~tardypad/wee-most-devel

Add support for personal access tokens v1 NEEDS REVISION

Frederick Yin: 1
 Add support for personal access tokens

 3 files changed, 28 insertions(+), 12 deletions(-)
Hi
Next
Export patchset (mbox)
How do I use this?

Copy & paste the following snippet into your terminal to import this patchset into git:

curl -s https://lists.sr.ht/~tardypad/wee-most-devel/patches/34977/mbox | git am -3
Learn more about email & git

[PATCH] Add support for personal access tokens Export this patch

Also mention access token in README
---
 README.md          |  2 +-
 wee_most/config.py |  6 ++++++
 wee_most/server.py | 32 +++++++++++++++++++++-----------
 3 files changed, 28 insertions(+), 12 deletions(-)

diff --git a/README.md b/README.md
index d3fcaaa..67e51fe 100644
--- a/README.md
+++ b/README.md
@@ -28,7 +28,7 @@ $ make install # WEECHAT_DATA_DIR=~/.weechat
/mattermost server add a_banal_server
```

You should then edit its configuration such as URL, username, password, 2FA command,...
You should then edit its configuration such as URL, username, password, 2FA command, access token...
To store the password safely, you can make use of WeeChat [secured data storage](https://weechat.org/files/doc/stable/weechat_user.en.html#secured_data)

```
diff --git a/wee_most/config.py b/wee_most/config.py
index 18fc0d6..041b95d 100644
--- a/wee_most/config.py
+++ b/wee_most/config.py
@@ -164,6 +164,12 @@ class PluginConfig:
            description = "Username for authentication to {} server",
            type = "string",
        ),
        Setting(
            name = "access_token",
            default = "",
            description = "Personal access token to {} server",
            type = "string",
        ),
    ]

    def __getattr__(self, key):
diff --git a/wee_most/server.py b/wee_most/server.py
index fdc02d7..bbe433f 100644
--- a/wee_most/server.py
+++ b/wee_most/server.py
@@ -34,12 +34,12 @@ class Server:
        self.url = config.get_server_config(id, "url").strip("/")
        self.username = config.get_server_config(id, "username")
        self.password = config.get_server_config(id, "password")
        self.token = config.get_server_config(id, "access_token")
        self.command_2fa = config.get_server_config(id, "command_2fa")

        if not self.url or not self.username or not self.password:
        if not self.url or not self.username or not (self.password or self.token):
            raise ValueError("Server " + id + " is not fully configured")

        self.token = ""
        self.me = None
        self.highlight_words = []
        self.users = {}
@@ -316,14 +316,16 @@ def connect_server_cb(server_id, command, rc, out, err):
        weechat.prnt("", "An error occurred while connecting")
        return weechat.WEECHAT_RC_ERROR

    token_search = re.search("[tT]oken: (\w*)", out)

    out = out.splitlines()[-1] # we remove the headers line
    server = servers[server_id]
    out = out.splitlines()[-1] # we remove the status line
    response = json.loads(out)

    server = servers[server_id]
    if not server.token:
        # user authenticates with password
        # server supplies a "Token" header
        token_search = re.search("[tT]oken: (\w*)", out)
        server.token = token_search.group(1)

    server.token = token_search.group(1)
    server.init_me(**response)

    try:
@@ -372,10 +374,18 @@ def connect_server(server_id):

    servers[server_id] = server

    wee_most.http.enqueue_request(
        "run_user_login",
        server, "connect_server_cb", server.id
    )
    if server.token:
        # skip login if user authenticates with personal access token
        # instead directly GET /api/v4/users/me
        wee_most.http.enqueue_request(
            "run_get_user",
            server, "me", "connect_server_cb", server.id
        )
    else:
        wee_most.http.enqueue_request(
            "run_user_login",
            server, "connect_server_cb", server.id
        )

    return weechat.WEECHAT_RC_OK

-- 
2.37.2
This patch adds support for Personal Access Tokens[1] by calling
/api/v4/users/me in lieu of /api/v4/users/login. The user can now specify an
access token in their configuration option access_token.

However, as I don't have access to a password-authenticated MM server, I cannot
test whether this patch broke anything relevant. I did not test with 2FA
enabled either.

Thanks for reviewing.

[1] https://docs.mattermost.com/developer/personal-access-tokens.html
Hi,

I've tested your patch but unfortunately it breaks the password login.
Please find below a few comments.