Skip to content

Commit

Permalink
fix: delete auth from proper location on logout
Browse files Browse the repository at this point in the history
  • Loading branch information
wraithgar committed Oct 12, 2023
1 parent ef69d36 commit 8423d4f
Show file tree
Hide file tree
Showing 2 changed files with 22 additions and 19 deletions.
9 changes: 6 additions & 3 deletions lib/commands/logout.js
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,9 @@ class Logout extends BaseCommand {

const auth = getAuth(reg, this.npm.flatOptions)

const level = this.npm.config.find(`${auth.regKey}:${auth.authKey}`)

// find the config level and only delete from there
if (auth.token) {
log.verbose('logout', `clearing token for ${reg}`)
await npmFetch(`/-/user/token/${encodeURIComponent(auth.token)}`, {
Expand All @@ -34,12 +37,12 @@ class Logout extends BaseCommand {
}

if (scope) {
this.npm.config.delete(regRef, 'user')
this.npm.config.delete(regRef, level)
}

this.npm.config.clearCredentialsByURI(reg)
this.npm.config.clearCredentialsByURI(reg, level)

await this.npm.config.save('user')
await this.npm.config.save(level)
}
}
module.exports = Logout
32 changes: 16 additions & 16 deletions workspaces/config/lib/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -774,29 +774,29 @@ class Config {
await chmod(conf.source, mode)
}

clearCredentialsByURI (uri) {
clearCredentialsByURI (uri, level = 'user') {
const nerfed = nerfDart(uri)
const def = nerfDart(this.get('registry'))
if (def === nerfed) {
this.delete(`-authtoken`, 'user')
this.delete(`_authToken`, 'user')
this.delete(`_authtoken`, 'user')
this.delete(`_auth`, 'user')
this.delete(`_password`, 'user')
this.delete(`username`, 'user')
this.delete(`-authtoken`, level)
this.delete(`_authToken`, level)
this.delete(`_authtoken`, level)
this.delete(`_auth`, level)
this.delete(`_password`, level)
this.delete(`username`, level)
// de-nerf email if it's nerfed to the default registry
const email = this.get(`${nerfed}:email`, 'user')
const email = this.get(`${nerfed}:email`, level)
if (email) {
this.set('email', email, 'user')
this.set('email', email, level)
}
}
this.delete(`${nerfed}:_authToken`, 'user')
this.delete(`${nerfed}:_auth`, 'user')
this.delete(`${nerfed}:_password`, 'user')
this.delete(`${nerfed}:username`, 'user')
this.delete(`${nerfed}:email`, 'user')
this.delete(`${nerfed}:certfile`, 'user')
this.delete(`${nerfed}:keyfile`, 'user')
this.delete(`${nerfed}:_authToken`, level)
this.delete(`${nerfed}:_auth`, level)
this.delete(`${nerfed}:_password`, level)
this.delete(`${nerfed}:username`, level)
this.delete(`${nerfed}:email`, level)
this.delete(`${nerfed}:certfile`, level)
this.delete(`${nerfed}:keyfile`, level)
}

setCredentialsByURI (uri, { token, username, password, email, certfile, keyfile }) {
Expand Down

0 comments on commit 8423d4f

Please sign in to comment.