Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

verdaccio-auth-memory

Package Overview
Dependencies
Maintainers
3
Versions
109
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

verdaccio-auth-memory

Auth plugin for Verdaccio that keeps users in memory

  • 12.0.0-next-7.7
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
27K
increased by14.16%
Maintainers
3
Weekly downloads
 
Created
Source

verdaccio-auth-memory

FOSSA Status CircleCI codecov

This verdaccio auth plugin keeps the users in a memory plain object. This means all sessions and users will disappear when you restart the verdaccio server.

If you want to use this piece of software, do it at your own risk. This plugin is being used for unit testing.

Installation

$ npm install -g verdaccio
$ npm install -g verdaccio-auth-memory

Config

Add to your config.yaml:

auth:
  auth-memory:
    users:
      foo:
        name: foo
        password: s3cret
      bar:
        name: bar
        password: s3cret

For plugin writers

It's called as:

const plugin = require('verdaccio-auth-memory');

plugin(config, appConfig);

Where:

  • config - module's own config
  • appOptions - collection of different internal verdaccio objects
    • appOptions.config - main config
    • appOptions.logger - logger

This should export four functions:

  • adduser(user, password, cb) Add new users

    It should respond with:

    • cb(err) in case of an error (error will be returned to user)
    • cb(null, false) in case registration is disabled (next auth plugin will be executed)
    • cb(null, true) in case user registered successfully

    It's useful to set err.status property to set http status code (e.g. err.status = 403).

  • authenticate(user, password, cb) Authenticate the user

    It should respond with:

    • cb(err) in case of a fatal error (error will be returned to user, keep those rare)
    • cb(null, false) in case user not authenticated (next auth plugin will be executed)
    • cb(null, [groups]) in case user is authenticated

    Groups is an array of all users/usergroups this user has access to. You should probably include username itself here.

  • allow_access(user, pkg, cb) Check whether the user has permissions to access a resource (package)

    It should respond with:

    • cb(err) in case of a fatal error (error will be returned to user, keep those rare)
    • cb(null, false) in case user not allowed to access (next auth plugin will be executed)
    • cb(null, true) in case user is allowed to access
  • allow_publish(user, pkg, cb) Check whether the user has permissions to publish a resource (package)

    It should respond with:

    • cb(err) in case of a fatal error (error will be returned to user, keep those rare)
    • cb(null, false) in case user not allowed to publish (next auth plugin will be executed)
    • cb(null, true) in case user is allowed to publish

License

FOSSA Status

Keywords

FAQs

Package last updated on 14 Jan 2024

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc