diff options
| author | Rebecca Turner <me@re-becca.org> | 2017-10-04 11:04:25 +0300 |
|---|---|---|
| committer | Rebecca Turner <me@re-becca.org> | 2017-10-04 11:08:41 +0300 |
| commit | 346a34260b5fba7de62717135f3e083cc4820853 (patch) | |
| tree | cca78fa4efcccc8718ec887cf0703434c9504c2c | |
| parent | 8af91528ce6277cd3a8c7ca8c8102671baf10d2f (diff) | |
publish: Prompt for OTP when required and we have a TTY
| -rw-r--r-- | doc/cli/npm-publish.md | 8 | ||||
| -rw-r--r-- | lib/publish.js | 9 |
2 files changed, 16 insertions, 1 deletions
diff --git a/doc/cli/npm-publish.md b/doc/cli/npm-publish.md index 892786b61..7e173ec00 100644 --- a/doc/cli/npm-publish.md +++ b/doc/cli/npm-publish.md @@ -4,7 +4,7 @@ npm-publish(1) -- Publish a package ## SYNOPSIS - npm publish [<tarball>|<folder>] [--tag <tag>] [--access <public|restricted>] + npm publish [<tarball>|<folder>] [--tag <tag>] [--access <public|restricted>] [--otp otpcode] Publishes '.' if no argument supplied Sets tag 'latest' if no --tag specified @@ -41,6 +41,11 @@ specifying a different default registry or using a `npm-scope(7)` in the name If you don't have a paid account, you must publish with `--access public` to publish scoped packages. +* `[--otp <otpcode>]` + If you have two-factor authentication enabled in `auth-and-writes` mode + then you can provide a code from your authenticator with this. If you + don't include this and you're running from a TTY then you'll be prompted. + Fails if the package name and version combination already exists in the specified registry. @@ -65,3 +70,4 @@ packs them into a tarball to be uploaded to the registry. * npm-deprecate(1) * npm-dist-tag(1) * npm-pack(1) +* npm-profile(1) diff --git a/lib/publish.js b/lib/publish.js index 5d99bfd08..bf60e1d5a 100644 --- a/lib/publish.js +++ b/lib/publish.js @@ -21,6 +21,7 @@ const readJson = BB.promisify(require('read-package-json')) const semver = require('semver') const statAsync = BB.promisify(require('graceful-fs').stat) const writeStreamAtomic = require('fs-write-stream-atomic') +const readUserInfo = require('./utils/read-user-info.js') publish.usage = 'npm publish [<tarball>|<folder>] [--tag <tag>] [--access <public|restricted>]' + "\n\nPublishes '.' if no argument supplied" + @@ -199,5 +200,13 @@ function upload (arg, pkg, isRetry, cached) { throw err } }) + }).catch((err) => { + if (err.code !== 'EOTP' && !(err.code === 'E401' && /one-time pass/.test(err.message))) throw err + // we prompt on stdout and read answers from stdin, so they need to be ttys. + if (!process.stdin.isTTY || !process.stdout.isTTY) throw err + return readUserInfo.otp('Enter OTP: ').then((otp) => { + npm.config.set('otp', otp) + return upload(arg, pkg, isRetry, cached) + }) }) } |