Remove login_2fa command

It was a hacky way to log with 2fa without using a browser, but did not
work on half the instances. login_browser now exists and should be used
instead.
This commit is contained in:
Ivan Habunek 2017-12-29 11:52:00 +01:00
parent b0e556a07b
commit 609c432e68
No known key found for this signature in database
GPG key ID: CDBD63C43A30BB95
4 changed files with 4 additions and 77 deletions

View file

@ -5,6 +5,7 @@ Changelog
* **Dropped support for Python 2** because it's a pain to support and was * **Dropped support for Python 2** because it's a pain to support and was
causing bugs with handling unicode. causing bugs with handling unicode.
* Remove hacky `login_2fa` command, use `login_browser` instead
**0.15.1 (2017-12-12)** **0.15.1 (2017-12-12)**

View file

@ -79,9 +79,8 @@ Running ``toot <command> -h`` shows the documentation for the given command.
toot - a Mastodon CLI client toot - a Mastodon CLI client
Authentication: Authentication:
toot login Log into a Mastodon instance, does NOT support two factor authentication toot login Log in from the console, does NOT support two factor authentication
toot login_browser Log in using your browser, supports regular and two factor authentication toot login_browser Log in using your browser, supports regular and two factor authentication
toot login_2fa Log in using two factor authentication in the console (hacky, experimental)
toot logout Log out, delete stored access keys toot logout Log out, delete stored access keys
toot auth Show stored credentials toot auth Show stored credentials
@ -90,7 +89,7 @@ Running ``toot <command> -h`` shows the documentation for the given command.
toot whois Display account details toot whois Display account details
toot search Search for users or hashtags toot search Search for users or hashtags
toot timeline Show recent items in your public timeline toot timeline Show recent items in your public timeline
toot curses An experimental timeline app. toot curses An experimental timeline app (doesn't work on Windows)
Post: Post:
toot post Post a status text to your timeline toot post Post a status text to your timeline

View file

@ -1,7 +1,5 @@
# -*- coding: utf-8 -*- # -*- coding: utf-8 -*-
import json
import requests
import webbrowser import webbrowser
from bs4 import BeautifulSoup from bs4 import BeautifulSoup
@ -72,57 +70,6 @@ def login_interactive(app, email=None):
return create_user(app, email, response['access_token']) return create_user(app, email, response['access_token'])
def two_factor_login_interactive(app):
"""Hacky implementation of two factor authentication"""
print_out("Log in to {}".format(app.instance))
email = input('Email: ')
password = getpass('Password: ')
sign_in_url = app.base_url + '/auth/sign_in'
session = requests.Session()
# Fetch sign in form
response = session.get(sign_in_url)
response.raise_for_status()
soup = BeautifulSoup(response.content, "html.parser")
form = soup.find('form')
inputs = form.find_all('input')
data = {i.attrs.get('name'): i.attrs.get('value') for i in inputs}
data['user[email]'] = email
data['user[password]'] = password
# Submit form, get 2FA entry form
response = session.post(sign_in_url, data)
response.raise_for_status()
soup = BeautifulSoup(response.content, "html.parser")
form = soup.find('form')
inputs = form.find_all('input')
data = {i.attrs.get('name'): i.attrs.get('value') for i in inputs}
data['user[otp_attempt]'] = input("2FA Token: ")
# Submit token
response = session.post(sign_in_url, data)
response.raise_for_status()
# Extract access token from response
soup = BeautifulSoup(response.content, "html.parser")
initial_state = soup.find('script', id='initial-state')
if not initial_state:
raise ConsoleError("Login failed: Invalid 2FA token?")
data = json.loads(initial_state.get_text())
access_token = data['meta']['access_token']
return create_user(app, email, access_token)
def _print_timeline(item): def _print_timeline(item):
def wrap_text(text, width): def wrap_text(text, width):
wrapper = TextWrapper(width=width, break_long_words=False, break_on_hyphens=False) wrapper = TextWrapper(width=width, break_long_words=False, break_on_hyphens=False)
@ -209,20 +156,6 @@ def login(app, user, args):
print_out("<green>✓ Successfully logged in.</green>") print_out("<green>✓ Successfully logged in.</green>")
def login_2fa(app, user, args):
print_out()
print_out("<yellow>Two factor authentication is experimental.</yellow>")
print_out("<yellow>If you have problems logging in, please open an issue:</yellow>")
print_out("<yellow>https://github.com/ihabunek/toot/issues</yellow>")
print_out()
app = create_app_interactive()
two_factor_login_interactive(app)
print_out()
print_out("<green>✓ Successfully logged in.</green>")
BROWSER_LOGIN_EXPLANATION = """ BROWSER_LOGIN_EXPLANATION = """
This authentication method requires you to log into your Mastodon instance This authentication method requires you to log into your Mastodon instance
in your browser, where you will be asked to authorize <yellow>toot</yellow> to access in your browser, where you will be asked to authorize <yellow>toot</yellow> to access

View file

@ -54,7 +54,7 @@ email_arg = (["-e", "--email"], {
AUTH_COMMANDS = [ AUTH_COMMANDS = [
Command( Command(
name="login", name="login",
description="Log into a Mastodon instance, does NOT support two factor authentication", description="Log in from the console, does NOT support two factor authentication",
arguments=[instance_arg, email_arg], arguments=[instance_arg, email_arg],
require_auth=False, require_auth=False,
), ),
@ -64,12 +64,6 @@ AUTH_COMMANDS = [
arguments=[instance_arg, email_arg], arguments=[instance_arg, email_arg],
require_auth=False, require_auth=False,
), ),
Command(
name="login_2fa",
description="Log in using two factor authentication in the console (hacky, experimental)",
arguments=[],
require_auth=False,
),
Command( Command(
name="logout", name="logout",
description="Log out, delete stored access keys", description="Log out, delete stored access keys",