Revert "improve /run handling, token handling with /run"

This reverts commit 59c013a. this fixes tornado but breaks cherrypy - I mistakenly assumed the payload token returned on login was the real eauth token not the session.id. I'll add a route to /token in tornado that is equivalent to /login on tornado to mimick backcompat behavior even though they are equivalent there due to not having a proxy session store.
saltstack · Mar 12, 2019 · f87815f · f87815f
1 parent cab58b2
commit f87815f
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 3 deletions.
diff --git a/pepper/cli.py b/pepper/cli.py
@@ -603,6 +603,8 @@ def poll_for_returns(self, api, load):
             yield exit_code, {'Failed': failed}
 
     def login(self, api):
+        login = api.token if self.options.userun else api.login
+
         if self.options.mktoken:
             token_file = self.options.cache
             try:
@@ -616,7 +618,7 @@ def login(self, api):
                     logger.error('Unable to load login token from {0} {1}'.format(token_file, str(e)))
                     if os.path.isfile(token_file):
                         os.remove(token_file)
-                auth = api.login(**self.parse_login())
+                auth = login(**self.parse_login())
                 try:
                     oldumask = os.umask(0)
                     fdsc = os.open(token_file, os.O_WRONLY | os.O_CREAT, 0o600)
@@ -627,7 +629,7 @@ def login(self, api):
                 finally:
                     os.umask(oldumask)
         else:
-            auth = api.login(**self.parse_login())
+            auth = login(**self.parse_login())
 
         api.auth = auth
         self.auth = auth

diff --git a/pepper/libpepper.py b/pepper/libpepper.py
@@ -219,7 +219,7 @@ def req(self, path, data=None):
             req.add_header('Content-Length', clen)
 
         # Add auth header to request
-        if path != '/run' and self.auth and 'token' in self.auth and self.auth['token']:
+        if self.auth and 'token' in self.auth and self.auth['token']:
             req.add_header('X-Auth-Token', self.auth['token'])
 
         # Send request
@@ -467,6 +467,14 @@ def login(self, username=None, password=None, eauth=None, **kwargs):
         self.auth = self._send_auth('/login', **kwargs).get('return', [{}])[0]
         return self.auth
 
+    def token(self, **kwargs):
+        '''
+        Get an eauth token from Salt for use with the /run URL
+
+        '''
+        self.auth = self._send_auth('/token', **kwargs)[0]
+        return self.auth
+
     def _construct_url(self, path):
         '''
         Construct the url to salt-api for the given path