Next: What are the alternatives to Basic authentication, Previous: How Basic authentication works for the GitHub API, Up: GitHub API Authentication---Username and Password--Basic [Index]
@octokit/basic-auth takes away most of the pain that is Basic Auth and two-factor authentication for GitHub’s REST API. It even integrates neatly with your favorite Octokit libraries such as @octokit/rest, @octokit/core or even the super low-level @octokit/request.
In this example I’ll use @octokit/basic-auth, @octokit/request and
readline-sync:
// my-cli.js
const { createBasicAuth } = require("@octokit/auth-basic");
const { request } = require("@octokit/request");
const { question } = require("readline-sync");
const auth = createBasicAuth({
username: question("Username: "),
password: question("Password: "),
async on2Fa() {
// prompt user for the one-time password retrieved via SMS or authenticator app
return question("Two-factor authentication Code: ");
}
});
const requestWithBasicAuth = request.defaults({
request: {
hook: auth.hook
}
});
requestWithBasicAuth("GET /user").then(
response => console.log(response.data),
console.error
);
When you run the above code with Node, you will be prompted for your username and password. If you have two-factor auth setup and SMS configured for delivery, you will receive an SMS with the OTP. Once you enter the OTP the script will log the user object for your GitHub Account to your terminal.
Now lets say you need to send so many requests that the OTP becomes invalid (usually about a minute), but you still want to delete the personal access token at the end. The code would look something like this:
// my-cli.js
const { createBasicAuth } = require("@octokit/auth-basic");
const { request } = require("@octokit/request");
const { question } = require("readline-sync");
run();
async function run() {
const auth = createBasicAuth({
username: question("Username: "),
password: question("Password: "),
async on2Fa() {
// prompt user for the one-time password retrieved via SMS or authenticator app
return question("Two-factor authentication Code: ");
}
});
const requestWithBasicAuth = request.defaults({
request: {
hook: auth.hook
}
});
const { data } = await requestWithBasicAuth("GET /user");
console.log(`Your GitHub Account ID: ${data.id}`);
console.log(`Sending some more requests that take a while ...`);
const TWO_MINUTES_IN_MS = 2 * 60 * 1000;
await new Promise(resolve => setTimeout(resolve, TWO_MINUTES_IN_MS));
const { id } = await auth({ type: "token" });
await requestWithBasicAuth("DELETE /authorizations/:authorization_id", {
authorization_id: id
});
console.log("TOKEN deleted");
}
The code above has a two minute timeout build in to make sure the OTP becomes invalid. You will see that you will get prompted for an OTP for the 2nd time:
$ node my-cli.js Username: gr2m Password: *** Two-factor authentication Code: 068194 Your GitHub Account ID: 39992 Sending some more requests that take a while ... Two-factor authentication Code: 975808 TOKEN deleted