0
Fork 0
mirror of https://github.com/verdaccio/verdaccio.git synced 2025-01-20 22:52:46 -05:00
Commit graph

4 commits

Author SHA1 Message Date
Juan Picado @jotadeveloper
85c1bd1f76
fix(api): force authenticate on login (#1347)
When a user has a valid token and tries to login with other credentials the endpoint returns 201.

The reason was if another user logged previously and had a valid token stored in the terminal. We must authenticate any user that tries to log in even if the token stored is valid.

We must check credentials again and return a new token, if the credentials are wrong we reject the login. Furthermore, the new token will update the list of groups.
2019-06-13 06:58:43 +02:00
Juan Picado @jotadeveloper
f1416ed557
feat: add support for profile cli command #392 (change password) (#1034)
* feat: add support for profile cli command #392

- it allows to update password npm profile set password
- display current profile npm profile get

https://docs.npmjs.com/cli/profile

* chore: update @verdaccio/types@4.0.0

* feat: add min password length

on npm by defaul is min 7 characters, this might be configurable in the future.

* chore: update verdaccio-htpasswd@1.0.1

* refactor: update unit test

* refactor: provide friendly error for tfa request

* test: api profile unit test

* chore: fix eslint comment

* test: update profile test

* chore: set mim as 3 characters
2018-10-12 11:07:55 +02:00
Juan Picado @jotadeveloper
680811d2d0
Update deps all (#1023)
* chore: update dependencies

* chore: update flow@0.81.0

* chore: update e2e test
2018-09-27 16:37:45 +02:00
Juan Picado @jotadeveloper
a68d247a44
feat: add support for jwt on api (#896)
* feat: add support for jwt on api

* test: add unit test for sign token with jwt

add multiple scenarios with configuration file

* chore: add JWT verification on middleware

* chore: restore headless

* chore: restore middleware header validation

* refactor: fix login whether user exists

* refactor: JWT is signed asynchronously

* refactor: better structure and new naming convention

* test: add unit test for token signature

* test: add unit test for creating user with JWT enabled

#168

* docs: add security section jwt

* refactor: renable  web auth middleware

* test(auth): add legacy disabled scenario

* chore: update gitignore

* chore: add some es6 sugar

* feat: enable JWT token signature for new installations

* chore: add yaml files to git

I forgot add this before 😷

* chore: trace log on auth

in case we want more output
2018-08-21 08:05:34 +02:00