Skip to content

Latest commit

 

History

History
22 lines (18 loc) · 1.02 KB

README.md

File metadata and controls

22 lines (18 loc) · 1.02 KB

verdaccio-api-auth

This plugin allows you to handle authentication externally with an api.

I haven't used Verdaccio in a long time and I have no idea if this still works.

Installation

Install the plugin using npm i verdaccio-api-auth, then update your configuration:

auth:
    api-auth:
        url: https://yourserver.tld/api
        secret: supersecretstring

API

There are 4 main endpoints you need to support:

  • POST /authenticate - This will have a body containing username and password, and should return an array of group names if correct.
  • POST /allow_access - This will have a body containing user (User information, containing name) and package (Package information, containing name). It should return true or false.
  • POST /allow_publish - Body contains user and package objects, should return a boolean.
  • POST /allow_unpublish - Body contains user and package objects, should return a boolean.

The secret specified in the configuration will be sent as the Authorization header.