>我有一个脚本,可以通过 greping 来验证用户是否已登录到私有 npm 注册表(通过"npm 登录"(:
//registry-sub-url:_authToken=
。在:
~/.npmrc
但是,随着用户的凭据过期,这会随着时间的推移而分解 (由于标准密码过期规则(。
更重要的是,我创建的帮助程序脚本无法区分成功/失败的npm login调用,因为脚本始终以0状态退出。
问:(1(我们如何验证npm login是否成功?(2( 如何识别 npm 令牌何时过期?
您可以使用npm whoami命令。
$> npm whoami
${username}
$> npm logout
npm whoami
npm ERR! code ENEEDAUTH
npm ERR! need auth This command requires you to be logged in.
npm ERR! need auth You need to authorize this machine using `npm adduser`
npm ERR! A complete log of this run can be found in:
npm ERR! /xxxxx/.npm/_logs/2019-02-06T10_21_10_780Z-debug.logged
在 GitHub 包的上下文中:如果您使用npm login --registry=https://npm.pkg.github.com登录,则可以使用npm whoami --registry=https://npm.pkg.github.com(同一注册表(来验证当前登录的用户。
$ npm login --registry=https://npm.pkg.github.com
Username: <your-user>
Password: <your-password-or-your-personal-access-token>
Email: (this IS public) <your@email.com>
Logged in as <your-user> on https://npm.pkg.github.com/.
$ npm whoami --registry=https://npm.pkg.github.com
<your-user>
如果我只运行npm whoami我会收到问题中提到的错误。
我正在发布我想出的解决方法,但我希望有一个更好的解决方案。
我让 Jenkins 定期运行这个 bash 脚本来测试/验证我的npm login针对私有注册表:
#/bin/bash
# Suppress commands (Jenkins turns this on)
set +x
# Suppress color codes from NPM output (for proper grepping)
export TERM=dumb
# Stop on any error
set -e
NPM_USERNAME=...
NPM_PASSWORD=...
NPM_URL=...
NPM_EMAIL=...
WORKSPACE=... (in my case, set by Jenkins)
echo "========"
echo "Looking for previous failed login (cached credentials)..."
echo ""
# NOTE: A previous failed login can result in an ".npmrc" containing
# a username/password in lieu of an auth token. We look for this and
# remove it (logout) if it exists so that the cached credentials are
# not applied when we run "expect" to login
# (which would see different prompts from cached credentials).
# Chop off "http:"/"https:" prefix from URL
NPM_REPO_PREFIX=`sed -e 's~https{0,1}:(.*)~1~' <<< "$NPM_URL"`
# NOTE: piping to /dev/null so the password isn't printed
set +e
grep -F "${NPM_REPO_PREFIX}:_password=" ~/.npmrc > /dev/null
GREP_EXIT="$?"
set -e
if [[ "$GREP_EXIT" == "0" ]]; then
echo "========"
echo "Logging out of repo..."
echo ""
npm logout --registry "$NPM_URL"
fi
echo "========"
echo "Logging into repo..."
echo ""
(/usr/bin/expect <<EOF
set timeout 10
spawn npm login --verbose --registry "$NPM_URL"
match_max 100000
expect "Username"
send "$NPM_USERNAMEr"
expect "Password"
send "$NPM_PASSWORDr"
expect "Email"
send "$NPM_EMAILr"
expect {
timeout exit 1
expect eof
}
EOF
) | tee "$WORKSPACE/npm-login.out"
echo "========"
echo "Verifying output of login..."
echo ""
# NOTE: If the login fails, the npm command still exits with status "0",
# so we read the verbose output to see that the http server confirms
# successful with "http 201".
set +e
grep "npm http 201" "$WORKSPACE/npm-login.out"
GREP_EXIT="$?"
set -e
if [[ "$GREP_EXIT" != "0" ]]; then
>&2 echo "========"
>&2 echo "ERROR: Failed to login to repo [$NPM_REPO]"
exit 1
else
echo "========"
echo "SUCCESS: Logged into [$NPM_REPO]"
fi
此问题可能是由于npm whoami调用文件中存在 .npmrc 文件。 如果该文件中的令牌已损坏,则会出现此错误。 您可以更正或删除文件中的令牌值,并使用全局令牌值。