alks

Version:

CLI for working with ALKS

59 lines (49 loc) • 2.04 kB

text/typescript

import { white } from 'cli-color'; import { isEmpty } from 'underscore'; import { getCredentialsFromProcess } from '../getCredentialsFromProcess'; import { getEnvironmentVariableSecretWarning } from '../getEnvironmentVariableSecretWarning'; import { getPasswordFromKeystore } from '../getPasswordFromKeystore'; import { log } from '../log'; import program from '../program'; import { storePassword } from '../storePassword'; const PASSWORD_ENV_VAR_NAME = 'ALKS_PASSWORD'; let cachedPassword: string | undefined; export async function getPassword(): Promise<string | undefined> { const passwordOption = program.opts().password; if (passwordOption) { log('using password from CLI arg'); console.error( 'Warning: Passing secrets via cli options is unsafe. Please instead run `alks developer configure`, `alks-developer-login`, or set the ALKS_PASSWORD environment variable' ); return passwordOption; } const passwordFromEnv = process.env[PASSWORD_ENV_VAR_NAME]; if (!isEmpty(passwordFromEnv)) { console.error(getEnvironmentVariableSecretWarning(PASSWORD_ENV_VAR_NAME)); log('using password from environment variable'); return passwordFromEnv as string; } const credentialProcessResult = await getCredentialsFromProcess(); if (credentialProcessResult.password) { log('using password from credential_process'); return credentialProcessResult.password; } const passwordFromKeystore = await getPasswordFromKeystore(); if (passwordFromKeystore) { log('using stored password'); return passwordFromKeystore; } if (cachedPassword) { log('using cached password'); return cachedPassword; } return undefined; } export async function setPassword(password: string) { await storePassword(password); console.error(white('Password saved!')); } // Allows temporarily setting a password so that actions like configuring developer can work without having to save your password export function cachePassword(password: string): void { cachedPassword = password; }