Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

Appearance settings

Commit b8c485a

Browse filesBrowse files
committed
fix: use basic auth for npm registry access
When username and password are configured in the .npmrc for the respective scope, use basic auth when getting package metadate from the npm registry.
1 parent af3e6c4 commit b8c485a
Copy full SHA for b8c485a

File tree

Expand file treeCollapse file tree

1 file changed

+19
-5
lines changed
Filter options
Expand file treeCollapse file tree

1 file changed

+19
-5
lines changed

‎packages/@vue/cli/lib/util/ProjectPackageManager.js

Copy file name to clipboardExpand all lines: packages/@vue/cli/lib/util/ProjectPackageManager.js
+19-5Lines changed: 19 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -197,7 +197,7 @@ class PackageManager {
197197
return this._registries[cacheKey]
198198
}
199199

200-
async getAuthToken (scope) {
200+
async getAuthConfig (scope) {
201201
// get npmrc (https://docs.npmjs.com/configuring-npm/npmrc.html#files)
202202
const possibleRcPaths = [
203203
path.resolve(this.context, '.npmrc'),
@@ -225,8 +225,18 @@ class PackageManager {
225225
.replace(/https?:/, '') // remove leading protocol
226226
.replace(/([^/])$/, '$1/') // ensure ending with slash
227227
const authTokenKey = `${registryWithoutProtocol}:_authToken`
228+
const authUsernameKey = `${registryWithoutProtocol}:username`
229+
const authPasswordKey = `${registryWithoutProtocol}:_password`
228230

229-
return npmConfig[authTokenKey]
231+
const auth = {}
232+
if (authTokenKey in npmConfig) {
233+
auth.token = npmConfig[authTokenKey]
234+
}
235+
if (authPasswordKey in npmConfig) {
236+
auth.username = npmConfig[authUsernameKey]
237+
auth.password = Buffer.from(npmConfig[authPasswordKey], 'base64').toString()
238+
}
239+
return auth
230240
}
231241

232242
async setRegistryEnvs () {
@@ -296,9 +306,13 @@ class PackageManager {
296306
headers.Accept = 'application/vnd.npm.install-v1+json;q=1.0, application/json;q=0.9, */*;q=0.8'
297307
}
298308

299-
const authToken = await this.getAuthToken(scope)
300-
if (authToken) {
301-
headers.Authorization = `Bearer ${authToken}`
309+
const authConfig = await this.getAuthConfig(scope)
310+
if ('password' in authConfig) {
311+
const credentials = Buffer.from(`${authConfig.username}:${authConfig.password}`).toString('base64')
312+
headers.Authorization = `Basic ${credentials}`
313+
}
314+
if ('token' in authConfig) {
315+
headers.Authorization = `Bearer ${authConfig.token}`
302316
}
303317

304318
const url = `${registry.replace(/\/$/g, '')}/${packageName}`

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.