Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

npm token create password (npm token) #541

Closed
tvb opened this issue Jan 28, 2018 · 37 comments · Fixed by #1427
Closed

npm token create password (npm token) #541

tvb opened this issue Jan 28, 2018 · 37 comments · Fixed by #1427
Assignees
@juanpicado @Eomm
Labels
feat: auth outdated PR-Welcome topic: feature request topic: token
Projects
Development 4.x
Milestone
4.3.0

Comments

@tvb
Copy link

tvb commented Jan 28, 2018
edited 

$ npm token create --registry=http://my_registry:5000
npm password:

What is the password asking its for?
@juanpicado
Copy link
Member

@tvb ???

@tvb
Copy link
Author

tvb commented Jan 29, 2018

I am trying to create a token on the server itself as I still have issues getting authenticated by login in.

@juanpicado
Copy link
Member

verdaccio does not support npm token endpoint yet.

@juanpicado
Copy link
Member

But it sounds like a good research for somebody is willing to contribute 👍

@juanpicado juanpicado mentioned this issue Jan 29, 2018
Closed
@juanpicado juanpicado changed the title npm token create password npm token create password (npm token) Jan 29, 2018
@tvb
Copy link
Author

tvb commented Jan 29, 2018

@juanpicado how can I easily create a token now, without having to use npm login? Needed for ci/cd

@juanpicado
Copy link
Member

juanpicado commented Jan 29, 2018
edited

Just login with verdaccio and took it from .npmrc file in your home directory.

@tvb
Copy link
Author

tvb commented Jan 30, 2018

I can't get it to work. Whenever I login this ends up in my .npmrc file:

@scope:registry=http://mydomain.com:5000/
//mydomain.com:5000/:_password=xxxxx
//mydomain.com:5000/:username=myusername
//mydomain.com:5000/:email=myemail@mydomain.com
//mydomain.com:5000/:always-auth=false

@juanpicado
Copy link
Member

@tvb npm/npm#19652 ?

@tvb
Copy link
Author

tvb commented Jan 30, 2018

@juanpicado Exactly this. Not sure what the solution is. While this setup works for me as I am using the AWS Parameter Store to store my hashed password safely and encrypted the token would simplify the setup

@juanpicado
Copy link
Member

juanpicado commented Jan 30, 2018
edited

Options:

  1. Downgrade npm.
  2. Use yarn.
  3. ???
    Let us know 👍

@bufferoverflow bufferoverflow mentioned this issue Feb 2, 2018
Open
@mikew
Copy link

mikew commented Feb 6, 2018

Using an older version of node via Docker is also an option, just not a great one.

$ docker run --rm -it node:9.2.0-alpine sh
/ # npm login --registry https://npm.company.com
Username: admin
Password:
Email: (this IS public) admin@company.com
Logged in as admin on https://npm.company.com/.
/ # cat ~/.npmrc
//npm.company.com/:_authToken=Rwl9t+GHjlgP+brFJ6WycIe1y6r3Z+ShUEqsLusmFC11w3n6ex8JdmkMoKv/0U/D
/ #

@p3x-robot
Copy link

#577

@juanpicado juanpicado added this to To do in Roadmap Apr 12, 2018
@kopax kopax mentioned this issue Jun 2, 2018
Closed
@juanpicado juanpicado mentioned this issue Jun 3, 2018
Closed
@juanpicado juanpicado added this to To do in CLI Roadmap via automation Jun 4, 2018
@juanpicado juanpicado removed this from To do in Roadmap Jun 4, 2018
@juanpicado juanpicado mentioned this issue Sep 22, 2018
Closed
@juanpicado juanpicado added this to the 4.0.0 milestone Sep 22, 2018
@juanpicado juanpicado added this to Pick Up in Verdaccio 4 Sep 22, 2018
@varijkapil13
Copy link
Contributor

Hi, this issue is in Pick up for v4, I would love to pick it up and contribute...

@Eomm Eomm mentioned this issue Apr 4, 2019
Closed
3 tasks
@juanpicado juanpicado modified the milestones: Future, 4.1.0 Apr 16, 2019
@juanpicado juanpicado added this to To do in Development 4.x via automation Apr 16, 2019
@juanpicado juanpicado moved this from To do to In progress in Development 4.x Apr 17, 2019
@Eomm Eomm mentioned this issue May 8, 2019
Closed
@juangabreil juangabreil mentioned this issue Jun 11, 2019
Merged
@juanpicado juanpicado modified the milestones: 4.1.0, 4.2.0 Jul 1, 2019
@juanpicado juanpicado mentioned this issue Jul 18, 2019
Closed
@carlosen14
Copy link

carlosen14 commented Jul 26, 2019
edited

You can do it right now following these steps.. ( i think this might be the old way, but it is working for me on NPMJS)

  • Your project will have this .npmrc file, you can also store it on git repo (i am doing it, i am not sure if it is wrong, anyway, it only has the repo url, it is locally and the repos are user-specific locked)
#.npmrc
registry = http://127.0.0.1:4873`
  • Generate a encoded token by username:password
#auth can be generate by username:password 
echo -n 'usernm:passwd' | openssl base64
#output YWRtaW46YWRtaW4xMjN=
  • Store this string on a environment variable like depending your CI/CD.
  • On CI/CD when you compile.
docker build -t verdaccio --build-arg NPMTOKEN=$NPMTOKEN .
COPY .npmrc ./
RUN [[ -z "$NPMTOKEN" ]] && exit 1 || echo "_auth=${NPMTOKEN}" >> .npmrc
RUN npm ci
  • This will be able to download the private ones..

:)

@juanpicado juanpicado modified the milestones: 4.2.0, 4.3.0 Jul 28, 2019
juanpicado added a commit that referenced this issue Aug 3, 2019
@juanpicado @Eomm @juangabreil
feat: support for npm token
54fb3cb 
This is an effor of:

This commit intent to provide npm token support.

https: //github.com//issues/541
https: //github.com//pull/1271
https: //github.com/verdaccio/local-storage/pull/168
Co-Authored-By: Manuel Spigolon <behemoth89@gmail.com>
Co-Authored-By: Juan Gabriel Jiménez <juangabreil@gmail.com>
This was referenced Aug 3, 2019
Merged
Merged
@juanpicado
Copy link
Member

If you want to try a PoC, feel free to share feedback.

npm i -g verdaccio@feat-token --registry https://registry.verdaccio.org

@carlosen14
Copy link

If you want to try a PoC, feel free to share feedback.

npm i -g verdaccio@feat-token --registry https://registry.verdaccio.org

How to use it?

@juanpicado
Copy link
Member

@carlosen14 https://docs.npmjs.com/cli/token.html

@carlosen14
Copy link

carlosen14 commented Aug 9, 2019
edited

If you want to try a PoC, feel free to share feedback.

npm i -g verdaccio@feat-token --registry https://registry.verdaccio.org

You want me to install this on verdaccio directly? i'm using verdaccio on docker.
I installed on local machine but continues asking for password and returns 404.

@juanpicado
Copy link
Member

You want me to install this on verdaccio directly? i'm using verdaccio on docker.
I installed on local machine but continues asking for password and returns 404.

Docker image for testing is not available yet, but it will. I'll let you know @carlosen14 in the next week.

@carlosen14
Copy link

ok, i did npm login --registry verdaccio.localhost:1234 and this saved a token on /root/.npmrc

So, there is a token, i copied from there!
example:
(REAL TOKEN IS WAY MUCH LONGER THAN EXAMPLE)

//verdaccio.localhost:1234/:_authToken=eyJh.TY0N.xZik8GL

On CICD i put it using

echo '//verdaccio.localhost:1234/:_authToken=eyJh.TY0N.xZik8GL"' >> `npm config get userconfig`

Development 4.x automation moved this from In progress to Done Sep 7, 2019
juanpicado added a commit that referenced this issue Sep 7, 2019
@juanpicado
feat: npm token command support (#1427)
dbf2017 
* feat: support for npm token

This is an effor of:

This commit intent to provide npm token support.

https: //github.com//issues/541
https: //github.com//pull/1271
https: //github.com/verdaccio/local-storage/pull/168
Co-Authored-By: Manuel Spigolon <behemoth89@gmail.com>
Co-Authored-By: Juan Gabriel Jiménez <juangabreil@gmail.com>

* chore: update secrets baselines

Co-Authored-By: Liran Tal <liran.tal@gmail.com>

* chore: update lock file

* chore: add logger mock methods

* chore: update @verdaccio/types

* refactor: unit test was flacky

adapt the pkg access to the new configuration setup

* refactor: add plugin methods validation

* test: add test for aesEncrypt

* chore: update local-storage dependency

* chore: add support for experimetns

token will be part of the experiment lists

* chore: increase timeout

* chore: increase timeout threshold

* chore: update nock

* chore: update dependencies

* chore: update eslint config

* chore: update dependencies

* test: add unit test for npm token

* chore: update readme
@juanpicado juanpicado unpinned this issue Sep 8, 2019
@lock
Copy link

lock bot commented Jan 26, 2020

🤖This thread has been automatically locked 🔒 since there has not been any recent activity after it was closed.
We lock tickets after 90 days with the idea to encourage you to open a ticket with new fresh data and to provide you better feedback 🤝and better visibility 👀.
If you consider, you can attach this ticket 📨 to the new one as a reference for better context.
Thanks for being a part of the Verdaccio community! 💘

@lock lock bot added the outdated label Jan 26, 2020
@lock lock bot locked as resolved and limited conversation to collaborators Jan 26, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@juanpicado juanpicado

@Eomm Eomm

Labels
feat: auth outdated PR-Welcome topic: feature request topic: token
Projects
No open projects
Development 4.x
  
Done
Milestone
4.3.0
Development

Successfully merging a pull request may close this issue.

feat: npm token command support verdaccio/verdaccio
8 participants
@mikew @juanpicado @tvb @varijkapil13 @carlosen14 @Eomm @JanneHarju @p3x-robot