Restore support for credentials in URLs

We're still supporting this in Foxx CLI and handling this in arangojs
avoids having to teach Foxx CLI how to parse unix socket URLs. Additionally
this makes the behavior more consistent.

Author: pluma

CHANGELOG.md

@@ -7,6 +7,15 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 ## [Unreleased]
 
+### Changed
+
+- Restored support for credentials in URLs
+
+  If the server URL includes credentials, arangojs will now use them instead of
+  the default username "root" and an empty password. Any credentials explicitly
+  set using `useBasicAuth` or `useBearerAuth` will still override the default
+  credentials as before.
+
 ## [6.8.0] - 2018-11-07
 
 ### Changed

docs/Drivers/JS/Reference/Database/README.md

@@ -26,26 +26,20 @@ If _config_ is a string, it will be interpreted as _config.url_.
     When running ArangoDB on a unix socket, e.g. `/tmp/arangodb.sock` the
     following URL formats are supported for unix sockets:
 
-    * `unix:///tmp/arangodb.sock` (no SSL)
-    * `http+unix:///tmp/arangodb.sock` (or `https+unix://` for SSL)
-    * `http://unix:/tmp/arangodb.sock` (or `https://unix:` for SSL)
+    - `unix:///tmp/arangodb.sock` (no SSL)
+    - `http+unix:///tmp/arangodb.sock` (or `https+unix://` for SSL)
+    - `http://unix:/tmp/arangodb.sock` (or `https://unix:` for SSL)
 
     Additionally `ssl` and `tls` are treated as synonymous with `https` and
     `tcp` is treated as synonymous with `http`, so the following URLs are
     considered identical:
 
-    * `tcp://localhost:8529` and `http://localhost:8529`
-    * `ssl://localhost:8529` and `https://localhost:8529`
-    * `tcp+unix:///tmp/arangodb.sock` and `http+unix:///tmp/arangodb.sock`
-    * `ssl+unix:///tmp/arangodb.sock` and `https+unix:///tmp/arangodb.sock`
-    * `tcp://unix:/tmp/arangodb.sock` and `http://unix:/tmp/arangodb.sock`
-    * `ssl://unix:/tmp/arangodb.sock` and `https://unix:/tmp/arangodb.sock`
-
-    {% hint 'warning' %}
-    As of arangojs 6.0.0 it is no longer possible to pass
-    the username or password from the URL. Use
-    [`database.useBasicAuth`](#databaseusebasicauth) instead.
-    {% endhint %}
+    - `tcp://localhost:8529` and `http://localhost:8529`
+    - `ssl://localhost:8529` and `https://localhost:8529`
+    - `tcp+unix:///tmp/arangodb.sock` and `http+unix:///tmp/arangodb.sock`
+    - `ssl+unix:///tmp/arangodb.sock` and `https+unix:///tmp/arangodb.sock`
+    - `tcp://unix:/tmp/arangodb.sock` and `http://unix:/tmp/arangodb.sock`
+    - `ssl://unix:/tmp/arangodb.sock` and `https://unix:/tmp/arangodb.sock`
 
     If you want to use ArangoDB with authentication, see
     _useBasicAuth_ or _useBearerAuth_ methods.

src/database.ts

@@ -86,7 +86,6 @@ export class Database {
 
   constructor(config?: Config) {
     this._connection = new Connection(config);
-    this.useBasicAuth();
   }
 
   get name(): string | null {

src/util/request.node.ts

@@ -7,6 +7,7 @@ import {
 } from "http";
 import { Agent as HttpsAgent, request as httpsRequest } from "https";
 import { parse as parseUrl, Url } from "url";
+import { btoa } from "./btoa";
 import { joinPath } from "./joinPath";
 import { Errback } from "./types";
 
@@ -87,14 +88,18 @@ export function createRequest(
       if (body && !headers["content-length"]) {
         headers["content-length"] = String(Buffer.byteLength(body));
       }
+      if (!headers["authorization"]) {
+        headers["authorization"] = `Basic ${btoa(
+          baseUrlParts.auth || "root:"
+        )}`;
+      }
       const options: ClientRequestArgs = { path, method, headers, agent };
       if (socketPath) {
         options.socketPath = socketPath;
       } else {
         options.host = baseUrlParts.hostname;
         options.port = baseUrlParts.port;
       }
-      options.auth = baseUrlParts.auth;
       let called = false;
       try {
         const req = (isTls ? httpsRequest : httpRequest)(

src/util/request.web.ts

@@ -1,12 +1,11 @@
+import { format as formatUrl, parse as parseUrl } from "url";
+import { joinPath } from "./joinPath";
 import {
   ArangojsError,
   ArangojsResponse,
   RequestOptions
 } from "./request.node";
-import { format as formatUrl, parse as parseUrl } from "url";
-
 import { Errback } from "./types";
-import { joinPath } from "./joinPath";
 import xhr from "./xhr";
 
 export const isBrowser = true;
@@ -21,7 +20,7 @@ function omit<T>(obj: T, keys: (keyof T)[]): T {
 }
 
 export function createRequest(baseUrl: string, agentOptions: any) {
-  const baseUrlParts = parseUrl(baseUrl);
+  const { auth, ...baseUrlParts } = parseUrl(baseUrl);
   const options = omit(agentOptions, [
     "keepAlive",
     "keepAliveMsecs",
@@ -44,6 +43,9 @@ export function createRequest(baseUrl: string, agentOptions: any) {
           : url.search
         : baseUrlParts.search
     };
+    if (!headers["authorization"]) {
+      headers["authorization"] = `Basic ${btoa(auth || "root:")}`;
+    }
 
     let callback: Errback<ArangojsResponse> = (err, res) => {
       callback = () => undefined;