Verdaccio 2.x/3.x module for npm profile commands
Basic Verdaccio 2.x/3.x module for handling npm profile commands and changing password with verdaccio-htpasswd authentication plugin
Install
As simple as running:
$ npm install -g verdaccio-profile-api
Configure
Plugin configuration:
middlewares:
profile-api:
password_hash: md5
password_policy: (?=.{9,})(?=.*?[^\w\s])(?=.*?[0-9])(?=.*?[A-Z]).*?[a-z].*
password_hash
md5: use apache-md5 hashsha1: use crypt sha-1 hash- leave empty to use
cryptDES fromunix-crypt-td-js
password_policy
Regular expression to check for password policy. (?=.{9,})(?=.*?[^\w\s])(?=.*?[0-9])(?=.*?[A-Z]).*?[a-z].* for lenght at least 9 characters, at least one upper, lower, number and special character
Usage
- First log in to npm private registry
$ npm login --registry http://localhost:4873 - Once logged in, you can view your profile. Except username all fields are blank, which is okey, as Verdaccio does not store profile information
$ npm profile get --registry http://localhost:4873 ┌─────────────────┬──────────────┐ │ name │ adam │ ├─────────────────┼──────────────┤ │ email │ (unverified) │ ├─────────────────┼──────────────┤ │ two-factor auth │ disabled │ ├─────────────────┼──────────────┤ │ fullname │ │ ├─────────────────┼──────────────┤ │ homepage │ │ ├─────────────────┼──────────────┤ │ freenode │ │ ├─────────────────┼──────────────┤ │ twitter │ │ ├─────────────────┼──────────────┤ │ github │ │ ├─────────────────┼──────────────┤ │ created │ │ ├─────────────────┼──────────────┤ │ updated │ │ └─────────────────┴──────────────┘ - Change your password (works only for htpasswd authetification) by running
Now you can logout and login with your new credentials.$ npm profile set password --registry http://localhost:4873 Current password: New password: Again: Set password - If password policy is configured, server returns
E400for passwords not matching password policy
How does it work
Plugin implements npm user API. Currently only npm profile get and npm profile set password is supported.