Add API token env var support, fix env vars (#201)

CHANGELOG

@@ -19,10 +19,14 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - `show_users`: `--sort` option for sorting results by a field.
 - Status messages when fetching data from the Zabbix API in most `show_*` commands.
 - `--limit` option for most `show_*` commands to limit the number of results shown.
+- Environment variable `ZABBIX_API_TOKEN` for logging in with an API token.
 
 ### Fixed
 
 - Markup errors when rendering Zabbix items with keys containing special characters.
+- Environment variables not matching V2 names.
+  - Before: `ZABBIX_CLI_USERNAME`, `ZABBIX_CLI_PASSWORD`
+  - After: `ZABBIX_USERNAME`, `ZABBIX_PASSWORD`
 
 ## 3.0.1
 

README.md

@@ -135,7 +135,6 @@ The JSON output format is always in this format, where `ResultT` is the expected
 
 The type of the `result` field varies based on the command run. For `show_host` it is a single Host object, while for `show_hosts` it is an _array_ of Host objects.
 
-
 ## Configuration
 
 Zabbix-cli needs a config file. This can be created with the `zabbix-cli init` command.
@@ -194,12 +193,13 @@ zabbix-cli open logs
 
 Zabbix-cli provides several ways to authenticate. They are tried in the following order if multiple are set:
 
-1. [API token from config file](#api-token)
-2. [Auth token from auth token file](#auth-token-file)
-3. [Username and password from config file](#config-file)
-4. [Username and password from auth file](#auth-file)
-5. [Username and password from environment variables](#environment-variables)
-6. [Username and password from prompt](#prompt)
+1. [API token from config file](#api-token-config-file)
+2. [API token from environment variables](#api-token-environment-variables)
+3. [Auth token from auth token file](#auth-token-file)
+4. [Username and password from config file](#config-file)
+5. [Username and password from auth file](#auth-file)
+6. [Username and password from environment variables](#environment-variables)
+7. [Username and password from prompt](#prompt)
 
 ### Username and Password
 
@@ -252,25 +252,39 @@ username = "Admin"
 
 ### API token
 
-Zabbix-cli supports authentication with an API token specified directly in the config file:
+API token authentication foregoes the need for a username and password. The token can be an API token created in the web frontend or a user's session token obtained by logging in.
+
+#### API token (config file)
+
+API token can be specified directly in the config file:
 
 ```toml
 [api]
 auth_token = "API_TOKEN"
 ```
 
-### Auth token file
+#### API token (environment variables)
+
+API token can be specified as an environment variable:
+
+```bash
+export ZABBIX_API_TOKEN="API TOKEN"
+```
+
+#### Auth token file
+
+The application can store the session token returned by the Zabbix API when logging in to a file on your computer. The file is then used for subsequent sessions to authenticate with the Zabbix API.
 
-The application can store the auth token returned by the Zabbix API. This is most useful when authenticating with a username and password from a prompt, which would otherwise require you to enter your password every time you start the application.
+This feature useful when authenticating with a username and password from a prompt, which would otherwise require you to enter your password every time you start the application.
 
-The feature can be enabled in the config file:
+The feature is enabled by default in the config file:
 
 ```toml
 [app]
 use_auth_token_file = true
 ```
 
-The location of the auth token file can be changed:
+The location of the auth token file can be changed in the config file:
 
 ```toml
 [app]

docs/guide/authentication.md

@@ -2,12 +2,13 @@
 
 Zabbix-cli provides several ways to authenticate. They are tried in the following order if multiple are set:
 
-1. [API token from config file](#api-token)
-2. [Auth token from auth token file](#auth-token-file)
-3. [Username and password from config file](#config-file)
-4. [Username and password from auth file](#auth-file)
-5. [Username and password from environment variables](#environment-variables)
-6. [Username and password from prompt](#prompt)
+1. [API token from config file](#api-token-config-file)
+2. [API token from environment variables](#api-token-environment-variables)
+3. [Auth token from auth token file](#auth-token-file)
+4. [Username and password from config file](#config-file)
+5. [Username and password from auth file](#auth-file)
+6. [Username and password from environment variables](#environment-variables)
+7. [Username and password from prompt](#prompt)
 
 ## Username and Password
 
@@ -60,18 +61,32 @@ username = "Admin"
 
 ## API token
 
-Zabbix-cli supports authentication with an API token specified directly in the config file:
+API token authentication foregoes the need for a username and password. The token can be an API token created in the web frontend or a user's session token obtained by logging in.
+
+### API token (config file)
+
+API token can be specified directly in the config file:
 
 ```toml
 [api]
 auth_token = "API_TOKEN"
 ```
 
-## Auth token file
+### API token (environment variables)
+
+API token can be specified as an environment variable:
+
+```bash
+export ZABBIX_API_TOKEN="API TOKEN"
+```
+
+### Auth token file
+
+The application can store the session token returned by the Zabbix API when logging in to a file on your computer. The file is then used for subsequent sessions to authenticate with the Zabbix API.
 
-The application can store the auth token returned by the Zabbix API. This is most useful when authenticating with a username and password from a prompt, which would otherwise require you to enter your password every time you start the application.
+This feature useful when authenticating with a username and password from a prompt, which would otherwise require you to enter your password every time you start the application.
 
-The feature can be enabled in the config file:
+The feature is enabled by default in the config file:
 
 ```toml
 [app]

zabbix_cli/auth.py

@@ -84,15 +84,17 @@ def login(self) -> str:
         If multiple methods are available, they are tried in the following order:
 
         1. API token in config file
-        2. API token in file (if `use_auth_token_file=true`)
-        3. Username and password in config file
-        4. Username and password in auth file
-        5. Username and password in environment variables
-        6. Username and password from prompt
+        2. API token in environment variables
+        3. API token in file (if `use_auth_token_file=true`)
+        4. Username and password in config file
+        5. Username and password in auth file
+        6. Username and password in environment variables
+        7. Username and password from prompt
         """
         for func in [
-            self._get_auth_token_from_config,
-            self._get_auth_token_from_file,
+            self._get_auth_token_config,
+            self._get_auth_token_env,
+            self._get_auth_token_file,
             self._get_username_password_config,
             self._get_username_password_auth_file,
             self._get_username_password_env,
@@ -137,6 +139,10 @@ def _get_username_password_env(self) -> Credentials:
             password=os.environ.get(ConfigEnvVars.PASSWORD),
         )
 
+    def _get_auth_token_env(self) -> Credentials:
+        """Get auth token from environment variables."""
+        return Credentials(auth_token=os.environ.get(ConfigEnvVars.API_TOKEN))
+
     def _get_username_password_auth_file(
         self,
     ) -> Credentials:
@@ -161,10 +167,10 @@ def _get_username_password_prompt(
         username, password = prompt_username_password(username=self.config.api.username)
         return Credentials(username=username, password=password)
 
-    def _get_auth_token_from_config(self) -> Credentials:
+    def _get_auth_token_config(self) -> Credentials:
         return Credentials(auth_token=self.config.api.auth_token.get_secret_value())
 
-    def _get_auth_token_from_file(self) -> Credentials:
+    def _get_auth_token_file(self) -> Credentials:
         if not self.config.app.use_auth_token_file:
             logger.debug("Not configured to use auth token file.")
             return Credentials()

zabbix_cli/config/constants.py

@@ -29,8 +29,9 @@
 
 # Environment variable names
 class ConfigEnvVars:
-    USERNAME = "ZABBIX_CLI_USERNAME"
-    PASSWORD = "ZABBIX_CLI_PASSWORD"
+    USERNAME = "ZABBIX_USERNAME"
+    PASSWORD = "ZABBIX_PASSWORD"
+    API_TOKEN = "ZABBIX_API_TOKEN"
 
 
 class OutputFormat(StrEnum):