verdaccio-auth-memory - npm Package Compare versions

Comparing version 0.0.2 to 0.0.3

index.js

@@ -16,9 +16,14 @@ 'use strict';
     var self = this
+    var userCredentials = self._users[user];
 
-    if (!self._users[user]) {
-        return done(true, false);
+    if (!userCredentials) {
+      return done(null, false);
     }
 
-    if (password !== self._users[user].password) {
-        return done(true, false);
+
+    if (password !== userCredentials.password) {
+      var err = Error('i don\'t like your password');
+
+      err.status = 401;
+      return done(err);
     }
@@ -34,7 +39,62 @@
     var self = this;
-    self._users[user] = {name: user, password: password};
 
+    if (this._users[user]) {
+      return done(null, true);
+    }
+
+    if (self._app_config.max_users) {
+      if (Object.keys(this._users).length >= self._app_config.max_users) {
+        var err = Error('maximum amount of users reached');
+
+        err.status = 409;
+        return done(err);
+      }
+    }
+
+    this._users[user] = {name: user, password: password};
+
     done(null, user);
 };
 
-module.exports = Memory;
+Memory.prototype.allow_access = function(user, pkg, cb) {
+  if(((pkg.access.includes('$all') || pkg.access.includes('$anonymous') ))) {
+    return cb(null, true);
+  }
+
+  if (!user.name) {
+    const err = Error('not allowed to access package');
+    err.status = 403;
+    return cb(err);
+  }
+
+  if (pkg.access.includes(user.name) || pkg.access.includes('$authenticated')) {
+    return cb(null, true);
+  }
+
+  const err = Error('not allowed to access package');
+  err.status = 403;
+  return cb(err);
+};
+
+Memory.prototype.allow_publish = function(user, pkg, cb) {
+
+  if ((pkg.publish.includes('$all') || pkg.publish.includes('$anonymous') )) {
+    return cb(null, true);
+  }
+
+  if (!user.name) {
+    const err = Error('not allowed to publish package');
+    err.status = 403;
+    return cb(err);
+  }
+
+  if (pkg.publish.includes(user.name) || pkg.publish.includes('$authenticated')) {
+    return cb(null, true);
+  }
+
+  const err = Error('not allowed to publish package');
+  err.status = 403;
+  return cb(err);
+};
+
+module.exports = Memory;

package.json

 {
   "name": "verdaccio-auth-memory",
-  "version": "0.0.2",
+  "version": "0.0.3",
   "description": "auth plugin for verdaccio that keeps users in memory",
@@ -5,0 +5,0 @@ "author": "Verdaccio community <verdaccio.npm@gmail.com>",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

6256

increased by29.52%

Lines of code

131

increased by54.12%

No dependency changes