mirror of
https://github.com/verdaccio/verdaccio.git
synced 2024-12-23 22:27:34 -05:00
a68d247a44
* feat: add support for jwt on api * test: add unit test for sign token with jwt add multiple scenarios with configuration file * chore: add JWT verification on middleware * chore: restore headless * chore: restore middleware header validation * refactor: fix login whether user exists * refactor: JWT is signed asynchronously * refactor: better structure and new naming convention * test: add unit test for token signature * test: add unit test for creating user with JWT enabled #168 * docs: add security section jwt * refactor: renable web auth middleware * test(auth): add legacy disabled scenario * chore: update gitignore * chore: add some es6 sugar * feat: enable JWT token signature for new installations * chore: add yaml files to git I forgot add this before 😷 * chore: trace log on auth in case we want more output
12 lines
439 B
YAML
12 lines
439 B
YAML
security:
|
|
api:
|
|
legacy: true # use AES algorithm
|
|
# jwt enables json web token and disable legacy
|
|
# jwt: https://github.com/auth0/node-jsonwebtoken#jwtsignpayload-secretorprivatekey-options-callback
|
|
sign:
|
|
expiresIn: 7d # 7 days by default
|
|
# verify:
|
|
web:
|
|
sign:
|
|
expiresIn: 7d # 7 days by default
|
|
# verify: https://github.com/auth0/node-jsonwebtoken#jwtverifytoken-secretorpublickey-options-callback
|