Commit b89ef70b authored by Aral Balkan's avatar Aral Balkan
Browse files

Fixes #17: graphical sudo prompt is now shown in post-install script

parent c8c9402a
......@@ -5,6 +5,12 @@ All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
## [7.0.3] - 2021-03-17
### Fixed
- No longer fails on install on system accounts that don’t have passwordless sudo set up. Instead, shows a graphical password box to get the person’s sudo password. (Fixes https://source.small-tech.org/site.js/lib/auto-encrypt-localhost/-/issues/17. See https://github.com/npm/cli/issues/2887 for the original npm bug.
## [7.0.2] - 2021-03-06
### Fixed
......
......@@ -14,6 +14,10 @@ At runtime, you can reach your server via the local loopback addresses (localhos
npm i @small-tech/auto-encrypt-localhost
```
Note that during installation, Auto Encrypt Localhost will create your local certificate authority and install it in the system root store and generate locally-trusted certificates. These actions require elevated privileges (`sudo`). Since [npm does not handle sudo prompts correctly in lifecycle scripts](https://github.com/npm/cli/issues/2887), you will see a graphical sudo prompt pop up to ask you for your adminstrator password. Once you’ve provided it, installation will proceed as normal.
## Usage
### Instructions
......
......@@ -29,6 +29,7 @@ import { version, binaryName } from '../lib/mkcert.js'
import fs from 'fs-extra'
import sudoPrompt from 'sudo-prompt'
async function secureGet (url) {
return new Promise((resolve, reject) => {
......@@ -123,7 +124,25 @@ mkcertProcessOptions.env.CAROOT = settingsPath
// Create the local certificate authority.
process.stdout.write(` ╰─ Creating local certificate authority (local CA) using mkcert… `)
childProcess.execFileSync(mkcertBinary, ['-install'], mkcertProcessOptions)
// We are using the sudo-prompt package here, instead of childProcess.execFileSync() because
// this script is meant to run as an npm script and it appears that npm scripts fail to show
// the system sudo prompt (and instead hang).
//
// See: https://github.com/npm/cli/issues/2887
//
// To workaround this issue, we use sudo-prompt here to display a graphical sudo prompt
// that works well with npm scripts.
await (() => {
return new Promise((resolve, reject) => {
sudoPrompt.exec(`${mkcertBinary} -install`, {name: 'Auto Encrypt Localhost'}, function(error, stdout, stderr) {
if (error) reject(error)
resolve()
})
})
})()
process.stdout.write('done.\n')
// Create the local certificate.
......@@ -145,7 +164,9 @@ const certificateDetails = [
'localhost'
].concat(localIPv4Addresses)
// We can use a regular execFileSync call here as the sudo permissions will not have timed out yet.
childProcess.execFileSync(mkcertBinary, certificateDetails, mkcertProcessOptions)
process.stdout.write('done.\n')
// This should never happen as an error in the above, if there is one,
......
......@@ -13,6 +13,7 @@
"encodeurl": "^1.0.2",
"fs-extra": "^8.1.0",
"server-destroy": "^1.0.1",
"sudo-prompt": "^9.2.1",
"syswide-cas": "^5.3.0"
},
"devDependencies": {
......@@ -2603,6 +2604,11 @@
"node": ">=4"
}
},
"node_modules/sudo-prompt": {
"version": "9.2.1",
"resolved": "https://registry.npmjs.org/sudo-prompt/-/sudo-prompt-9.2.1.tgz",
"integrity": "sha512-Mu7R0g4ig9TUuGSxJavny5Rv0egCEtpZRNMrZaYS1vxkiIxGiGUwoezU3LazIQ+KE04hTrTfNPgxU5gzi7F5Pw=="
},
"node_modules/supports-color": {
"version": "7.2.0",
"resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz",
......@@ -5149,6 +5155,11 @@
"integrity": "sha1-IzTBjpx1n3vdVv3vfprj1YjmjtM=",
"dev": true
},
"sudo-prompt": {
"version": "9.2.1",
"resolved": "https://registry.npmjs.org/sudo-prompt/-/sudo-prompt-9.2.1.tgz",
"integrity": "sha512-Mu7R0g4ig9TUuGSxJavny5Rv0egCEtpZRNMrZaYS1vxkiIxGiGUwoezU3LazIQ+KE04hTrTfNPgxU5gzi7F5Pw=="
},
"supports-color": {
"version": "7.2.0",
"resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz",
......
{
"name": "@small-tech/auto-encrypt-localhost",
"version": "7.0.2",
"version": "7.0.3",
"description": "Automatically provisions and installs locally-trusted TLS certificates for Node.js https servers (including Express.js, etc.) using mkcert.",
"keywords": [
"mkcert",
......@@ -22,8 +22,7 @@
"bin"
],
"scripts": {
"postinstall": "node bin/post-install.js",
"start": "node index.js",
"postinstall": "bin/post-install.js",
"test": "QUIET=true esm-tape-runner 'test/**/*.js' | tap-monkey",
"coverage": "QUIET=true c8 esm-tape-runner 'test/**/*.js' | tap-monkey",
"test-debug": "esm-tape-runner 'test/**/*.js' | tap-monkey",
......@@ -53,6 +52,7 @@
"encodeurl": "^1.0.2",
"fs-extra": "^8.1.0",
"server-destroy": "^1.0.1",
"sudo-prompt": "^9.2.1",
"syswide-cas": "^5.3.0"
},
"devDependencies": {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment