2 KiB
id | title |
---|---|
authentification | Authentification |
The authentification is tied to the auth plugin you are using. The package restrictions also is handled by the Package Access.
The client authentification is handled by npm
client itself. Once you login to the application:
npm adduser --registry http://localhost:4873
A token is generated in the npm
configuration file hosted in your user home folder. For more information about .npmrc
read the official documentation.
cat .npmrc
registry=http://localhost:5555/
//localhost:5555/:_authToken="secretVerdaccioToken"
//registry.npmjs.org/:_authToken=secretNpmjsToken
Anonymous publish
verdaccio
allows you to enable anonymous publish, to achieve that you will need to set up correctly your packages acces.
Eg:
'my-company-*':
access: $anonymous
publish: $anonymous
proxy: npmjs
As is described on issue #212 until npm@5.3.0
and all minor releases won't allow you publish without a token. However yarn
has not such limitation.
Default htpasswd
In order to simplify the setup, verdaccio
use a plugin based on htpasswd
.
As of version v3.0.0-beta.x an external plugin
is used by default. The v2.x version of this package still contains the
built-in version of this plugin.
auth:
htpasswd:
file: ./htpasswd
# Maximum amount of users allowed to register, defaults to "+inf".
# You can set this to -1 to disable registration.
#max_users: 1000
Property | Type | Required | Example | Support | Description |
---|---|---|---|---|---|
file | string | Yes | ./htpasswd | all | file that host the encrypted credentials |
max_users | number | No | 1000 | all | set limit of users |
In case to decide do not allow user to login, you can set max_users: -1
.