Start GitHub login logout commands

package.json

@@ -67,7 +67,6 @@
     "flush-write-stream": "^1.0.3",
     "folder-walker": "^3.1.0",
     "from2-array": "0.0.4",
-    "ghauth": "^3.2.1",
     "git-remote-origin-url": "^2.0.0",
     "git-repo-info": "^2.0.0",
     "hasha": "^3.0.0",

src/commands/login/github.js

@@ -0,0 +1,36 @@
+const Command = require('../../base')
+const renderShortDesc = require('../../utils/renderShortDescription')
+const ghauth = require('../../utils/gh-auth')
+const version = require('../../../package.json').version
+const os = require('os')
+
+const UA = 'Netlify CLI ' + version
+
+class LoginGithubCommand extends Command {
+  async run() {
+    // const { flags, args } = this.parse(LoginCommand)
+
+    if (this.global.get('ghauth')) {
+      this.error(`Already logged in as ${this.global.get('ghauth.user')}`)
+    }
+
+    try {
+      const newToken = await ghauth({
+        scopes: ['admin:org', 'admin:public_key', 'repo', 'user'],
+        userAgent: UA,
+        note: `Netlify CLI ${os.userInfo().username}@${os.hostname()}`
+      })
+      this.global.set('ghauth', newToken)
+    } catch (e) {
+      this.error(e.message)
+    }
+
+    return this.exit()
+  }
+}
+
+LoginGithubCommand.description = `${renderShortDesc('Login to your Netlify account')}
+
+Opens a web browser to acquire an OAuth token.`
+
+module.exports = LoginGithubCommand

src/commands/login.js → src/commands/login/index.js

@@ -1,5 +1,5 @@
-const Command = require('../base')
-const renderShortDesc = require('../utils/renderShortDescription')
+const Command = require('../../base')
+const renderShortDesc = require('../../utils/renderShortDescription')
 
 class LoginCommand extends Command {
   async run() {
@@ -9,7 +9,7 @@ class LoginCommand extends Command {
       this.error('Already logged in')
     }
 
-    await this.authenticate()
+    // TODO Log in actually.
 
     return this.exit()
   }

src/commands/logout/github.js

@@ -0,0 +1,18 @@
+const Command = require('../../base')
+const renderShortDesc = require('../../utils/renderShortDescription')
+
+class LogoutGithubCommand extends Command {
+  async run() {
+    if (this.global.get('ghauth')) {
+      const loggedInUser = this.global.get('ghauth.user')
+      this.global.delete('ghauth')
+      this.log(`Logging ${loggedInUser} out of Github`)
+    } else {
+      this.log(`Already logged out of Github`)
+    }
+  }
+}
+
+LogoutGithubCommand.description = `${renderShortDesc('Logout of your Github account')}`
+
+module.exports = LogoutGithubCommand

src/commands/logout.js → src/commands/logout/index.js

@@ -1,5 +1,5 @@
-const Command = require('../base')
-const renderShortDesc = require('../utils/renderShortDescription')
+const Command = require('../../base')
+const renderShortDesc = require('../../utils/renderShortDescription')
 
 class LogoutCommand extends Command {
   async run() {

src/utils/gh-auth.js

@@ -0,0 +1,82 @@
+// A simple ghauth inspired library for getting a personal access token
+const kit = require('@octokit/rest')
+const inquirer = require('inquirer')
+const get = require('lodash.get')
+
+module.exports = createGithubPAT
+
+async function createGithubPAT(opts) {
+  opts = Object.assign(
+    {
+      userAgent: 'Netlify-cli-octokit',
+      note: 'Netlify-cli-gh-auth',
+      scopes: []
+    },
+    opts
+  )
+  const octokit = kit() // function local client
+
+  const { username, password } = await inquirer.prompt([
+    {
+      type: 'input',
+      name: 'username',
+      message: 'Your GitHub username:',
+      filter: input => input.trim()
+    },
+    {
+      type: 'password',
+      name: 'password',
+      message: 'Your GitHub password:',
+      mask: '*',
+      filter: input => input.trim()
+    }
+  ])
+
+  // configure basic auth
+  octokit.authenticate({
+    type: 'basic',
+    username,
+    password
+  })
+
+  let response
+  try {
+    response = await octokit.authorization.create({
+      note: opts.note + ' (' + new Date().toJSON() + ')',
+      scopes: opts.scopes,
+      headers: {
+        'User-Agent': opts.userAgent
+      }
+    })
+  } catch (e) {
+    var otpHeader = e.headers['x-github-otp']
+    if (otpHeader && otpHeader.includes('required')) {
+      const { otp } = await inquirer.prompt([
+        {
+          type: 'input',
+          name: 'otp',
+          message: 'Your GitHub OTP/2FA Code:',
+          filter: input => input.trim()
+        }
+      ])
+      response = await octokit.authorization.create({
+        note: opts.note + ' (' + new Date().toJSON() + ')',
+        scopes: opts.scopes,
+        headers: {
+          'x-github-otp': otp || null,
+          'User-Agent': opts.userAgent
+        }
+      })
+    } else {
+      throw e
+    }
+  }
+
+  if (get(response, 'data.token')) {
+    return { user: username, token: get(response, 'data.token') }
+  } else {
+    const error = new Error('Github authentication failed')
+    error.response = response
+    throw error
+  }
+}

src/utils/init/config-github.js

@@ -1,7 +1,6 @@
-const promisify = require('util.promisify')
-const ghauth = promisify(require('ghauth'))
 const version = require('../../../package.json').version
 const os = require('os')
+const ghauth = require('../../utils/gh-auth')
 const octokit = require('@octokit/rest')()
 const parseGitRemote = require('parse-github-url')
 const inquirer = require('inquirer')
@@ -14,7 +13,6 @@ async function configGithub(ctx, site, repo) {
 
   if (!ghtoken) {
     const newToken = await ghauth({
-      noSave: true,
       scopes: ['admin:org', 'admin:public_key', 'repo', 'user'],
       userAgent: UA,
       note: `Netlify CLI ${os.userInfo().username}@${os.hostname()}`