mirror of
https://github.com/verdaccio/verdaccio.git
synced 2024-12-16 21:56:25 -05:00
a68d247a44
* feat: add support for jwt on api * test: add unit test for sign token with jwt add multiple scenarios with configuration file * chore: add JWT verification on middleware * chore: restore headless * chore: restore middleware header validation * refactor: fix login whether user exists * refactor: JWT is signed asynchronously * refactor: better structure and new naming convention * test: add unit test for token signature * test: add unit test for creating user with JWT enabled #168 * docs: add security section jwt * refactor: renable web auth middleware * test(auth): add legacy disabled scenario * chore: update gitignore * chore: add some es6 sugar * feat: enable JWT token signature for new installations * chore: add yaml files to git I forgot add this before 😷 * chore: trace log on auth in case we want more output
132 lines
3.1 KiB
JavaScript
132 lines
3.1 KiB
JavaScript
// @flow
|
|
|
|
import type {
|
|
IBasicAuth,
|
|
IBasicStorage,
|
|
IStorageManager,
|
|
UpLinkConf,
|
|
Callback,
|
|
Versions,
|
|
Version,
|
|
RemoteUser,
|
|
Config,
|
|
Logger,
|
|
JWTSignOptions,
|
|
PackageAccess,
|
|
StringValue as verdaccio$StringValue,
|
|
Package} from '@verdaccio/types';
|
|
import type {
|
|
IReadTarball,
|
|
} from '@verdaccio/streams';
|
|
import type {ILocalData} from '@verdaccio/local-storage';
|
|
import lunrMutable from 'lunr-mutable-indexes';
|
|
import type {NextFunction, $Request, $Response} from 'request';
|
|
|
|
export type StringValue = verdaccio$StringValue;
|
|
|
|
export type StartUpConfig = {
|
|
storage: string;
|
|
plugins?: string;
|
|
self_path: string;
|
|
}
|
|
|
|
export type MatchedPackage = PackageAccess | void;
|
|
|
|
export type JWTPayload = RemoteUser & {
|
|
password?: string;
|
|
}
|
|
|
|
export type AESPayload = {
|
|
user: string;
|
|
password: string;
|
|
}
|
|
|
|
export type AuthTokenHeader = {
|
|
scheme: string;
|
|
token: string;
|
|
}
|
|
|
|
export type BasicPayload = AESPayload | void;
|
|
export type AuthMiddlewarePayload = RemoteUser | BasicPayload;
|
|
|
|
export type ProxyList = {
|
|
[key: string]: IProxy;
|
|
}
|
|
|
|
export type CookieSessionToken = {
|
|
expires: Date;
|
|
}
|
|
|
|
export type Utils = {
|
|
ErrorCode: any;
|
|
getLatestVersion: Callback;
|
|
isObject: (value: any) => boolean;
|
|
validate_name: (value: any) => boolean;
|
|
tag_version: (value: any, version: string, tag: string) => void;
|
|
normalizeDistTags: (pkg: Package) => void;
|
|
semverSort: (keys: Array<string>) => Array<string>;
|
|
}
|
|
|
|
export type $RequestExtend = $Request & {remote_user?: any}
|
|
export type $ResponseExtend = $Response & {cookies?: any}
|
|
export type $NextFunctionVer = NextFunction & mixed;
|
|
export type $SidebarPackage = Package & {latest: mixed}
|
|
|
|
|
|
export interface IAuthWebUI {
|
|
jwtEncrypt(user: RemoteUser, signOptions: JWTSignOptions): string;
|
|
aesEncrypt(buf: Buffer): Buffer;
|
|
}
|
|
|
|
interface IAuthMiddleware {
|
|
apiJWTmiddleware(): $NextFunctionVer;
|
|
webUIJWTmiddleware(): $NextFunctionVer;
|
|
}
|
|
|
|
export interface IAuth extends IBasicAuth, IAuthMiddleware, IAuthWebUI {
|
|
config: verdaccio$Config;
|
|
logger: verdaccio$Logger;
|
|
secret: string;
|
|
plugins: Array<any>;
|
|
}
|
|
|
|
export interface IWebSearch {
|
|
index: lunrMutable.index;
|
|
storage: IStorageHandler;
|
|
query(query: string): any;
|
|
add(pkg: Version): void;
|
|
remove(name: string): void;
|
|
reindex(): void;
|
|
configureStorage(storage: IStorageHandler): void;
|
|
}
|
|
|
|
export interface IProxy {
|
|
config: UpLinkConf;
|
|
failed_requests: number;
|
|
userAgent: string;
|
|
ca?: string | void;
|
|
logger: Logger;
|
|
server_id: string;
|
|
url: any;
|
|
maxage: number;
|
|
timeout: number;
|
|
max_fails: number;
|
|
fail_timeout: number;
|
|
upname: string;
|
|
fetchTarball(url: string): IReadTarball;
|
|
isUplinkValid(url: string): boolean;
|
|
getRemoteMetadata(name: string, options: any, callback: Callback): void;
|
|
}
|
|
|
|
export interface IStorage extends IBasicStorage {
|
|
config: Config;
|
|
localData: ILocalData;
|
|
logger: Logger;
|
|
}
|
|
|
|
export interface IStorageHandler extends IStorageManager {
|
|
localStorage: IStorage;
|
|
uplinks: ProxyList;
|
|
_syncUplinksMetadata(name: string, packageInfo: Package, options: any, callback: Callback): void;
|
|
_updateVersionsHiddenUpLink(versions: Versions, upLink: IProxy): void;
|
|
}
|