From 6e9f04b0baed007169d4e0c341f097cf133debf7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20K=C3=BChl?= Date: Fri, 3 Aug 2018 18:05:29 +0200 Subject: [PATCH] config: Search for authentication token defined by environment variable (#8) As discussed on npm.community[1], the fact that npm registry authentication tokens cannot be defined using environment variables does not seem justified anymore. The restriction is caused by the config loader translating * all `_` to `-` * the whole variable name to lowercase while the credential checker expects a key ending in `:_authToken`. This change fixes the problem by having the credential checker try a key ending in `:-authtoken` after it tried `:_authToken`. Fixes: https://npm.community/t/233 Fixes: npm/npm#15565 PR-URL: https://github.com/npm/cli/pull/8 Credit: @mkhl Reviewed-By: @zkat --- lib/config/get-credentials-by-uri.js | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/lib/config/get-credentials-by-uri.js b/lib/config/get-credentials-by-uri.js index 5e672696b2e53..21926c6865993 100644 --- a/lib/config/get-credentials-by-uri.js +++ b/lib/config/get-credentials-by-uri.js @@ -34,6 +34,12 @@ function getCredentialsByURI (uri) { return c } + if (this.get(nerfed + ':-authtoken')) { + c.token = this.get(nerfed + ':-authtoken') + // the bearer token is enough, don't confuse things + return c + } + // Handle the old-style _auth= style for the default // registry, if set. var authDef = this.get('_auth')