diff options
author | Rebecca Turner <me@re-becca.org> | 2017-09-28 21:30:14 +0300 |
---|---|---|
committer | Rebecca Turner <me@re-becca.org> | 2017-10-04 11:08:25 +0300 |
commit | f97ad6a38412581d059108ea29be470acb4fa510 (patch) | |
tree | ec8cdcfe00e717a90d6f7670bc53272bf8100b3d | |
parent | f6ebf5e8bd6a212c7661e248c62c423f2b54d978 (diff) |
auth/legacy: Use new profile lib for login
-rw-r--r-- | lib/auth/legacy.js | 186 | ||||
-rw-r--r-- | test/tap/adduser-legacy-auth.js | 10 |
2 files changed, 53 insertions, 143 deletions
diff --git a/lib/auth/legacy.js b/lib/auth/legacy.js index 2fa4a26e3..ba1d4da93 100644 --- a/lib/auth/legacy.js +++ b/lib/auth/legacy.js @@ -1,142 +1,52 @@ -var log = require('npmlog') -var npm = require('../npm.js') -var read = require('read') -var userValidate = require('npm-user-validate') -var output = require('../utils/output') -var chain = require('slide').chain +'use strict' +const read = require('../utils/read-user-info.js') +const profile = require('npm-profile') +const log = require('npmlog') +const npm = require('../npm.js') +const output = require('../utils/output.js') module.exports.login = function login (creds, registry, scope, cb) { - var c = { - u: creds.username || '', - p: creds.password || '', - e: creds.email || '' - } - var u = {} - - chain([ - [readUsername, c, u], - [readPassword, c, u], - [readEmail, c, u], - [save, c, u, registry, scope] - ], function (err, res) { - cb(err, res && res[res.length - 1]) - }) -} - -function readUsername (c, u, cb) { - var v = userValidate.username - read({prompt: 'Username: ', default: c.u || ''}, function (er, un) { - if (er) { - return cb(er.message === 'cancelled' ? er.message : er) - } - - // make sure it's valid. we have to do this here, because - // couchdb will only ever say "bad password" with a 401 when - // you try to PUT a _users record that the validate_doc_update - // rejects for *any* reason. - - if (!un) { - return readUsername(c, u, cb) - } - - var error = v(un) - if (error) { - log.warn(error.message) - return readUsername(c, u, cb) - } - - c.changed = c.u !== un - u.u = un - cb(er) - }) -} - -function readPassword (c, u, cb) { - var v = userValidate.pw - - var prompt - if (c.p && !c.changed) { - prompt = 'Password: (or leave unchanged) ' - } else { - prompt = 'Password: ' - } - - read({prompt: prompt, silent: true}, function (er, pw) { - if (er) { - return cb(er.message === 'cancelled' ? er.message : er) - } - - if (!c.changed && pw === '') { - // when the username was not changed, - // empty response means "use the old value" - pw = c.p - } - - if (!pw) { - return readPassword(c, u, cb) - } - - var error = v(pw) - if (error) { - log.warn(error.message) - return readPassword(c, u, cb) - } - - c.changed = c.changed || c.p !== pw - u.p = pw - cb(er) - }) -} - -function readEmail (c, u, cb) { - var v = userValidate.email - var r = { prompt: 'Email: (this IS public) ', default: c.e || '' } - read(r, function (er, em) { - if (er) { - return cb(er.message === 'cancelled' ? er.message : er) - } - - if (!em) { - return readEmail(c, u, cb) - } - - var error = v(em) - if (error) { - log.warn(error.message) - return readEmail(c, u, cb) - } - - u.e = em - cb(er) - }) -} - -function save (c, u, registry, scope, cb) { - var params = { - auth: { - username: u.u, - password: u.p, - email: u.e - } - } - npm.registry.adduser(registry, params, function (er, doc) { - if (er) return cb(er) - - var newCreds = (doc && doc.token) - ? { - token: doc.token - } - : { - username: u.u, - password: u.p, - email: u.e, - alwaysAuth: npm.config.get('always-auth') - } - - log.info('adduser', 'Authorized user %s', u.u) - var scopeMessage = scope ? ' to scope ' + scope : '' - output('Logged in as %s%s on %s.', u.u, scopeMessage, registry) - + let username = creds.username || '' + let password = creds.password || '' + let email = creds.email || '' + const auth = {} + if (npm.config.get('otp')) auth.otp = npm.config.get('otp') + + return read.username('Username:', username, {log: log}).then((u) => { + username = u + return read.password('Password: ', password) + }).then((p) => { + password = p + return read.email('Email: (this IS public) ', email, {log: log}) + }).then((e) => { + email = e + return profile.login(username, password, {registry: registry, auth: auth}).catch((err) => { + if (err.code === 'EOTP') return + return profile.adduser(username, email, password, {registry: registry}) + }).catch((err) => { + if (err.code === 'EOTP' && !auth.otp) { + return read.otp('Authenicator provided OTP:').then((otp) => { + auth.otp = otp + return profile.login(username, password, {registry: registry, auth: auth}) + }) + } else { + throw err + } + }) + }).then((result) => { + const newCreds = {} + if (result && result.token) { + newCreds.token = result.token + } else { + newCreds.username = username + newCreds.password = password + newCreds.email = email + newCreds.alwaysAuth = npm.config.get('always-auth') + } + + log.info('adduser', 'Authorized user %s', username) + const scopeMessage = scope ? ' to scope ' + scope : '' + output('Logged in as %s%s on %s.', username, scopeMessage, registry) cb(null, newCreds) - }) + }).catch(cb) } diff --git a/test/tap/adduser-legacy-auth.js b/test/tap/adduser-legacy-auth.js index 1fc1210ed..67292cf06 100644 --- a/test/tap/adduser-legacy-auth.js +++ b/test/tap/adduser-legacy-auth.js @@ -56,14 +56,14 @@ test('npm login', function (t) { [ 'login', '--registry', common.registry, - '--loglevel', 'silent', + '--loglevel', 'error', '--userconfig', outfile ], opts, function (err, code, stdout, stderr) { - t.ifError(err, 'npm ran without issue') - t.notOk(code, 'exited OK') - t.notOk(stderr, 'no error output') + if (err) throw err + t.is(code, 0, 'exited OK') + t.is(stderr, '', 'no error output') var config = fs.readFileSync(outfile, 'utf8') t.like(config, /:always-auth=false/, 'always-auth is scoped and false (by default)') s.close() @@ -80,7 +80,7 @@ test('npm login', function (t) { remaining-- var label = chunk.toString('utf8').split(':')[0] - runner.stdin.write(responses[label]) + if (responses[label]) runner.stdin.write(responses[label]) if (remaining === 0) runner.stdin.end() } else { |