From 6a4020815592a786961d27730353363ecf6b55d4 Mon Sep 17 00:00:00 2001
From: James Ide <ide@jameside.com>
Date: Sat, 19 Mar 2016 12:12:01 -0700
Subject: [PATCH] [Auth] Add an option to connect to GitHub anonymously for
 public repos

Adds a new option called `GITHUB_ANONYMOUS` to signal that you want to public repositories that don't require any authentication. If you don't set this to true, Nuts will continue to throw an error if you don't provide authentication credentials.

This uses the `getenv` package, which handles env var values like "true" and "1" as bash would.
---
 bin/web.js             | 4 +++-
 docs/deploy.md         | 4 +++-
 lib/backends/github.js | 4 ++--
 package.json           | 1 +
 4 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/bin/web.js b/bin/web.js
index fbfe6ef5..633f0e52 100644
--- a/bin/web.js
+++ b/bin/web.js
@@ -1,4 +1,5 @@
 var express = require('express');
+var getenv = require('getenv');
 var uuid = require('uuid');
 var basicAuth = require('basic-auth');
 var Analytics = require('analytics-node');
@@ -19,13 +20,14 @@ if (process.env.ANALYTICS_TOKEN) {
 
 var myNuts = nuts.Nuts({
     repository: process.env.GITHUB_REPO,
+    anonymous: getenv.boolish('GITHUB_ANONYMOUS', false),
     token: process.env.GITHUB_TOKEN,
     username: process.env.GITHUB_USERNAME,
     password: process.env.GITHUB_PASSWORD,
     timeout: process.env.VERSIONS_TIMEOUT,
     cache: process.env.VERSIONS_CACHE,
     refreshSecret: process.env.GITHUB_SECRET,
-    proxyAssets: !Boolean(process.env.DONT_PROXY_ASSETS)
+    proxyAssets: !getenv.boolish('DONT_PROXY_ASSETS', false)
 });
 
 // Control access to API
diff --git a/docs/deploy.md b/docs/deploy.md
index ff669aea..c9e36eaf 100644
--- a/docs/deploy.md
+++ b/docs/deploy.md
@@ -31,10 +31,12 @@ This service requires to be configured using environment variables:
 $ export PORT=6000
 
 # Access token for the GitHub API (requires permissions to access the repository)
-# If the repository is public you do not need to provide an access token
 # you can also use GITHUB_USERNAME and GITHUB_PASSWORD
 $ export GITHUB_TOKEN=...
 
+# Or, if the repository is public you do not need to provide an access token
+$ export GITHUB_ANONYMOUS=1
+
 # ID for the GitHub repository
 $ export GITHUB_REPO=Username/MyApp
 
diff --git a/lib/backends/github.js b/lib/backends/github.js
index dbcbe9fe..59ecb1b2 100644
--- a/lib/backends/github.js
+++ b/lib/backends/github.js
@@ -17,8 +17,8 @@ function GitHubBackend() {
         proxyAssets: true
     });
 
-    if ((!this.opts.username || !this.opts.password) && (!this.opts.token)) {
-        throw new Error('GitHub backend require "username" and "token" options');
+    if ((!this.opts.username || !this.opts.password) && (!this.opts.token) && (!this.opts.anonymous)) {
+        throw new Error('GitHub backend requires either the "username" and "password, "token", or "anonymous" option');
     }
 
     this.client = new GitHub({
diff --git a/package.json b/package.json
index 9b395c5e..07f1f134 100644
--- a/package.json
+++ b/package.json
@@ -13,6 +13,7 @@
     "express": "^4.13.3",
     "express-useragent": "0.1.9",
     "feed": "^0.3.0",
+    "getenv": "^0.6.0",
     "github-webhook-handler": "0.5.0",
     "lodash": "3.7.0",
     "lru-diskcache": "1.1.1",