From e4638127f99fabea7a1c4ab8ef10aa838b9570eb Mon Sep 17 00:00:00 2001
From: Sviatoslav Sydorenko <wk@sydorenko.org.ua>
Date: Thu, 12 Sep 2019 14:38:56 +0200
Subject: [PATCH] Emit a warning if the token looks invalid

Resolves #9
---
 twine-upload.sh | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/twine-upload.sh b/twine-upload.sh
index e34928e..e230e0a 100755
--- a/twine-upload.sh
+++ b/twine-upload.sh
@@ -1,6 +1,22 @@
 #! /usr/bin/env bash
 set -Eeuo pipefail
 
+
+if [[
+    "$INPUT_USER" == "__token__" &&
+    ! "$INPUT_PASSWORD" =~ ^pypi-
+  ]]
+then
+    >&2 echo \
+        [WARNING]: \
+        It looks like you are trying to use an API token to \
+        authenticate in the package index and your token value does \
+        not start with '"pypi-"' as it typically should. This may \
+        cause an authentication error. Please verify that you have \
+        copied your token properly if such an error occurs.
+fi
+
+
 TWINE_USERNAME="$INPUT_USER" \
 TWINE_PASSWORD="$INPUT_PASSWORD" \
 TWINE_REPOSITORY_URL="$INPUT_REPOSITORY_URL" \