Infrastructure/verdaccio
0
Fork 0
mirror of https://github.com/verdaccio/verdaccio.git synced 2025-03-04 02:02:39 -05:00
Code Issues Activity
verdaccio/website/translated_docs/pl-PL/auth.md

3.1 KiB
Raw Blame History

id title
authentication Authentication

The authentication is tied to the auth plugin you are using. The package restrictions are also handled by the Package Access.

The client authentication is handled by the npm client itself. Once you log in to the application:

npm adduser --registry http://localhost:4873

Token jest generowany w pliku konfiguracyjnym npm znajdującym się w folderze domowym Twojego użytkownika. Aby uzyskać więcej informacji o .npmrc przeczytaj oficjalną dokumentację.

cat .npmrc
registry=http://localhost:5555/
//localhost:5555/:_authToken="secretVerdaccioToken"
//registry.npmjs.org/:_authToken=secretNpmjsToken

Anonimowa publikacja

verdaccio allows you to enable anonymous publish. To achieve that you will need to correctly set up your packages access.

Eg:

  'my-company-*':
    access: $anonymous
    publish: $anonymous
    proxy: npmjs

Zgodnie z opisem w sprawie #212 aż do npm@5.3.0 i wszystkie drobne wersje nie pozwolą ci publikować bez tokenu.

Understanding Groups

The meaning of $all and $anonymous

As you know Verdaccio uses htpasswd by default. That plugin does not implement the methods allow_access, allow_publish and allow_unpublish. Thus, Verdaccio will handle that in the following way:

  • If you are not logged in (you are anonymous), $all and $anonymous means exactly the same.
  • If you are logged in, $anonymous won't be part of your groups and $all will match any logged user. A new group $authenticated will be added to your group list.

Please note: $all will match all users, whether logged in or not.

The previous behavior only applies to the default authentication plugin. If you are using a custom plugin and such plugin implements allow_access, allow_publish or allow_unpublish, the resolution of the access depends on the plugin itself. Verdaccio will only set the default groups.

Let's recap:

  • logged in: $all and $authenticated + groups added by the plugin.
  • logged out (anonymous): $all and $anonymous.

Domyślne htpasswd

In order to simplify the setup, verdaccio uses a plugin based on htpasswd. Since version v3.0.x the verdaccio-htpasswd plugin is used by default.

auth:
  htpasswd:
    file: ./htpasswd
    # Maximum amount of users allowed to register, defaults to "+inf".
    # You can set this to -1 to disable registration.
    #max_users: 1000
Właściwość Typ Wymagane Przykład Wsparcie Opis
plik ciąg znaków Tak ./htpasswd wszystkie plik, który udostępnia zaszyfrowane poświadczenia
max_users numer Nie 1000 wszystkie ustaw limit użytkowników

In case you decide to prevent users from signing up themselves, you can set max_users: -1.