Also mention access token in README
---
README.md | 2 +-wee_most/config.py | 6 ++++++wee_most/server.py | 32 +++++++++++++++++++++-----------
3 files changed, 28 insertions(+), 12 deletions(-)
diff --git a/README.md b/README.md
index d3fcaaa..67e51fe 100644
--- a/README.md+++ b/README.md
@@ -28,7 +28,7 @@ $ make install # WEECHAT_DATA_DIR=~/.weechat
/mattermost server add a_banal_server
```
-You should then edit its configuration such as URL, username, password, 2FA command,...+You should then edit its configuration such as URL, username, password, 2FA command, access token...To store the password safely, you can make use of WeeChat [secured data storage](https://weechat.org/files/doc/stable/weechat_user.en.html#secured_data)
```
diff --git a/wee_most/config.py b/wee_most/config.py
index 18fc0d6..041b95d 100644
--- a/wee_most/config.py+++ b/wee_most/config.py
@@ -164,6 +164,12 @@ class PluginConfig:
description = "Username for authentication to {} server",
type = "string",
),
+ Setting(+ name = "access_token",+ default = "",+ description = "Personal access token to {} server",+ type = "string",+ ), ]
def __getattr__(self, key):
diff --git a/wee_most/server.py b/wee_most/server.py
index fdc02d7..bbe433f 100644
--- a/wee_most/server.py+++ b/wee_most/server.py
@@ -34,12 +34,12 @@ class Server:
self.url = config.get_server_config(id, "url").strip("/")
self.username = config.get_server_config(id, "username")
self.password = config.get_server_config(id, "password")
+ self.token = config.get_server_config(id, "access_token") self.command_2fa = config.get_server_config(id, "command_2fa")
- if not self.url or not self.username or not self.password:+ if not self.url or not self.username or not (self.password or self.token): raise ValueError("Server " + id + " is not fully configured")
- self.token = "" self.me = None
self.highlight_words = []
self.users = {}
@@ -316,14 +316,16 @@ def connect_server_cb(server_id, command, rc, out, err):
weechat.prnt("", "An error occurred while connecting")
return weechat.WEECHAT_RC_ERROR
- token_search = re.search("[tT]oken: (\w*)", out)-- out = out.splitlines()[-1] # we remove the headers line+ server = servers[server_id]+ out = out.splitlines()[-1] # we remove the status line
response = json.loads(out)
- server = servers[server_id]+ if not server.token:+ # user authenticates with password+ # server supplies a "Token" header+ token_search = re.search("[tT]oken: (\w*)", out)
This search needs to be done before the splitlines happens because the
token is part of the response headers which it discards.
Regards,
--
Damien Tardy-Panis
+ server.token = token_search.group(1)- server.token = token_search.group(1) server.init_me(**response)
try:
@@ -372,10 +374,18 @@ def connect_server(server_id):
servers[server_id] = server
- wee_most.http.enqueue_request(- "run_user_login",- server, "connect_server_cb", server.id- )+ if server.token:+ # skip login if user authenticates with personal access token+ # instead directly GET /api/v4/users/me+ wee_most.http.enqueue_request(+ "run_get_user",+ server, "me", "connect_server_cb", server.id+ )+ else:+ wee_most.http.enqueue_request(+ "run_user_login",+ server, "connect_server_cb", server.id+ ) return weechat.WEECHAT_RC_OK
--
2.37.2
This patch adds support for Personal Access Tokens[1] by calling
/api/v4/users/me in lieu of /api/v4/users/login. The user can now specify an
access token in their configuration option access_token.
However, as I don't have access to a password-authenticated MM server, I cannot
test whether this patch broke anything relevant. I did not test with 2FA
enabled either.
Thanks for reviewing.
[1] https://docs.mattermost.com/developer/personal-access-tokens.html