auth/legacy: Use new profile lib for login

author: Rebecca Turner <me@re-becca.org> 2017-09-28 21:30:14 +0300
committer: Rebecca Turner <me@re-becca.org> 2017-10-04 11:08:25 +0300
commit: f97ad6a38412581d059108ea29be470acb4fa510 (patch)
tree: ec8cdcfe00e717a90d6f7670bc53272bf8100b3d
parent: f6ebf5e8bd6a212c7661e248c62c423f2b54d978 (diff)
2 files changed, 53 insertions, 143 deletions
diff --git a/lib/auth/legacy.js b/lib/auth/legacy.js
index 2fa4a26e3..ba1d4da93 100644
--- a/lib/auth/legacy.js
+++ b/lib/auth/legacy.js
@@ -1,142 +1,52 @@
-var log = require('npmlog')
-var npm = require('../npm.js')
-var read = require('read')
-var userValidate = require('npm-user-validate')
-var output = require('../utils/output')
-var chain = require('slide').chain
+'use strict'
+const read = require('../utils/read-user-info.js')
+const profile = require('npm-profile')
+const log = require('npmlog')
+const npm = require('../npm.js')
+const output = require('../utils/output.js')
 
 module.exports.login = function login (creds, registry, scope, cb) {
-  var c = {
-    u: creds.username || '',
-    p: creds.password || '',
-    e: creds.email || ''
-  }
-  var u = {}
-
-  chain([
-    [readUsername, c, u],
-    [readPassword, c, u],
-    [readEmail, c, u],
-    [save, c, u, registry, scope]
-  ], function (err, res) {
-    cb(err, res && res[res.length - 1])
-  })
-}
-
-function readUsername (c, u, cb) {
-  var v = userValidate.username
-  read({prompt: 'Username: ', default: c.u || ''}, function (er, un) {
-    if (er) {
-      return cb(er.message === 'cancelled' ? er.message : er)
-    }
-
-    // make sure it's valid.  we have to do this here, because
-    // couchdb will only ever say "bad password" with a 401 when
-    // you try to PUT a _users record that the validate_doc_update
-    // rejects for *any* reason.
-
-    if (!un) {
-      return readUsername(c, u, cb)
-    }
-
-    var error = v(un)
-    if (error) {
-      log.warn(error.message)
-      return readUsername(c, u, cb)
-    }
-
-    c.changed = c.u !== un
-    u.u = un
-    cb(er)
-  })
-}
-
-function readPassword (c, u, cb) {
-  var v = userValidate.pw
-
-  var prompt
-  if (c.p && !c.changed) {
-    prompt = 'Password: (or leave unchanged) '
-  } else {
-    prompt = 'Password: '
-  }
-
-  read({prompt: prompt, silent: true}, function (er, pw) {
-    if (er) {
-      return cb(er.message === 'cancelled' ? er.message : er)
-    }
-
-    if (!c.changed && pw === '') {
-      // when the username was not changed,
-      // empty response means "use the old value"
-      pw = c.p
-    }
-
-    if (!pw) {
-      return readPassword(c, u, cb)
-    }
-
-    var error = v(pw)
-    if (error) {
-      log.warn(error.message)
-      return readPassword(c, u, cb)
-    }
-
-    c.changed = c.changed || c.p !== pw
-    u.p = pw
-    cb(er)
-  })
-}
-
-function readEmail (c, u, cb) {
-  var v = userValidate.email
-  var r = { prompt: 'Email: (this IS public) ', default: c.e || '' }
-  read(r, function (er, em) {
-    if (er) {
-      return cb(er.message === 'cancelled' ? er.message : er)
-    }
-
-    if (!em) {
-      return readEmail(c, u, cb)
-    }
-
-    var error = v(em)
-    if (error) {
-      log.warn(error.message)
-      return readEmail(c, u, cb)
-    }
-
-    u.e = em
-    cb(er)
-  })
-}
-
-function save (c, u, registry, scope, cb) {
-  var params = {
-    auth: {
-      username: u.u,
-      password: u.p,
-      email: u.e
-    }
-  }
-  npm.registry.adduser(registry, params, function (er, doc) {
-    if (er) return cb(er)
-
-    var newCreds = (doc && doc.token)
-    ? {
-      token: doc.token
-    }
-    : {
-      username: u.u,
-      password: u.p,
-      email: u.e,
-      alwaysAuth: npm.config.get('always-auth')
-    }
-
-    log.info('adduser', 'Authorized user %s', u.u)
-    var scopeMessage = scope ? ' to scope ' + scope : ''
-    output('Logged in as %s%s on %s.', u.u, scopeMessage, registry)
-
+  let username = creds.username || ''
+  let password = creds.password || ''
+  let email = creds.email || ''
+  const auth = {}
+  if (npm.config.get('otp')) auth.otp = npm.config.get('otp')
+
+  return read.username('Username:', username, {log: log}).then((u) => {
+    username = u
+    return read.password('Password: ', password)
+  }).then((p) => {
+    password = p
+    return read.email('Email: (this IS public) ', email, {log: log})
+  }).then((e) => {
+    email = e
+    return profile.login(username, password, {registry: registry, auth: auth}).catch((err) => {
+      if (err.code === 'EOTP') return
+      return profile.adduser(username, email, password, {registry: registry})
+    }).catch((err) => {
+      if (err.code === 'EOTP' && !auth.otp) {
+        return read.otp('Authenicator provided OTP:').then((otp) => {
+          auth.otp = otp
+          return profile.login(username, password, {registry: registry, auth: auth})
+        })
+      } else {
+        throw err
+      }
+    })
+  }).then((result) => {
+    const newCreds = {}
+    if (result && result.token) {
+      newCreds.token = result.token
+    } else {
+      newCreds.username = username
+      newCreds.password = password
+      newCreds.email = email
+      newCreds.alwaysAuth = npm.config.get('always-auth')
+    }
+
+    log.info('adduser', 'Authorized user %s', username)
+    const scopeMessage = scope ? ' to scope ' + scope : ''
+    output('Logged in as %s%s on %s.', username, scopeMessage, registry)
     cb(null, newCreds)
-  })
+  }).catch(cb)
 }
diff --git a/test/tap/adduser-legacy-auth.js b/test/tap/adduser-legacy-auth.js
index 1fc1210ed..67292cf06 100644
--- a/test/tap/adduser-legacy-auth.js
+++ b/test/tap/adduser-legacy-auth.js
@@ -56,14 +56,14 @@ test('npm login', function (t) {
       [
         'login',
         '--registry', common.registry,
-        '--loglevel', 'silent',
+        '--loglevel', 'error',
         '--userconfig', outfile
       ],
       opts,
       function (err, code, stdout, stderr) {
-        t.ifError(err, 'npm ran without issue')
-        t.notOk(code, 'exited OK')
-        t.notOk(stderr, 'no error output')
+        if (err) throw err
+        t.is(code, 0, 'exited OK')
+        t.is(stderr, '', 'no error output')
         var config = fs.readFileSync(outfile, 'utf8')
         t.like(config, /:always-auth=false/, 'always-auth is scoped and false (by default)')
         s.close()
@@ -80,7 +80,7 @@ test('npm login', function (t) {
         remaining--
 
         var label = chunk.toString('utf8').split(':')[0]
-        runner.stdin.write(responses[label])
+        if (responses[label]) runner.stdin.write(responses[label])
 
         if (remaining === 0) runner.stdin.end()
       } else {
author	Rebecca Turner <me@re-becca.org>	2017-09-28 21:30:14 +0300
committer	Rebecca Turner <me@re-becca.org>	2017-10-04 11:08:25 +0300
commit	f97ad6a38412581d059108ea29be470acb4fa510 (patch)
tree	ec8cdcfe00e717a90d6f7670bc53272bf8100b3d
parent	f6ebf5e8bd6a212c7661e248c62c423f2b54d978 (diff)