0
Fork 0
mirror of https://github.com/verdaccio/verdaccio.git synced 2024-12-23 22:27:34 -05:00
verdaccio/test/unit/partials/config/yaml/security/security-basic.yaml
Juan Picado @jotadeveloper a68d247a44
feat: add support for jwt on api (#896)
* feat: add support for jwt on api

* test: add unit test for sign token with jwt

add multiple scenarios with configuration file

* chore: add JWT verification on middleware

* chore: restore headless

* chore: restore middleware header validation

* refactor: fix login whether user exists

* refactor: JWT is signed asynchronously

* refactor: better structure and new naming convention

* test: add unit test for token signature

* test: add unit test for creating user with JWT enabled

#168

* docs: add security section jwt

* refactor: renable  web auth middleware

* test(auth): add legacy disabled scenario

* chore: update gitignore

* chore: add some es6 sugar

* feat: enable JWT token signature for new installations

* chore: add yaml files to git

I forgot add this before 😷

* chore: trace log on auth

in case we want more output
2018-08-21 08:05:34 +02:00

12 lines
439 B
YAML

security:
api:
legacy: true # use AES algorithm
# jwt enables json web token and disable legacy
# jwt: https://github.com/auth0/node-jsonwebtoken#jwtsignpayload-secretorprivatekey-options-callback
sign:
expiresIn: 7d # 7 days by default
# verify:
web:
sign:
expiresIn: 7d # 7 days by default
# verify: https://github.com/auth0/node-jsonwebtoken#jwtverifytoken-secretorpublickey-options-callback