verdaccio-auth-memory
Advanced tools
Changelog
9.7.2 (2020-07-20)
Readme
This verdaccio auth plugin keeps the users in a memory plain object. This means all sessions and users will disappear when you restart the verdaccio server.
If you want to use this piece of software, do it at your own risk. This plugin is being used for unit testing.
$ npm install -g verdaccio
$ npm install -g verdaccio-auth-memory
Add to your config.yaml:
auth:
auth-memory:
users:
foo:
name: foo
password: s3cret
bar:
name: bar
password: s3cret
It's called as:
const plugin = require('verdaccio-auth-memory');
plugin(config, appConfig);
Where:
This should export four functions:
adduser(user, password, cb) Add new users
It should respond with:
cb(err) in case of an error (error will be returned to user)cb(null, false) in case registration is disabled (next auth plugin will be executed)cb(null, true) in case user registered successfullyIt's useful to set err.status property to set http status code (e.g. err.status = 403).
authenticate(user, password, cb) Authenticate the user
It should respond with:
cb(err) in case of a fatal error (error will be returned to user, keep those rare)cb(null, false) in case user not authenticated (next auth plugin will be executed)cb(null, [groups]) in case user is authenticatedGroups is an array of all users/usergroups this user has access to. You should probably include username itself here.
allow_access(user, pkg, cb) Check whether the user has permissions to access a resource (package)
It should respond with:
cb(err) in case of a fatal error (error will be returned to user, keep those rare)cb(null, false) in case user not allowed to access (next auth plugin will be executed)cb(null, true) in case user is allowed to accessallow_publish(user, pkg, cb) Check whether the user has permissions to publish a resource (package)
It should respond with:
cb(err) in case of a fatal error (error will be returned to user, keep those rare)cb(null, false) in case user not allowed to publish (next auth plugin will be executed)cb(null, true) in case user is allowed to publish
FAQs
Auth plugin for Verdaccio that keeps users in memory
The npm package verdaccio-auth-memory receives a total of 22,329 weekly downloads. As such, verdaccio-auth-memory popularity was classified as popular.
We found that verdaccio-auth-memory demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
In June 2023, Google sold all Google Domains accounts to Squarespace but more than a dozen customers have had their domains hijacked in the last week due to weak security defaults and migration issues.
![Massive Automated Spam Campaign Abuses GitHub to Flood npm Registry with Thousands of Garbage Tea[.]xyz Packages](https://cdn.sanity.io/images/cgdhsj6q/production/a74d1072ff2bb5cb96a404be58a649931ced2ba5-1024x1024.webp?w=400&fit=max&auto=format)
Security News
In a reprisal of their previous Tea[.]xyz spam campaign, a new wave of thousands of garbage packages are hitting npm, to artificially inflate the number of dependents for spammers' projects.
Security News
The maintainer of the node-ip project restored the GitHub repo after disputing an exaggerated CVE rating, highlighting the impact of bogus CVEs on open source projects.