true',
......
...@@ -79,6 +79,10 @@ def get_certificate_key_pair(logger, master_url_web, node_name, token=None, logi ...@@ -79,6 +79,10 @@ def get_certificate_key_pair(logger, master_url_web, node_name, token=None, logi
msg = 'Please check username and password.' msg = 'Please check username and password.'
logger.critical('Access denied to the SlapOS Master. %s', msg) logger.critical('Access denied to the SlapOS Master. %s', msg)
sys.exit(1) sys.exit(1)
elif not req.ok and 'NotImplementedError' in req.text and not token:
logger.critical('This SlapOS server does not support login/password '
'authentication. Please use the token.')
sys.exit(1)
else: else:
req.raise_for_status() req.raise_for_status()
...@@ -251,18 +255,7 @@ def gen_auth(conf): ...@@ -251,18 +255,7 @@ def gen_auth(conf):
def do_register(conf): def do_register(conf):
"""Register new computer on SlapOS Master and generate slapos.cfg""" """Register new computer on SlapOS Master and generate slapos.cfg"""
if conf.token == 'ask': if conf.login or conf.login_auth:
while True:
conf.token = raw_input('Computer security token: ').strip()
if conf.token:
break
if conf.token:
certificate, key = get_certificate_key_pair(conf.logger,
conf.master_url_web,
conf.node_name,
token=conf.token)
else:
for login, password in gen_auth(conf): for login, password in gen_auth(conf):
if check_credentials(conf.master_url_web, login, password): if check_credentials(conf.master_url_web, login, password):
break break
...@@ -275,6 +268,14 @@ def do_register(conf): ...@@ -275,6 +268,14 @@ def do_register(conf):
conf.node_name, conf.node_name,
login=login, login=login,
password=password) password=password)
else:
while not conf.token:
conf.token = raw_input('Computer security token: ').strip()
certificate, key = get_certificate_key_pair(conf.logger,
conf.master_url_web,
conf.node_name,
token=conf.token)
# get computer id # get computer id
COMP = get_computer_name(certificate) COMP = get_computer_name(certificate)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment