verdaccio-htpasswd

What is verdaccio-htpasswd?

The verdaccio-htpasswd package is a plugin for Verdaccio, a lightweight private npm proxy registry. This plugin allows you to manage user authentication using htpasswd files, which is a simple way to store usernames and passwords for HTTP authentication.

What are verdaccio-htpasswd's main functionalities?

User Authentication

This feature allows you to authenticate users against an htpasswd file. The code sample demonstrates how to set up the htpasswd plugin and authenticate a user.

const Htpasswd = require('verdaccio-htpasswd');
const config = { file: './htpasswd', max_users: 1000 };
const htpasswd = new Htpasswd(config);

htpasswd.authenticate('username', 'password', (err, user) => {
  if (err) {
    console.error('Authentication failed:', err);
  } else {
    console.log('Authenticated user:', user);
  }
});

User Registration

This feature allows you to register new users by adding them to the htpasswd file. The code sample demonstrates how to add a new user.

const Htpasswd = require('verdaccio-htpasswd');
const config = { file: './htpasswd', max_users: 1000 };
const htpasswd = new Htpasswd(config);

htpasswd.adduser('newuser', 'newpassword', (err, user) => {
  if (err) {
    console.error('User registration failed:', err);
  } else {
    console.log('Registered user:', user);
  }
});

Password Management

This feature allows you to change the password of an existing user. The code sample demonstrates how to change a user's password.

const Htpasswd = require('verdaccio-htpasswd');
const config = { file: './htpasswd', max_users: 1000 };
const htpasswd = new Htpasswd(config);

htpasswd.changePassword('username', 'newpassword', (err) => {
  if (err) {
    console.error('Password change failed:', err);
  } else {
    console.log('Password changed successfully');
  }
});

Other packages similar to verdaccio-htpasswd

htpasswd

The htpasswd package is a simple utility for managing htpasswd files. It provides basic functionalities like adding and deleting users, but it does not integrate directly with Verdaccio like verdaccio-htpasswd does.

http-auth

The http-auth package provides HTTP Basic and Digest authentication for Node.js. While it offers more advanced authentication mechanisms, it does not specifically integrate with Verdaccio for npm registry authentication.

express-basic-auth

The express-basic-auth package is a simple middleware for basic authentication in Express.js applications. It is useful for protecting routes with basic auth but does not offer the same level of integration with Verdaccio as verdaccio-htpasswd.

README

Verdaccio Module For User Auth Via Htpasswd

verdaccio-htpasswd is a default authentication plugin for the Verdaccio.

This plugin is being used as dependency after v3.0.0-beta.x. The v2.x still contains this plugin built-in.

Install

As simple as running:

$ npm install -g verdaccio-htpasswd

Configure

auth:
    htpasswd:
        file: ./htpasswd
        # Maximum amount of users allowed to register, defaults to "+infinity".
        # You can set this to -1 to disable registration.
        #max_users: 1000

Logging In

To log in using NPM, run:

    npm adduser --registry  https://your.registry.local

Generate htpasswd username/password combination

If you wish to handle access control using htpasswd file, you can generate username/password combination form here and add it to htpasswd file.

How does it work?

The htpasswd file contains rows corresponding to a pair of username and password separated with a colon character. The password is encrypted using the UNIX system's crypt method and may use MD5 or SHA1.

Plugin Development in Verdaccio

There are many ways to extend Verdaccio, currently it support authentication plugins, middleware plugins (since v2.7.0) and storage plugins since (v3.x).

Useful Links

• Plugin Development
• List of Plugins