Prompt for username/password when not in config file.

README.rst

@@ -19,13 +19,18 @@ An optional package (though highly recommend and included in
 it, remove it from ``requirements.txt`` and store your ldap password in
 plaintext.
 
-``invtool`` requires you to store your ldap username in a clear text
-configuration file. Your ldap password can be stored either in plaintext in the
-same file or else in the system keyring. In order to use the keyring you need
-`python-keyring <https://pypi.python.org/pypi/keyring>`_.  ``invtool`` tries to
-find a configuration file by first looking at ``./etc/invtool.conf`` and if it
-can't find anything there, ``/etc/invtool.conf``. Here is a quick tip for a
-non-root install::
+``invtool`` supports a few different ways of setting your credentials. Your
+username can either be stored in the configuration file or passed at the
+command line. Your password may be stored in the configuration file (in
+plain text), stored in a `python-keyring <https://pypi.python.org/pypi/keyring>`_,
+or passed on the command line. If you do not want to store your credentials
+on disk at all, you must remove the ldap_username AND ldap_password entries
+from the configuration file.
+
+``invtool`` will look for a configuration file at ``./etc/invtool.conf`` and
+if it can't find anything there, ``/etc/invtool.conf``.
+
+Here is a quick tip for a non-root install::
 
     git clone git@github.com:uberj/inv-tool.git invtool
     cd invtool

invtool/lib/config.py

@@ -39,15 +39,18 @@
 except ImportError:
     KEYRING_PRESENT = False
 
+# No auth required for dev
 if dev == 'True':
     auth = None
     AUTH_TYPE = None
+# Can't use keyring and a password in the config at the same time.
 elif (config.has_option('authorization', 'ldap_password') and
       config.has_option('authorization', 'keyring')):
     raise Exception(
         "ldap_password and keyring are mutually exclusive "
         "in config file '{0}'".format(CONFIG_FILE)
     )
+# If there's an existing keyring, let's use it!
 elif (config.has_option('authorization', 'ldap_username') and
       config.get('authorization', 'ldap_username') != '' and
       config.has_option('authorization', 'keyring') and
@@ -77,14 +80,8 @@
         print("Saved password to keyring")
     auth = tuple(auth)
     AUTH_TYPE = 'keyring'
-elif (config.has_option('authorization', 'ldap_username') and
-      config.has_option('authorization', 'ldap_password')):
-    # use plaintext
-    auth = (
-        config.get('authorization', 'ldap_username'),
-        config.get('authorization', 'ldap_password')
-    )
-    AUTH_TYPE = 'plaintext'
+# If there's no existing keyring and we have keyring support
+#  let's try to be nice and create a keyring.
 elif KEYRING_PRESENT:
     # configure credentials
     auth = (
@@ -103,9 +100,17 @@
     keyring.set_password(config.get('authorization', 'keyring'), *auth)
     print("Saved password to keyring")
     AUTH_TYPE = 'keyring'
+# If there's no keyring support, let's try to get the username and password
+# from the config or command line
 else:
-    raise Exception(
-        "Unable to get or set ldap password."
-        "Install the keyring module or set ldap_password"
-        "in config file '{0}'".format(CONFIG_FILE)
-    )
+    if config.has_option('authorization', 'ldap_username'):
+        username = config.get('authorization', 'ldap_username')
+    else:
+        username = raw_input('ldap username: ')
+    if config.has_option('authorization', 'ldap_password'):
+        password = config.get('authorization', 'ldap_password')
+    else:
+        password = getpass.getpass('ldap password: ')
+    # use plaintext
+    auth = (username, password)
+    AUTH_TYPE = 'plaintext'