Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
verdaccio-auth-memory
Advanced tools
verdaccio-auth-memory - npm Package Compare versions
Comparing version 10.2.0 to 10.2.1
@@ -13,9 +13,6 @@ "use strict"; | ||
| exports.default = void 0; | ||
| var _Memory = _interopRequireDefault(require("./Memory")); | ||
| function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } | ||
| var _default = _Memory.default; | ||
| exports.default = _default; | ||
| //# sourceMappingURL=index.js.map |
@@ -1,2 +0,2 @@ | ||
| import { Config, PluginOptions, Callback, PackageAccess, IPluginAuth, RemoteUser, Logger } from '@verdaccio/types'; | ||
| import { Config, PluginOptions, Callback, PackageAccess, IPluginAuth, RemoteUser, Logger } from '@verdaccio/legacy-types'; | ||
| export interface UserMemory { | ||
@@ -3,0 +3,0 @@ name: string; |
@@ -7,5 +7,3 @@ "use strict"; | ||
| exports.default = void 0; | ||
| var _commonsApi = require("@verdaccio/commons-api"); | ||
| class Memory { | ||
@@ -18,6 +16,4 @@ constructor(config, appOptions) { | ||
| } | ||
| authenticate(user, password, done) { | ||
| const userCredentials = this._users[user]; | ||
| if (!userCredentials) { | ||
@@ -27,25 +23,19 @@ this._logger.debug({ | ||
| }, '[VerdaccioMemory] user @{user} does not exist'); | ||
| return done(null, false); | ||
| } | ||
| if (password !== userCredentials.password) { | ||
| const err = (0, _commonsApi.getUnauthorized)("i don't like your password"); | ||
| this._logger.info({ | ||
| user | ||
| }, '[VerdaccioMemory] password invalid for: @{user}'); | ||
| return done(err); | ||
| } | ||
| return done(err); | ||
| } // authentication succeeded! | ||
| // authentication succeeded! | ||
| // return all usergroups this user has access to; | ||
| this._logger.info({ | ||
| user | ||
| }, '[VerdaccioMemory] authentication succeeded for @{user}'); | ||
| return done(null, [user]); | ||
| } | ||
| adduser(user, password, done) { | ||
@@ -56,6 +46,4 @@ if (this._users[user]) { | ||
| }, '[VerdaccioMemory] user @{user} already exist'); | ||
| return done(null, true); | ||
| } | ||
| if (this._app_config.max_users) { | ||
@@ -67,3 +55,2 @@ if (Object.keys(this._users).length >= this._app_config.max_users) { | ||
| } | ||
| this._users[user] = { | ||
@@ -73,37 +60,27 @@ name: user, | ||
| }; | ||
| this._logger.info({ | ||
| user | ||
| }, '[VerdaccioMemory] user added succeeded for @{user}'); | ||
| done(null, user); | ||
| } | ||
| changePassword(username, password, newPassword, cb) { | ||
| const user = this._users[username]; | ||
| this._logger.debug({ | ||
| user: username | ||
| }, 'user: @{user} init change password'); | ||
| if (user && user.password === password) { | ||
| user.password = newPassword; | ||
| this._users[username] = user; | ||
| this._logger.info({ | ||
| user | ||
| }, '[VerdaccioMemory] user changed password succeeded for @{user}'); | ||
| cb(null, user); | ||
| } else { | ||
| const err = (0, _commonsApi.getNotFound)('user not found'); | ||
| this._logger.debug({ | ||
| user: username | ||
| }, 'change password user @{user} not found'); | ||
| return cb(err); | ||
| } | ||
| } | ||
| allow_access(user, pkg, cb) { | ||
@@ -114,16 +91,11 @@ if (pkg.access && pkg.access.includes('$all') || pkg.access && pkg.access.includes('$anonymous')) { | ||
| }, '[VerdaccioMemory] user: @{user} has been granted access'); | ||
| return cb(null, true); | ||
| } | ||
| if (!user.name) { | ||
| const err = (0, _commonsApi.getForbidden)('not allowed to access package'); | ||
| this._logger.debug({ | ||
| user: user.name | ||
| }, 'user: @{user} not allowed to access package'); | ||
| return cb(err); | ||
| } | ||
| if (pkg.access && pkg.access.includes(user.name) || pkg.access && pkg.access.includes('$authenticated')) { | ||
@@ -133,15 +105,10 @@ this._logger.debug({ | ||
| }, '[VerdaccioMemory] user: @{user} has been granted access'); | ||
| return cb(null, true); | ||
| } | ||
| const err = (0, _commonsApi.getForbidden)('not allowed to access package'); | ||
| this._logger.debug({ | ||
| user: user.name | ||
| }, '[VerdaccioMemory] user: @{user} not allowed to access package'); | ||
| return cb(err); | ||
| } | ||
| allow_publish(user, pkg, cb) { | ||
@@ -152,32 +119,22 @@ if (pkg.publish && pkg.publish.includes('$all') || pkg.publish && pkg.publish.includes('$anonymous')) { | ||
| }, '[VerdaccioMemory] user: @{user} has been granted to publish'); | ||
| return cb(null, true); | ||
| } | ||
| if (!user.name) { | ||
| const err = (0, _commonsApi.getForbidden)('not allowed to publish package'); | ||
| this._logger.debug({ | ||
| user: user.name | ||
| }, 'user: @{user} not allowed to publish package'); | ||
| return cb(err); | ||
| } | ||
| if (pkg.publish && pkg.publish.includes(user.name) || pkg.publish && pkg.publish.includes('$authenticated')) { | ||
| return cb(null, true); | ||
| } | ||
| const err = (0, _commonsApi.getForbidden)('not allowed to publish package'); | ||
| this._logger.debug({ | ||
| user: user.name | ||
| }, '[VerdaccioMemory] user: @{user} not allowed to publish package'); | ||
| return cb(err); | ||
| } | ||
| } | ||
| exports.default = Memory; | ||
| //# sourceMappingURL=Memory.js.map |
| { | ||
| "name": "verdaccio-auth-memory", | ||
| "version": "10.2.0", | ||
| "version": "10.2.1", | ||
| "description": "Auth plugin for Verdaccio that keeps users in memory", | ||
@@ -34,3 +34,3 @@ "keywords": [ | ||
| "devDependencies": { | ||
| "@verdaccio/types": "10.3.0" | ||
| "@verdaccio/legacy-types": "1.0.1" | ||
| }, | ||
@@ -49,4 +49,3 @@ "funding": { | ||
| "build": "pnpm run build:js && pnpm run build:types" | ||
| }, | ||
| "readme": "# verdaccio-auth-memory\n[](https://app.fossa.io/projects/git%2Bgithub.com%2Fverdaccio%2Fverdaccio-auth-memory?ref=badge_shield)\n[](https://circleci.com/gh/ayusharma/verdaccio-auth-memory)\n[](https://codecov.io/gh/verdaccio/verdaccio-auth-memory)\n\n\nThis verdaccio auth plugin keeps the users in a memory plain object.\nThis means all sessions and users will disappear when you restart the verdaccio server.\n\nIf you want to use this piece of software, do it at your own risk. **This plugin is being used for unit testing**.\n\n## Installation\n\n```sh\n$ npm install -g verdaccio\n$ npm install -g verdaccio-auth-memory\n```\n\n## Config\n\nAdd to your `config.yaml`:\n\n```yaml\nauth:\n auth-memory:\n users:\n foo:\n name: foo\n password: s3cret\n bar:\n name: bar\n password: s3cret\n```\n\n## For plugin writers\n\nIt's called as:\n\n```js\nconst plugin = require('verdaccio-auth-memory');\n\nplugin(config, appConfig);\n```\n\nWhere:\n\n - config - module's own config\n - appOptions - collection of different internal verdaccio objects\n - appOptions.config - main config\n - appOptions.logger - logger\n\nThis should export four functions:\n\n - `adduser(user, password, cb)` Add new users\n\n It should respond with:\n - `cb(err)` in case of an error (error will be returned to user)\n - `cb(null, false)` in case registration is disabled (next auth plugin will be executed)\n - `cb(null, true)` in case user registered successfully\n\n It's useful to set `err.status` property to set http status code (e.g. `err.status = 403`).\n\n - `authenticate(user, password, cb)` Authenticate the user\n\n It should respond with:\n - `cb(err)` in case of a fatal error (error will be returned to user, keep those rare)\n - `cb(null, false)` in case user not authenticated (next auth plugin will be executed)\n - `cb(null, [groups])` in case user is authenticated\n\n Groups is an array of all users/usergroups this user has access to. You should probably include username itself here.\n\n - `allow_access(user, pkg, cb)` Check whether the user has permissions to access a resource (package)\n\n It should respond with:\n - `cb(err)` in case of a fatal error (error will be returned to user, keep those rare)\n - `cb(null, false)` in case user not allowed to access (next auth plugin will be executed)\n - `cb(null, true)` in case user is allowed to access\n\n - `allow_publish(user, pkg, cb)` Check whether the user has permissions to publish a resource (package)\n\n It should respond with:\n - `cb(err)` in case of a fatal error (error will be returned to user, keep those rare)\n - `cb(null, false)` in case user not allowed to publish (next auth plugin will be executed)\n - `cb(null, true)` in case user is allowed to publish\n\n\n\n## License\n[](https://app.fossa.io/projects/git%2Bgithub.com%2Fverdaccio%2Fverdaccio-auth-memory?ref=badge_large)\n" | ||
| } | ||
| } |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Lines of code
- increased by0.59%
170
Worsened metrics
- Total package byte prevSize
- decreased by-11.78%
21886
No dependency changes