From 6307465ec8cde2acff065290cdb38a940486309e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kat=20March=C3=A1n?= <kzm@zkat.tech>
Date: Tue, 19 Mar 2019 14:50:07 -0700
Subject: [PATCH] token: fix otp for create and remove

Fixes: https://npm.community/t/npm-token-create-doesnt-work-in-6-6-0-6-9-0/6259
Credit: @zkat
---
 lib/token.js | 29 +++++++++++++----------------
 1 file changed, 13 insertions(+), 16 deletions(-)

diff --git a/lib/token.js b/lib/token.js
index 326f98ec7ef87..47ded2b3a4784 100644
--- a/lib/token.js
+++ b/lib/token.js
@@ -5,6 +5,7 @@ const npm = require('./npm.js')
 const figgyPudding = require('figgy-pudding')
 const npmConfig = require('./config/figgy-config.js')
 const output = require('./utils/output.js')
+const otplease = require('./utils/otplease.js')
 const Table = require('cli-table3')
 const Bluebird = require('bluebird')
 const isCidrV4 = require('is-cidr').v4
@@ -80,6 +81,7 @@ function generateTokenIds (tokens, minLength) {
 }
 
 const TokenConfig = figgyPudding({
+  auth: {},
   registry: {},
   otp: {},
   cidr: {},
@@ -185,13 +187,11 @@ function rm (args) {
       }
     })
     return Bluebird.map(toRemove, (key) => {
-      return profile.removeToken(key, conf).catch((ex) => {
-        if (ex.code !== 'EOTP') throw ex
-        log.info('token', 'failed because revoking this token requires OTP')
-        return readUserInfo.otp().then((otp) => {
-          conf.auth.otp = otp
-          return profile.removeToken(key, conf)
-        })
+      return otplease(conf, conf => {
+        if (conf.otp) {
+          conf.auth.otp = conf.otp
+        }
+        return profile.removeToken(key, conf)
       })
     })
   })).then(() => {
@@ -213,15 +213,12 @@ function create (args) {
   const validCIDR = validateCIDRList(cidr)
   return readUserInfo.password().then((password) => {
     log.info('token', 'creating')
-    return profile.createToken(password, readonly, validCIDR, conf).catch((ex) => {
-      if (ex.code !== 'EOTP') throw ex
-      log.info('token', 'failed because it requires OTP')
-      return readUserInfo.otp().then((otp) => {
-        conf.auth.otp = otp
-        log.info('token', 'creating with OTP')
-        return pulseTillDone.withPromise(profile.createToken(password, readonly, validCIDR, conf))
-      })
-    })
+    return pulseTillDone.withPromise(otplease(conf, conf => {
+      if (conf.otp) {
+        conf.auth.otp = conf.otp
+      }
+      return profile.createToken(password, readonly, validCIDR, conf)
+    }))
   }).then((result) => {
     delete result.key
     delete result.updated