registry-auth-token
Advanced tools
Package description
The registry-auth-token npm package is designed to retrieve authentication tokens for accessing private npm registries. It parses npm configuration files to extract authentication information, which can be useful for automated scripts or tools that interact with npm registries.
Retrieve authentication token
This feature allows the retrieval of an authentication token from the user's npm configuration. The token can then be used for authenticated operations with npm registries.
const getAuthToken = require('registry-auth-token');
const token = getAuthToken();
console.log(token);Retrieve token with options
This feature extends the basic token retrieval by allowing options such as 'recursive' to be set, which controls how the npm configuration is parsed for authentication tokens.
const getAuthToken = require('registry-auth-token');
const options = { recursive: true };
const token = getAuthToken(options);
console.log(token);Similar to registry-auth-token, npm-registry-client interacts with npm registries but offers a broader set of functionalities including publishing packages, setting tags, and handling user authentication. It provides a more comprehensive interface for interacting with npm registries compared to the focused functionality of registry-auth-token.
While npm-profile is primarily focused on managing user profiles on the npm registry, it also deals with authentication aspects. It differs from registry-auth-token by providing functionalities to view and edit user profile details, which is not covered by registry-auth-token.
Changelog
[4.2.1] - 2020-11-10
Readme
Get the auth token set for an npm registry from .npmrc. Also allows fetching the configured registry URL for a given npm scope.
npm install --save registry-auth-token
Returns an object containing token and type, or undefined if no token can be found. type can be either Bearer or Basic.
var getAuthToken = require('registry-auth-token')
var getRegistryUrl = require('registry-auth-token/registry-url')
// Get auth token and type for default `registry` set in `.npmrc`
console.log(getAuthToken()) // {token: 'someToken', type: 'Bearer'}
// Get auth token for a specific registry URL
console.log(getAuthToken('//registry.foo.bar'))
// Find the registry auth token for a given URL (with deep path):
// If registry is at `//some.host/registry`
// URL passed is `//some.host/registry/deep/path`
// Will find token the closest matching path; `//some.host/registry`
console.log(getAuthToken('//some.host/registry/deep/path', {recursive: true}))
// Find the configured registry url for scope `@foobar`.
// Falls back to the global registry if not defined.
console.log(getRegistryUrl('@foobar'))
// Use the npm config that is passed in
console.log(getRegistryUrl('http://registry.foobar.eu/', {
npmrc: {
'registry': 'http://registry.foobar.eu/',
'//registry.foobar.eu/:_authToken': 'qar'
}
}))
// If auth info can be found:
{token: 'someToken', type: 'Bearer'}
// Or:
{token: 'someOtherToken', type: 'Basic'}
// Or, if nothing is found:
undefined
Please be careful when using this. Leaking your auth token is dangerous.
MIT-licensed. See LICENSE.
FAQs
Get the auth token set for an npm registry (if any)
The npm package registry-auth-token receives a total of 7,604,657 weekly downloads. As such, registry-auth-token popularity was classified as popular.
We found that registry-auth-token demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
This episode of the Risky Biz podcast discusses how the rise of small open source packages and the shift towards individual maintainers makes the ecosystem more vulnerable to supply chain attacks.
Product
Streamline your login process and enhance security by enabling Single Sign-On (SSO) on the Socket platform, now available for all customers on the Enterprise plan, supporting 20+ identity providers.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.