registry-auth-token

What is registry-auth-token?

The registry-auth-token npm package is designed to retrieve authentication tokens for accessing private npm registries. It parses npm configuration files to extract authentication information, which can be useful for automated scripts or tools that interact with npm registries.

What are registry-auth-token's main functionalities?

Retrieve authentication token

This feature allows the retrieval of an authentication token from the user's npm configuration. The token can then be used for authenticated operations with npm registries.

const getAuthToken = require('registry-auth-token');

const token = getAuthToken();
console.log(token);

Retrieve token with options

This feature extends the basic token retrieval by allowing options such as 'recursive' to be set, which controls how the npm configuration is parsed for authentication tokens.

const getAuthToken = require('registry-auth-token');

const options = { recursive: true };
const token = getAuthToken(options);
console.log(token);

Other packages similar to registry-auth-token

npm-registry-client

Similar to registry-auth-token, npm-registry-client interacts with npm registries but offers a broader set of functionalities including publishing packages, setting tags, and handling user authentication. It provides a more comprehensive interface for interacting with npm registries compared to the focused functionality of registry-auth-token.

npm-profile

While npm-profile is primarily focused on managing user profiles on the npm registry, it also deals with authentication aspects. It differs from registry-auth-token by providing functionalities to view and edit user profile details, which is not covered by registry-auth-token.

README

registry-auth-token

Get the auth token set for an npm registry from .npmrc. Also allows fetching the configured registry URL for a given npm scope.

Installing

npm install --save registry-auth-token

Usage

Returns an object containing token and type, or undefined if no token can be found. type can be either Bearer or Basic.

const getAuthToken = require('registry-auth-token')
const getRegistryUrl = require('registry-auth-token/registry-url')

// Get auth token and type for default `registry` set in `.npmrc`
console.log(getAuthToken()) // {token: 'someToken', type: 'Bearer'}

// Get auth token for a specific registry URL
console.log(getAuthToken('//registry.foo.bar'))

// Find the registry auth token for a given URL (with deep path):
// If registry is at `//some.host/registry`
// URL passed is `//some.host/registry/deep/path`
// Will find token the closest matching path; `//some.host/registry`
console.log(getAuthToken('//some.host/registry/deep/path', {recursive: true}))

// Use the npm config that is passed in
console.log(getAuthToken('//registry.foo.bar', {
  npmrc: {
    'registry': 'http://registry.foo.bar',
    '//registry.foo.bar/:_authToken': 'qar'
  }
}))

// Find the configured registry url for scope `@foobar`.
// Falls back to the global registry if not defined.
console.log(getRegistryUrl('@foobar'))

// Use the npm config that is passed in
console.log(getRegistryUrl('http://registry.foobar.eu/', {
  'registry': 'http://registry.foobar.eu/',
  '//registry.foobar.eu/:_authToken': 'qar'
}))

Return value

// If auth info can be found:
{token: 'someToken', type: 'Bearer'}

// Or:
{token: 'someOtherToken', type: 'Basic'}

// Or, if nothing is found:
undefined

Security

Please be careful when using this. Leaking your auth token is dangerous.

License

MIT © Espen Hovlandsdal

Changelog

[5.1.0] - 2025-02-07

Changes

• Use WHATWG URL instead of legacy APIs, silencing errors in Bun etc (fisker Cheung)