fix #1328 and #720
Type: bug
The following has been addressed in the PR:
Instead of returning a 404 (Not Found) when npm, yarn, etc requests a package and the package cannot be acquired from an uplink due to a connection timeout, socket timeout, or connection reset problem, a 503 (service unavailable) is returned by Verdaccio instead. In limited testing of a few versions of npm and yarn, both of these clients correctly attempt to retry the request when a 503 is returned.
Added functional tests to verify the behavior (this adds a dev dependency on nock, which provides HTTP request mocking
Description:
This resolves issue #1328 and #720, and ensures npm/yarn install commands don't fail immediately when there is an intermittent network timeout problem with an uplink. Instead Verdaccio will appropriately respond to the client with a 503. A 404 response (current behavior) incorrectly tells the client that the package does not exist (which may or may not be true) and to not try again.
* refactor: remove usage of assert from cache.js [#973]
* refactor: remove usage of assert from no_proxy.spec.js [#973]
* refactor: remove usage of assert from cache.js [#973]
* feat: add support for jwt on api
* test: add unit test for sign token with jwt
add multiple scenarios with configuration file
* chore: add JWT verification on middleware
* chore: restore headless
* chore: restore middleware header validation
* refactor: fix login whether user exists
* refactor: JWT is signed asynchronously
* refactor: better structure and new naming convention
* test: add unit test for token signature
* test: add unit test for creating user with JWT enabled
#168
* docs: add security section jwt
* refactor: renable web auth middleware
* test(auth): add legacy disabled scenario
* chore: update gitignore
* chore: add some es6 sugar
* feat: enable JWT token signature for new installations
* chore: add yaml files to git
I forgot add this before 😷
* chore: trace log on auth
in case we want more output
