I'm testing out RB 2.0.15 RBTools 0.7.2
and I've noticed something about how the --username option is handled that I think is a bug, but I wanted to run it by you all before filing a bug report. What I've found is that when I do rbt post --username me 1234 I always get prompted for a password. If I already have a valid cookie in .rbtools-cookies file, then I can type anything and the review will go through. If however I delete my .rbtools-cookie file, try again then the authentication is done correctly. Does that make sense? It seems somehow wrong to me. This example may make it clearer. $ rm ~/.rbtools-cookies $ rbt post --username sallan 824 Please log in to the Review Board server at localhost. Password: *bogus_password* ERROR: Unexpected API Error: The username or password was not correct (HTTP 401, API Error 104) $ rbt post --username sallan 824 Please log in to the Review Board server at localhost. Password: *correct_password* Generating diff for pending changeset 824 Review request #10 posted. http://localhost/r/10/ http://localhost/r/10/diff/ $ rbt post --username sallan 824 Please log in to the Review Board server at localhost. Password: *bogus_password* Generating diff for pending changeset 824 Review request #10 posted. http://localhost/r/10/ http://localhost/r/10/diff/ Notice the second time the bogus_password is accepted because I now have a cookie. If that's the case, why prompt? Is this a bug? Would you like me to file a report? --Steve -- Supercharge your Review Board with Power Pack: https://www.reviewboard.org/powerpack/ Want us to host Review Board for you? Check out RBCommons: https://rbcommons.com/ Happy user? Let us know! https://www.reviewboard.org/users/ --- You received this message because you are subscribed to the Google Groups "reviewboard" group. To unsubscribe from this group and stop receiving emails from it, send an email to reviewboard+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
