NPM: Verify credentials upfront

Fixes gh-27
Closes jquerygh-36

Author: scottgonzalez

lib/npm.js

@@ -1,5 +1,44 @@
 module.exports = function( Release ) {
 	Release.define({
+		_getNpmUser: function() {
+			var user = Release.exec( "npm whoami", { silent: true } );
+
+			if ( user.code !== 0 ) {
+				Release.abort( "Error getting npm user." );
+			}
+
+			if ( /^Not authed/.test( user.output ) ) {
+				Release.abort( "You are not registered with npm." );
+			}
+
+			return user.output.trim();
+		},
+
+		_getNpmOwners: function() {
+			var owners = Release.exec( "npm owner ls " + Release.project, { silent: true } );
+
+			if ( owners.code !== 0 ) {
+				Release.abort( "Error getting npm owners." );
+			}
+
+			return owners.output.trim().split( "\n" ).map(function( owner ) {
+				return owner.split( " " )[ 0 ];
+			});
+		},
+
+		_checkNpmCredentials: function() {
+			if ( !Release.npmPublish ) {
+				return;
+			}
+
+			var user = Release._getNpmUser(),
+				owners = Release._getNpmOwners();
+
+			if ( owners.indexOf( user ) === -1 ) {
+				Release.abort( user + " is not an owner of " + Release.project + " on npm." );
+			}
+		},
+
 		_publishNpm: function() {
 			if ( !Release.npmPublish ) {
 				return;

release.js

@@ -28,6 +28,7 @@ commonTasks = [
 	Release._section( "setting up repo" ),
 	Release._cloneRepo,
 	Release._checkRepoState,
+	Release._checkNpmCredentials,
 
 	Release._section( "calculating versions" ),
 	Release._getVersions,