diff --git a/pyiricdata/Client.py b/pyiricdata/Client.py
index 41e04506227f511d9c3f6598d145dbfae97eb967..577a91a26239951a1505dbea2fb397e6e4d79ff9 100755
--- a/pyiricdata/Client.py
+++ b/pyiricdata/Client.py
@@ -29,12 +29,25 @@ class Client:
api_my_datasets = 'api/v1/my-datasets/list/json/'
""" python client to IRICdata API"""
- def __init__(self, username, password=None, token=None,
- url='https://thepond.bioinfo.iric.ca'):
+ def __init__(self, username, password=None, token_file='.irdatatoken',
+ url='https://thepond.bioinfo.iric.ca', warnings=False):
self.url = url
self.user = username
self.pwd = password
- self.token = token
+ self.token = None
+ self.warnings = warnings
+
+ try:
+ self.token = open(token_file, 'r').read().strip()
+ if self.warnings:
+ if int(oct(os.stat(token_file).st_mode)[-3:][1:]):
+ sys.stderr.write(
+ 'WARNING: PAT file permissions are ' +
+ 'potentially unsafe. Group and Other should not ' +
+ 'have read, write or execute permission.\n'
+ )
+ except FileNotFoundError:
+ pass
if self.token is None and self.pwd is None:
self.pwd = getpass()
@@ -42,16 +55,16 @@ class Client:
session = requests.session()
if self.token is not None:
- if self.pwd is not None:
+ if self.pwd is not None and self.warnings:
sys.stderr.write(
- 'WARNING: Amiguous authentification, ' +
- 'ignoring password in favor of PAT\n'
+ 'WARNING: Ambiguous authentification, ' +
+ 'in the future please use either username/password ' +
+ 'combination or PAT.\n'
)
- self.token = self.token.strip()
session.headers.update({'Iric-Auth-Token': F'{self.token}'})
- elif self.user is not None and self.pwd is not None:
+ if self.user is not None and self.pwd is not None:
login_url = os.path.join(self.url, 'login/')
session.get(login_url)
csrftoken = session.cookies['csrftoken']
diff --git a/pyiricdata/__main__.py b/pyiricdata/__main__.py
index 893a6613d1872ad96808ef996da61eeab681574a..a8e7c5a41e645d355394d95f04e547b679153248 100755
--- a/pyiricdata/__main__.py
+++ b/pyiricdata/__main__.py
@@ -9,8 +9,8 @@ def main():
parser = argparse.ArgumentParser()
parser.add_argument("-u", "--username", help="Username", type=str, required=True)
parser.add_argument("-p", "--password", help="Password", type=str, default=None)
- parser.add_argument("-t", "--token-file-path", type=str, default=None,
- help="File containing Personal Authentication Token (PAT)")
+ parser.add_argument("-t", "--token-file-path", type=str, default='.irdatatoken',
+ help="File containg Personal Authentication Token (PAT)")
parser.add_argument("--url", help="URL", type=str, default='https://thepond.bioinfo.iric.ca')
parser.add_argument("--dataset-id", help="Dataset ID", type=str, default=None)
parser.add_argument("--datafile-id", help="Datafile ID", type=str, default=None)
@@ -21,12 +21,15 @@ def main():
args = parser.parse_args().__dict__
- if args['token_file_path'] is not None:
- token = open(args['token_file_path'], 'r').read().strip()
- else:
- token = None
+ token = args['token_file_path']
- client = Client(username=args['username'], password=args['password'], token=token, url=args['url'])
+ client = Client(
+ username=args['username'],
+ password=args['password'],
+ token_file=token,
+ url=args['url'],
+ warnings=True
+ )
if args['download']:
dsid = args['dataset_id']