appcfg.py shows You must be logged in as an administrator

Question

When I try to upload a sample csv data to my GAE app through appcfg.py, it shows the below 401 error.

2015-11-04 10:44:41,820 INFO client.py:571         


        

Answer 1

You must have an oauth token for a google account that is not an admin of that project. Try passing the --no_cookies flag so that it prompts for authentication again.

Answer 2

You cannot use the appcfg.py upload_data command with the development server [edit: as is; see Josh J's answer]. It only works with the remote_api endpoint running on App Engine and authenticated with OAuth2.

An easy way to load data into the dev server's datastore is to create an endpoint that reads a CSV file and creates the appropriate datastore entities, then hit it with the browser. (Be sure to remove the endpoint before deploying the app, or restrict access to the URL with login: admin.)

Answer 3

Maybe this has something to do with it? From the docs

Connecting your app to the local development server

To use the local development server for your app running locally, you need to do the following:

Set environment variables. Add or modify your app's Datastore connection code. Setting environment variables

Create an environment variable DATASTORE_HOST and set it to the host and port on which the local development server is listening. The default host and port is http://localhost:8080. (Note: If you use the port and/or host command line arguments to change these defaults, be sure to adjust DATASTORE_HOST accordingly.) The following bash shell example shows how to set this variable:

export DATASTORE_HOST=http://localhost:8080 Create an environment variable named DATASTORE_DATASET and set it to your dataset ID, as shown in the following bash shell example:

export DATASTORE_DATASET= Note: Both the Python and Java client libraries look for the environment variables DATASTORE_HOST and DATASTORE_DATASET.

Link to Docs

https://cloud.google.com/datastore/docs/tools/devserver

Answer 4

This is how we do it in order to use custom authentication.

Custom handler in app.yaml

- url: /remoteapi.*
  script: remote_api.app

Custom wsgi app in remote_api.py to override CheckIsAdmin

from google.appengine.ext.remote_api import handler
from google.appengine.ext import webapp
import re

MY_SECRET_KEY = 'MAKE UP PASSWORD HERE'  # make one up, use the same one in the shell command
cookie_re = re.compile('^"?([^:]+):.*"?$')


class ApiCallHandler(handler.ApiCallHandler):
    def CheckIsAdmin(self):
        """Determine if admin access should be granted based on the
           auth cookie passed with the request."""
        login_cookie = self.request.cookies.get('dev_appserver_login', '')
        match = cookie_re.search(login_cookie)
        if (match and match.group(1) == MY_SECRET_KEY
            and 'X-appcfg-api-version' in self.request.headers):
            return True
        else:
            self.redirect('/_ah/login')
            return False


app = webapp.WSGIApplication([('.*', ApiCallHandler)])

From here we script the uploading of data that was exported from our live app. Use the same password that you made up in the python script above.

echo "MAKE UP PASSWORD HERE" | appcfg.py upload_data --email=some@example.org --passin --url=http://localhost:8080/remoteapi --num_threads=4 --kind=WebHook --filename=webhook.data --db_filename=bulkloader-progress-webhook.sql3

WebHook and webhook.data are specific to the Kind that we exported from production.

Answer 5

I had a similar issue, where appcfg.py was not giving me any credentials dialog, so I could not authenticate. I downgraded from GAELauncher 1.27 to 1.26, and the authentication started working again.

Temporary solution: go to https://console.developers.google.com/storage/browser/appengine-sdks/featured/ to get version 1.9.26

Submitted bug report: https://code.google.com/p/google-cloud-sdk/issues/detail?id=340