def logout(token):
"""
Log out of Prefect Cloud
This will remove your cached authentication from disk.
"""
client = Client()
# Log out of API keys unless given the token flag
if client.api_key and not token:
# Check the source of the API key
abort_on_config_api_key(
"To log out, remove the config key `prefect.cloud.api_key`")
click.confirm(
"Are you sure you want to log out of Prefect Cloud? "
"This will remove your API key from this machine.",
default=False,
abort=True,
)
# Clear the key and tenant id then write to the cache
client.api_key = ""
client._tenant_id = ""
client.save_auth_to_disk()
click.secho("Logged out of Prefect Cloud", fg="green")
else:
raise TerminalError("You are not logged in to Prefect Cloud. "
"Use `prefect auth login` to log in first.")
def login(key):
"""
Login to Prefect Cloud
Create an API key in the UI then login with it here:
$ prefect auth login -k YOUR-KEY
You will be switched to the default tenant associated with the key. After login,
your available tenants can be seen with `prefect auth list-tenants` and you can
change the default tenant on this machine using `prefect auth switch-tenants`.
The given key will be stored on disk for later access. Prefect will default to using
this key for all interaction with the API but frequently overrides can be passed to
individual commands or functions. To remove your key from disk, see
`prefect auth logout`.
"""
if not key:
raise TerminalError("You must supply an API key!")
abort_on_config_api_key(
"To log in with the CLI, remove the config key `prefect.cloud.api_key`"
)
# Ignore any tenant id that has been previously set via login
client = Client(api_key=key)
client._tenant_id = None
try:
tenant_id = client._get_auth_tenant()
except AuthorizationError:
raise TerminalError("Unauthorized. Invalid Prefect Cloud API key.")
except ClientError:
raise TerminalError(
"Error attempting to communicate with Prefect Cloud.")
else:
client.tenant_id = tenant_id
client.save_auth_to_disk()
tenant = TenantView.from_tenant_id(tenant_id)
click.secho(
f"Logged in to Prefect Cloud tenant {tenant.name!r} ({tenant.slug})",
fg="green",
)
return
def logout(token):
"""
Log out of Prefect Cloud
This will remove your cached authentication from disk.
"""
client = Client()
# Log out of API keys unless given the token flag
if client.api_key and not token:
# Check the source of the API key
abort_on_config_api_key(
"To log out, remove the config key `prefect.cloud.api_key`")
click.confirm(
"Are you sure you want to log out of Prefect Cloud? "
"This will remove your API key from this machine.",
default=False,
abort=True,
)
# Clear the key and tenant id then write to the cache
client.api_key = ""
client._tenant_id = ""
client.save_auth_to_disk()
click.secho("Logged out of Prefect Cloud", fg="green")
elif client._api_token:
check_override_auth_token()
tenant_id = client.active_tenant_id
if not tenant_id:
click.confirm(
"Are you sure you want to log out of Prefect Cloud? "
"This will remove your API token from this machine.",
default=False,
abort=True,
)
# Remove the token from local storage by writing blank settings
client._save_local_settings({})
click.secho("Logged out of Prefect Cloud", fg="green")
else:
# Log out of the current tenant (dropping the access token) while retaining
# the API token. This is backwards compatible behavior. Running the logout
# command twice will remove the token from storage entirely
click.confirm(
"Are you sure you want to log out of your current Prefect Cloud tenant?",
default=False,
abort=True,
)
client.logout_from_tenant()
click.secho(
f"Logged out from tenant {tenant_id}. Run `prefect auth logout` again "
"to delete your API token.",
fg="green",
)
else:
raise TerminalError("You are not logged in to Prefect Cloud. "
"Use `prefect auth login` to log in first.")
