Security News
JavaScript Leaders Demand Oracle Release the JavaScript Trademark
In an open letter, JavaScript community leaders urge Oracle to give up the JavaScript trademark, arguing that it has been effectively abandoned through nonuse.
verdaccio-auth-memory
Advanced tools
This verdaccio auth plugin keeps the users in a memory plain object. This means all sessions and users will disappear when you restart the verdaccio server.
If you want to use this piece of software, do it at your own risk. This plugin is being used for unit testing.
$ npm install verdaccio
$ npm install verdaccio-auth-memory-memory
Add to your config.yaml
:
auth:
auth-memory: true
It's called as:
require('verdaccio-auth-memory')(config, stuff)
Where:
This should export two functions:
adduser(user, password, cb)
It should respond with:
cb(err)
in case of an error (error will be returned to user)cb(null, false)
in case registration is disabled (next auth plugin will be executed)cb(null, true)
in case user registered successfullyIt's useful to set err.status
property to set http status code (e.g. err.status = 403
).
authenticate(user, password, cb)
It should respond with:
cb(err)
in case of a fatal error (error will be returned to user, keep those rare)cb(null, false)
in case user not authenticated (next auth plugin will be executed)cb(null, [groups])
in case user is authenticatedGroups is an array of all users/usergroups this user has access to. You should probably include username itself here.
FAQs
Auth plugin for Verdaccio that keeps users in memory
The npm package verdaccio-auth-memory receives a total of 12,179 weekly downloads. As such, verdaccio-auth-memory popularity was classified as popular.
We found that verdaccio-auth-memory demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
In an open letter, JavaScript community leaders urge Oracle to give up the JavaScript trademark, arguing that it has been effectively abandoned through nonuse.
Security News
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
Security News
Floating dependency ranges in npm can introduce instability and security risks into your project by allowing unverified or incompatible versions to be installed automatically, leading to unpredictable behavior and potential conflicts.