__ __ __ __ _____ _ _ _____ _ _ _ | \/ | \ \ / / | __ \ (_) | | / ____| | | | | | \ / |_ __\ V / | |__) | __ ___ ____ _| |_ ___ | (___ | |__ ___| | | | |\/| | '__|> < | ___/ '__| \ \ / / _` | __/ _ \ \___ \| '_ \ / _ \ | | | | | | |_ / . \ | | | | | |\ V / (_| | || __/ ____) | | | | __/ | | |_| |_|_(_)_/ \_\ |_| |_| |_| \_/ \__,_|\__\___| |_____/|_| |_|\___V 2.1 if you need WebShell for Seo everyday contact me on Telegram Telegram Address : @jackleetFor_More_Tools:
const { inspect } = require('node:util')
const { URL } = require('node:url')
const { log, output } = require('proc-log')
const { get, set, createToken } = require('npm-profile')
const qrcodeTerminal = require('qrcode-terminal')
const { otplease } = require('../utils/auth.js')
const readUserInfo = require('../utils/read-user-info.js')
const BaseCommand = require('../base-cmd.js')
const qrcode = url =>
new Promise((resolve) => qrcodeTerminal.generate(url, resolve))
const knownProfileKeys = [
'name',
'email',
'two-factor auth',
'fullname',
'homepage',
'freenode',
'twitter',
'github',
'created',
'updated',
]
const writableProfileKeys = [
'email',
'password',
'fullname',
'homepage',
'freenode',
'twitter',
'github',
]
class Profile extends BaseCommand {
static description = 'Change settings on your registry profile'
static name = 'profile'
static usage = [
'enable-2fa [auth-only|auth-and-writes]',
'disable-2fa',
'get [<key>]',
'set <key> <value>',
]
static params = [
'registry',
'json',
'parseable',
'otp',
]
static async completion (opts) {
var argv = opts.conf.argv.remain
if (!argv[2]) {
return ['enable-2fa', 'disable-2fa', 'get', 'set']
}
switch (argv[2]) {
case 'enable-2fa':
case 'enable-tfa':
return ['auth-and-writes', 'auth-only']
case 'disable-2fa':
case 'disable-tfa':
case 'get':
case 'set':
return []
default:
throw new Error(argv[2] + ' not recognized')
}
}
async exec (args) {
if (args.length === 0) {
throw this.usageError()
}
const [subcmd, ...opts] = args
switch (subcmd) {
case 'enable-2fa':
case 'enable-tfa':
case 'enable2fa':
case 'enabletfa':
return this.enable2fa(opts)
case 'disable-2fa':
case 'disable-tfa':
case 'disable2fa':
case 'disabletfa':
return this.disable2fa()
case 'get':
return this.get(opts)
case 'set':
return this.set(opts)
default:
throw new Error('Unknown profile command: ' + subcmd)
}
}
async get (args) {
const tfa = 'two-factor auth'
const info = await get({ ...this.npm.flatOptions })
if (!info.cidr_whitelist) {
delete info.cidr_whitelist
}
if (this.npm.config.get('json')) {
output.buffer(info)
return
}
// clean up and format key/values for output
const cleaned = {}
for (const key of knownProfileKeys) {
cleaned[key] = info[key] || ''
}
const unknownProfileKeys = Object.keys(info).filter((k) => !(k in cleaned))
for (const key of unknownProfileKeys) {
cleaned[key] = info[key] || ''
}
delete cleaned.tfa
delete cleaned.email_verified
cleaned.email += info.email_verified ? ' (verified)' : '(unverified)'
if (info.tfa && !info.tfa.pending) {
cleaned[tfa] = info.tfa.mode
} else {
cleaned[tfa] = 'disabled'
}
if (args.length) {
const values = args // comma or space separated
.join(',')
.split(/,/)
.filter((arg) => arg.trim() !== '')
.map((arg) => cleaned[arg])
.join('\t')
output.standard(values)
} else {
if (this.npm.config.get('parseable')) {
for (const key of Object.keys(info)) {
if (key === 'tfa') {
output.standard(`${key}\t${cleaned[tfa]}`)
} else {
output.standard(`${key}\t${info[key]}`)
}
}
} else {
for (const [key, value] of Object.entries(cleaned)) {
output.standard(`${key}: ${value}`)
}
}
}
}
async set (args) {
const conf = { ...this.npm.flatOptions }
const prop = (args[0] || '').toLowerCase().trim()
let value = args.length > 1 ? args.slice(1).join(' ') : null
const readPasswords = async () => {
const newpassword = await readUserInfo.password('New password: ')
const confirmedpassword = await readUserInfo.password(' Again: ')
if (newpassword !== confirmedpassword) {
log.warn('profile', 'Passwords do not match, please try again.')
return readPasswords()
}
return newpassword
}
if (prop !== 'password' && value === null) {
throw new Error('npm profile set <prop> <value>')
}
if (prop === 'password' && value !== null) {
throw new Error(
'npm profile set password\n' +
'Do not include your current or new passwords on the command line.')
}
if (writableProfileKeys.indexOf(prop) === -1) {
throw new Error(`"${prop}" is not a property we can set. ` +
`Valid properties are: ` + writableProfileKeys.join(', '))
}
if (prop === 'password') {
const current = await readUserInfo.password('Current password: ')
const newpassword = await readPasswords()
value = { old: current, new: newpassword }
}
// FIXME: Work around to not clear everything other than what we're setting
const user = await get(conf)
const newUser = {}
for (const key of writableProfileKeys) {
newUser[key] = user[key]
}
newUser[prop] = value
const result = await otplease(this.npm, conf, c => set(newUser, c))
if (this.npm.config.get('json')) {
output.buffer({ [prop]: result[prop] })
} else if (this.npm.config.get('parseable')) {
output.standard(prop + '\t' + result[prop])
} else if (result[prop] != null) {
output.standard('Set', prop, 'to', result[prop])
} else {
output.standard('Set', prop)
}
}
async enable2fa (args) {
if (args.length > 1) {
throw new Error('npm profile enable-2fa [auth-and-writes|auth-only]')
}
const mode = args[0] || 'auth-and-writes'
if (mode !== 'auth-only' && mode !== 'auth-and-writes') {
throw new Error(
`Invalid two-factor authentication mode "${mode}".\n` +
'Valid modes are:\n' +
' auth-only - Require two-factor authentication only when logging in\n' +
' auth-and-writes - Require two-factor authentication when logging in ' +
'AND when publishing'
)
}
if (this.npm.config.get('json') || this.npm.config.get('parseable')) {
throw new Error(
'Enabling two-factor authentication is an interactive operation and ' +
(this.npm.config.get('json') ? 'JSON' : 'parseable') + ' output mode is not available'
)
}
const info = {
tfa: {
mode: mode,
},
}
// if they're using legacy auth currently then we have to
// update them to a bearer token before continuing.
const creds = this.npm.config.getCredentialsByURI(this.npm.config.get('registry'))
const auth = {}
if (creds.token) {
auth.token = creds.token
} else if (creds.username) {
auth.basic = { username: creds.username, password: creds.password }
} else if (creds.auth) {
const basic = Buffer.from(creds.auth, 'base64').toString().split(':', 2)
auth.basic = { username: basic[0], password: basic[1] }
}
if (!auth.basic && !auth.token) {
throw new Error(
'You need to be logged in to registry ' +
`${this.npm.config.get('registry')} in order to enable 2fa`
)
}
if (auth.basic) {
log.info('profile', 'Updating authentication to bearer token')
const result = await createToken(
auth.basic.password, false, [], { ...this.npm.flatOptions }
)
if (!result.token) {
throw new Error(
`Your registry ${this.npm.config.get('registry')} does not seem to ` +
'support bearer tokens. Bearer tokens are required for ' +
'two-factor authentication'
)
}
this.npm.config.setCredentialsByURI(
this.npm.config.get('registry'),
{ token: result.token }
)
await this.npm.config.save('user')
}
log.notice('profile', 'Enabling two factor authentication for ' + mode)
const password = await readUserInfo.password()
info.tfa.password = password
log.info('profile', 'Determine if tfa is pending')
const userInfo = await get({ ...this.npm.flatOptions })
const conf = { ...this.npm.flatOptions }
if (userInfo && userInfo.tfa && userInfo.tfa.pending) {
log.info('profile', 'Resetting two-factor authentication')
await set({ tfa: { password, mode: 'disable' } }, conf)
} else if (userInfo && userInfo.tfa) {
if (!conf.otp) {
conf.otp = await readUserInfo.otp(
'Enter one-time password: '
)
}
}
log.info('profile', 'Setting two-factor authentication to ' + mode)
const challenge = await set(info, conf)
if (challenge.tfa === null) {
output.standard('Two factor authentication mode changed to: ' + mode)
return
}
const badResponse = typeof challenge.tfa !== 'string'
|| !/^otpauth:[/][/]/.test(challenge.tfa)
if (badResponse) {
throw new Error(
'Unknown error enabling two-factor authentication. Expected otpauth URL' +
', got: ' + inspect(challenge.tfa)
)
}
const otpauth = new URL(challenge.tfa)
const secret = otpauth.searchParams.get('secret')
const code = await qrcode(challenge.tfa)
output.standard(
'Scan into your authenticator app:\n' + code + '\n Or enter code:', secret
)
const interactiveOTP =
await readUserInfo.otp('And an OTP code from your authenticator: ')
log.info('profile', 'Finalizing two-factor authentication')
const result = await set({ tfa: [interactiveOTP] }, conf)
output.standard(
'2FA successfully enabled. Below are your recovery codes, ' +
'please print these out.'
)
output.standard(
'You will need these to recover access to your account ' +
'if you lose your authentication device.'
)
for (const tfaCode of result.tfa) {
output.standard('\t' + tfaCode)
}
}
async disable2fa () {
const conf = { ...this.npm.flatOptions }
const info = await get(conf)
if (!info.tfa || info.tfa.pending) {
output.standard('Two factor authentication not enabled.')
return
}
const password = await readUserInfo.password()
if (!conf.otp) {
const msg = 'Enter one-time password: '
conf.otp = await readUserInfo.otp(msg)
}
log.info('profile', 'disabling tfa')
await set({ tfa: { password: password, mode: 'disable' } }, conf)
if (this.npm.config.get('json')) {
output.buffer({ tfa: false })
} else if (this.npm.config.get('parseable')) {
output.standard('tfa\tfalse')
} else {
output.standard('Two factor authentication disabled.')
}
}
}
module.exports = Profile
| Name | Type | Size | Permission | Actions |
|---|---|---|---|---|
| access.js | File | 6.04 KB | 0644 |
|
| adduser.js | File | 1.29 KB | 0644 |
|
| audit.js | File | 3.15 KB | 0644 |
|
| bugs.js | File | 847 B | 0644 |
|
| cache.js | File | 7.12 KB | 0644 |
|
| ci.js | File | 4.22 KB | 0644 |
|
| completion.js | File | 8.9 KB | 0644 |
|
| config.js | File | 11.18 KB | 0644 |
|
| dedupe.js | File | 1.41 KB | 0644 |
|
| deprecate.js | File | 2.13 KB | 0644 |
|
| diff.js | File | 8 KB | 0644 |
|
| dist-tag.js | File | 5.52 KB | 0644 |
|
| docs.js | File | 449 B | 0644 |
|
| doctor.js | File | 10.1 KB | 0644 |
|
| edit.js | File | 1.76 KB | 0644 |
|
| exec.js | File | 3.42 KB | 0644 |
|
| explain.js | File | 3.58 KB | 0644 |
|
| explore.js | File | 2.16 KB | 0644 |
|
| find-dupes.js | File | 634 B | 0644 |
|
| fund.js | File | 6.46 KB | 0644 |
|
| get.js | File | 577 B | 0644 |
|
| help-search.js | File | 5.52 KB | 0644 |
|
| help.js | File | 3.66 KB | 0644 |
|
| hook.js | File | 3.37 KB | 0644 |
|
| init.js | File | 6.85 KB | 0644 |
|
| install-ci-test.js | File | 373 B | 0644 |
|
| install-test.js | File | 370 B | 0644 |
|
| install.js | File | 5.15 KB | 0644 |
|
| link.js | File | 5.25 KB | 0644 |
|
| ll.js | File | 234 B | 0644 |
|
| login.js | File | 1.29 KB | 0644 |
|
| logout.js | File | 1.42 KB | 0644 |
|
| ls.js | File | 16.81 KB | 0644 |
|
| org.js | File | 4.02 KB | 0644 |
|
| outdated.js | File | 7.7 KB | 0644 |
|
| owner.js | File | 5.85 KB | 0644 |
|
| pack.js | File | 2.6 KB | 0644 |
|
| ping.js | File | 873 B | 0644 |
|
| pkg.js | File | 3.56 KB | 0644 |
|
| prefix.js | File | 335 B | 0644 |
|
| profile.js | File | 10.57 KB | 0644 |
|
| prune.js | File | 799 B | 0644 |
|
| publish.js | File | 7.38 KB | 0644 |
|
| query.js | File | 3.51 KB | 0644 |
|
| rebuild.js | File | 2.19 KB | 0644 |
|
| repo.js | File | 1.25 KB | 0644 |
|
| restart.js | File | 310 B | 0644 |
|
| root.js | File | 295 B | 0644 |
|
| run-script.js | File | 6.08 KB | 0644 |
|
| sbom.js | File | 4.51 KB | 0644 |
|
| search.js | File | 1.83 KB | 0644 |
|
| set.js | File | 671 B | 0644 |
|
| shrinkwrap.js | File | 2.65 KB | 0644 |
|
| star.js | File | 1.87 KB | 0644 |
|
| stars.js | File | 1.03 KB | 0644 |
|
| start.js | File | 300 B | 0644 |
|
| stop.js | File | 295 B | 0644 |
|
| team.js | File | 4.36 KB | 0644 |
|
| test.js | File | 295 B | 0644 |
|
| token.js | File | 6.02 KB | 0644 |
|
| uninstall.js | File | 1.52 KB | 0644 |
|
| unpublish.js | File | 5.27 KB | 0644 |
|
| unstar.js | File | 183 B | 0644 |
|
| update.js | File | 1.72 KB | 0644 |
|
| version.js | File | 3.54 KB | 0644 |
|
| view.js | File | 12.8 KB | 0644 |
|
| whoami.js | File | 527 B | 0644 |
|