Skip to content

Commit

Permalink
access: Add support for requiring per-package 2fa
Browse files Browse the repository at this point in the history
Credit: @iarna
PR-URL: #11
  • Loading branch information
iarna committed Jul 13, 2018
1 parent d9ad9ac commit 74e8b00
Show file tree
Hide file tree
Showing 2 changed files with 27 additions and 10 deletions.
7 changes: 7 additions & 0 deletions doc/cli/npm-access.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,9 @@ npm-access(1) -- Set access level on published packages
npm access public [<package>]
npm access restricted [<package>]

npm access 2fa-required [<package>]
npm access 2fa-not-required [<package>]

npm access grant <read-only|read-write> <scope:team> [<package>]
npm access revoke <scope:team> [<package>]

Expand All @@ -24,6 +27,10 @@ subcommand.
* public / restricted:
Set a package to be either publicly accessible or restricted.

* 2fa-required / 2fa-not-required:
Set a package as requiring or not requiring that the publisher have two
factor authentication enabled on their account.

* grant / revoke:
Add or remove the ability of users and teams to have read-only or read-write
access to a package.
Expand Down
30 changes: 20 additions & 10 deletions lib/access.js
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,9 @@ var readPackageJson = require('read-package-json')
var mapToRegistry = require('./utils/map-to-registry.js')
var npm = require('./npm.js')
var output = require('./utils/output.js')
const readUserInfo = require('./utils/read-user-info.js')
const Bluebird = require('bluebird')
const registryAccess = Bluebird.promisify(npm.registry.access.bind(npm.registry))

var whoami = require('./whoami')

Expand All @@ -17,6 +20,8 @@ access.usage =
'npm access restricted [<package>]\n' +
'npm access grant <read-only|read-write> <scope:team> [<package>]\n' +
'npm access revoke <scope:team> [<package>]\n' +
'npm access 2fa-required <package>\n' +
'npm access 2fa-not-required <package>\n' +
'npm access ls-packages [<user>|<scope>|<scope:team>]\n' +
'npm access ls-collaborators [<package> [<user>]]\n' +
'npm access edit [<package>]'
Expand Down Expand Up @@ -61,17 +66,22 @@ function access (args, cb) {

function invokeCmd (err, uri, auth, base) {
if (err) { return cb(err) }
params.auth = auth
try {
return npm.registry.access(cmd, uri, params, function (err, data) {
if (!err && data) {
output(JSON.stringify(data, undefined, 2))
}
cb(err, data)
return Bluebird.try(() => {
params.auth = auth
try {
return registryAccess(cmd, uri, params)
} catch (err) {
throw err.message + '\n\nUsage:\n' + access.usage
}
}).catch(err => {
if (err.code !== 'EOTP') throw err
return readUserInfo.otp('Enter OTP: ').then(otp => {
params.auth.otp = otp
return registryAccess(cmd, uri, params)
})
} catch (e) {
cb(e.message + '\n\nUsage:\n' + access.usage)
}
}).then(data => {
return output(data ? JSON.stringify(data, undefined, 2) : '"ok"')
}).asCallback(cb)
}
}

Expand Down

0 comments on commit 74e8b00

Please sign in to comment.