Socket
Socket
Sign inDemoInstall

registry-auth-token

Package Overview
Dependencies
7
Maintainers
3
Versions
25
Alerts
File Explorer

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

registry-auth-token

Get the auth token set for an npm registry (if any)


Version published
Maintainers
3
Weekly downloads
9,955,368
increased by3.39%
Bundle size
10.6 kB
Minified + gzipped

Weekly downloads

Readme

Source

registry-auth-token

npm versionnpm

Get the auth token set for an npm registry from .npmrc. Also allows fetching the configured registry URL for a given npm scope.

Installing

npm install --save registry-auth-token

Usage

Returns an object containing token and type, or undefined if no token can be found. type can be either Bearer or Basic.

const getAuthToken = require('registry-auth-token')
const getRegistryUrl = require('registry-auth-token/registry-url')

// Get auth token and type for default `registry` set in `.npmrc`
console.log(getAuthToken()) // {token: 'someToken', type: 'Bearer'}

// Get auth token for a specific registry URL
console.log(getAuthToken('//registry.foo.bar'))

// Find the registry auth token for a given URL (with deep path):
// If registry is at `//some.host/registry`
// URL passed is `//some.host/registry/deep/path`
// Will find token the closest matching path; `//some.host/registry`
console.log(getAuthToken('//some.host/registry/deep/path', {recursive: true}))

// Use the npm config that is passed in
console.log(getAuthToken('//registry.foo.bar', {
  npmrc: {
    'registry': 'http://registry.foo.bar',
    '//registry.foo.bar/:_authToken': 'qar'
  }
}))

// Find the configured registry url for scope `@foobar`.
// Falls back to the global registry if not defined.
console.log(getRegistryUrl('@foobar'))

// Use the npm config that is passed in
console.log(getRegistryUrl('http://registry.foobar.eu/', {
  'registry': 'http://registry.foobar.eu/',
  '//registry.foobar.eu/:_authToken': 'qar'
}))

Return value

// If auth info can be found:
{token: 'someToken', type: 'Bearer'}

// Or:
{token: 'someOtherToken', type: 'Basic'}

// Or, if nothing is found:
undefined

Security

Please be careful when using this. Leaking your auth token is dangerous.

License

MIT © Espen Hovlandsdal

Keywords

FAQs

Last updated on 05 Mar 2023

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc