8000
Is it possible to mix classic auth plugin with apiJWTmiddleware · verdaccio · Discussion #5268 · GitHub
More Web Proxy on the site http://driver.im/
You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi,
Here is my use case:
I have 2 verdaccio instances running on docker. One is public, the other one is private.
I would like people to only use the public verdaccio url and let that one proxy (via uplink) to the private one when some requirements are met:
I want people that access the public verdaccio to access packages of the private one when the request is coming from our local network (I'll call that internal access).
I also want to use the auth-gitlab plugin for internal and external access on some packages.
My issue is that I created a custom auth plugin with the apiJWTmiddleware method in order to detect the incoming ip adress of the request and add the internal/external group to the current user. But at this point, there is often no user existing so I have to create one (helpers.createAnonymousRemoteUser();).
This works well except it prevents the auth-gitlab plugin to do its work because using apiJWTmiddleware in any plugin bypasses authentication.
Is there another way of doing something like this ? In the authentication or access part of the plugin it seems I cannot access the original request to check the ip address.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
-
Hi,
Here is my use case:
I have 2 verdaccio instances running on docker. One is public, the other one is private.
I would like people to only use the public verdaccio url and let that one proxy (via uplink) to the private one when some requirements are met:
My issue is that I created a custom auth plugin with the apiJWTmiddleware method in order to detect the incoming ip adress of the request and add the internal/external group to the current user. But at this point, there is often no user existing so I have to create one (helpers.createAnonymousRemoteUser();).
This works well except it prevents the auth-gitlab plugin to do its work because using apiJWTmiddleware in any plugin bypasses authentication.
Is there another way of doing something like this ? In the authentication or access part of the plugin it seems I cannot access the original request to check the ip address.
Beta Was this translation helpful? Give feedback.
All reactions