1
0
mirror of https://github.com/verdaccio/verdaccio.git synced 2024-11-13 03:35:52 +01:00
verdaccio/docs/auth.md
Juan Picado @jotadeveloper a22b3a4415
docs: update beta to latest
2018-05-31 10:32:46 +02:00

2.0 KiB

id title
authentification Authentification

The authentification is tied to the auth plugin you are using. The package restrictions also is handled by the Package Access.

The client authentification is handled by npm client itself. Once you login to the application:

npm adduser --registry http://localhost:4873

A token is generated in the npm configuration file hosted in your user home folder. For more information about .npmrc read the official documentation.

cat .npmrc
registry=http://localhost:5555/
//localhost:5555/:_authToken="secretVerdaccioToken"
//registry.npmjs.org/:_authToken=secretNpmjsToken

Anonymous publish

verdaccioallows you to enable anonymous publish, to achieve that you will need to set up correctly your packages access.

Eg:

  'my-company-*':
    access: $anonymous
    publish: $anonymous
    proxy: npmjs

As is described on issue #212 until npm@5.3.0 and all minor releases won't allow you publish without a token. However yarn has not such limitation.

Default htpasswd

In order to simplify the setup, verdaccio use a plugin based on htpasswd. As of version v3.0.x an external plugin is used by default. The v2.x version of this package still contains the built-in version of this plugin.

auth:
  htpasswd:
    file: ./htpasswd
    # Maximum amount of users allowed to register, defaults to "+inf".
    # You can set this to -1 to disable registration.
    #max_users: 1000
Property Type Required Example Support Description
file string Yes ./htpasswd all file that host the encrypted credentials
max_users number No 1000 all set limit of users

In case to decide do not allow user to login, you can set max_users: -1.