fix: use --basic-auth option for basic authentication

README.md

@@ -19,6 +19,7 @@ The tool is designed to work with [the OpenUPM registry](https://openupm.com), b
     - [Authenticate with a scoped registry](#authenticate-with-a-scoped-registry)
       - [Using token](#using-token)
       - [Using basic authentication](#using-basic-authentication)
+      - [Always auth](#always-auth)
       - [Windows Subsystem for Linux (WSL)](#windows-subsystem-for-linux-wsl)
       - [Authenticate for the Windows system user](#authenticate-for-the-windows-system-user)
       - [Troubleshooting](#troubleshooting)
@@ -131,18 +132,29 @@ The token is also stored to the `.npmrc` file for convenience.
 
 #### Using basic authentication
 
-Adding `--always-auth` option to use basic authentication.
+Adding `--basic-auth` option to use basic authentication.
 
 ```
-openupm login -u <username> -e <email> -r <registry> -p <password> --always-auth
+openupm login -u <username> -e <email> -r <registry> -p <password> --basic-auth
 
 i.e.
-openupm login -u user1 -e user1@example.com -r http://127.0.0.1:4873 --always-auth
+openupm login -u user1 -e user1@example.com -r http://127.0.0.1:4873 --basic-auth
 ```
 
 Notice that your username and password is not verified during the login command, but simply stored to the .upmconfig.toml file. Because verify the password against your npm server will generate a token, which is not what you want here. Basically, type your password carefully.
 
-The `.npmrc` is not updated for the basic authentication.
+Unlike using the token, `.npmrc` lacks syntax to support multiple registries for basic authentication. Hence, the `.npmrc` is not updated for the basic authentication.
+
+#### Always auth
+
+Adding `--always-auth` option if tarball files hosted on a different domain other than the registry domain.
+
+```
+openupm login -u <username> -e <email> -r <registry> -p <password> --always-auth
+
+i.e.
+openupm login -u user1 -e user1@example.com -r http://127.0.0.1:4873 --always-auth
+```
 
 #### Windows Subsystem for Linux (WSL)
 

lib/cli.js

@@ -89,7 +89,11 @@ program
   .option("-p, --password <password>", "password")
   .option("-e, --email <email>", "email address")
   .option("-r, --registry <url>", "registry url")
-  .option("--always-auth", "use basic authentication instead of token")
+  .option("--basic-auth", "use basic authentication instead of token")
+  .option(
+    "--always-auth",
+    "always auth for tarball hosted on a different domain"
+  )
   .description("authenticate with a scoped registry")
   .action(async function(options) {
     try {

lib/cmd-login.js

@@ -28,8 +28,8 @@ const login = async function(options) {
     });
   let token = null;
   let _auth = null;
-  if (options.alwaysAuth) {
-    // always auth
+  if (options.basicAuth) {
+    // basic auth
     const userPass = `${options.username}:${options.password}`;
     _auth = Buffer.from(userPass).toString("base64");
   } else {
@@ -56,6 +56,7 @@ const login = async function(options) {
   await writeUnityToken({
     _auth,
     alwaysAuth: options.alwaysAuth || false,
+    basicAuth: options.basicAuth || false,
     email: options.email,
     registry: options.parent.registry,
     token
@@ -170,6 +171,7 @@ const validateRegistry = function(value) {
 const writeUnityToken = async function({
   _auth,
   alwaysAuth,
+  basicAuth,
   email,
   registry,
   token
@@ -186,7 +188,7 @@ const writeUnityToken = async function({
     email,
     alwaysAuth
   };
-  if (alwaysAuth) config["npmAuth"][registry]._auth = _auth;
+  if (basicAuth) config["npmAuth"][registry]._auth = _auth;
   else config["npmAuth"][registry].token = token;
   // Write config file
   await saveUpmConfig(config, configDir);