Browse files

Store tokens outside ~/.gitconfig

People have a tendency to share dotfiles. Better save our credentials in
a separate configfile. While we're at it, make it readonly.
  • Loading branch information...
1 parent 36d3e14 commit f475549bd9a46270fc59cfb6466e6b65cd723150 @seveas seveas committed Oct 2, 2012
Showing with 13 additions and 6 deletions.
  1. +3 −0 docs/index.rst
  2. +10 −6 git-hub
3 docs/index.rst
@@ -11,6 +11,9 @@ The first time you use :command:`git hub`, it will ask you for your github
username and password. It then requests (and stores) an API authentication
token, so you can always revoke access from your `profile page`_.
+The authentication token is stored in :file:`~/.githubconfig`. Never share this
+token with anyone as it gives full access to your github account.
.. describe:: git hub whoami
A simple command to try out is :command:`git hub whoami`, which tells you what
16 git-hub
@@ -89,19 +89,22 @@ def command(fnc):
return fnc
def github():
- user = shell.git('config', 'github.user').stdout.strip()
+ config_file = os.path.join(os.path.expanduser('~'), '.githubconfig')
+ old_umask = os.umask(0077)
+ user = shell.git('config', '--file', config_file, 'github.user').stdout.strip()
if not user:
user = raw_input("Github user: ").strip()
- shell.git('config', '--global', 'github.user', user)
+ shell.git('config', '--file', config_file, 'github.user', user)
- token = shell.git('config', 'github.token').stdout.strip()
+ token = shell.git('config', '--file', config_file, 'github.token').stdout.strip()
if not token:
password = getpass.getpass("GitHub password: ")
auth = github3.authorize(user, password, ['user', 'repo', 'gist'],
"Github Git integration", "")
token = auth.token
- shell.git('config', '--global', 'github.token', token)
- shell.git('config', '--global', 'github.auth_id', str(
+ shell.git('config', '--file', config_file, 'github.token', token)
+ shell.git('config', '--file', config_file, 'github.auth_id', str(
if not user or not token:
err("No user or token specified")
@@ -110,8 +113,9 @@ def github():
except github3.GitHubError:
# Token obsolete
- shell.git('config', '--global', '--unset', 'github.token')
+ shell.git('config', '--file', config_file, '--unset', 'github.token')
gh = github()
+ os.umask(old_umask)
return gh
def get_repo():

0 comments on commit f475549

Please sign in to comment.