diff --git a/wiki/README.md b/wiki/README.md index ac24aead7..a2f5d3b58 100644 --- a/wiki/README.md +++ b/wiki/README.md @@ -16,12 +16,12 @@ from a fresh look at the code and the outstanding issues. So here we are 🎉 * [Packages Access](packages.md) * [Enable Notifications](notifications.md) * [Installing Plugins](plugins.md) +* [Authorization and access](auth.md) ## Advanced Configurations diff --git a/wiki/auth.md b/wiki/auth.md new file mode 100644 index 000000000..642606210 --- /dev/null +++ b/wiki/auth.md @@ -0,0 +1,38 @@ +# Authentification + +The authentification is tied to the auth [plugin](plugins.md) you are using. The package restrictions also is handled by the [Package Access](packages.md). + +The client authentification is handled by `npm` client itself. Once you login to the application: + +```bash +npm adduser --registry http://localhost:4873 +``` + +A token is generated in the `npm` configuration file hosted in your user home folder. For more information about `.npmrc` read the [official documentation](https://docs.npmjs.com/files/npmrc). + +```bash +cat .npmrc +registry=http://localhost:5555/ +//localhost:5555/:_authToken="secretVerdaccioToken" +//registry.npmjs.org/:_authToken=secretNpmjsToken +``` + +## Default htpasswd + +In order to simplify the setup, `verdaccio` use a build-in plugin based on `htpasswd`. + +```yaml +auth: + htpasswd: + file: ./htpasswd + # Maximum amount of users allowed to register, defaults to "+inf". + # You can set this to -1 to disable registration. + #max_users: 1000 +``` + +Property | Type | Required | Example | Support | Description +--- | --- | --- | --- | --- | --- +file | string | Yes | ./htpasswd | all | file that host the encrypted credentials +max_users | number | No | 1000 | all | set limit of users + +In case to decide do not allow user to login, you can set `max_users: -1`. \ No newline at end of file