Unauthorized Access in NPM Proxy repository in Nexus - npm

I have created a proxy of NPM repository (https://registry.npmjs.org/) in my local machine.
But when I install the bower module of node.js using the proxy repository by the command:
npm install bower
it's giving "unauthorized access"

Depending on your Nexus setup you might have to configure security to be able to allow downloads. This is documented in the NPM chapter of the Nexus documentation.

You just have to add always-auth=true in your .npmrc ! Referring to the documentation

In my case I had to activate npm Bearer Token Realm in nexus administration panel.

Related

How to configure .npmrc file to be able to combine different NPM registries?

How to set an .npmrc file to tell npm install to download all the dependencies from https://registry.npmjs.org but only a specific one from a corporate Artifactory under https://artifactory.corporation.io/artifactory/npm/ that needs authentication using ?
We can configure https://registry.npmjs.org as a remote repository(test-npm-remote) in Artifactory. If you have any packages which were developed locally can be deployed to the local(test-npm-local) repository. We can create a virtual repository that consists of local and remote repositories and pull the npm artifacts using the virtual repository(test-npm). You can find more details in the below link.
https://jfrog.com/screencast/setting-up-an-npm-registry-with-jfrog-artifactory-in-less-than-one-minute/
npm config set registry http://art.local/artifactory/api/npm/test-npm/
npm login
<enter credentials>
Sample NPM client configuration for your reference.
$ cat ~/.npmrc
email=test#test.com
always-auth=true
registry=http://art.local/artifactory/api/npm/test-npm/
//art.local/artifactory/api/npm/test-npm/:username=testuser
//art.local/artifactory/api/npm/test-npm/:_password=XXXXXXX
To install a package: npm install <PACKAGE_NAME>

How can I use Nexus proxy registry to npm install the node_modules from Github

My company only can use the Intranet, so I set up a Nexus and create a proxy registry to npm install, but I found there are some modules need pull from github. How can I get these modules from Intranet?

How do you install a repo by branch name in a github enterprise repo?

I would like to install repos to a parent repo and specify by branch name.
I have tried the following:
npm install username/repo#branchName --save
npm install username/repo#branchName --save
npm install username/repo#tag --save
npm install username/repo#tag --save
I'm getting an error that says:
Could not install from {theRepoWithBranch} as it does not contain a package.json file.
The repo definitely contains a package.json file.
I'm wondering if this is a permissions issue given I'm using an enterprise npm registry.
npm/npm issue 19788 does mention:
Currently, npm does not support installation of modules from git services hosted on private domain names.
That includes both Github for Enterprise on custom domains as well as instances of gitlab, gitea, gogs, bitbucket and many others, basically anything hosted on a custom domain name.
With the comment:
So, obviously you reference installing via an http(s):// URL directly, but just as an fyi, our GitLab Enterprise instance allows us to install using a slightly different format.
We have 2FA enabled, so it requires SSH to be used.
From the docs.
npm install <git-host>:<git-user>/<repo-name>
npm install <git repo url>
We were able to actually install our repos like this:
npm install git+ssh://git#gitlab.mydomain.com:user/repo.git
So this is more a URL format combined with permission issue.
Regarding the branch, as seen here, your syntax is correct.
And:
if I prepend git+ on the HTTPS URL it works (I run gitea which accepts basic auth)
See also npm/hosted-git-info PR 30

Installing private npm packages with an authentication key

I'm using Artifactory to pull npm packages. One of the packages that I use is stored privately and in order to access it the publisher gave me an authentication token.
I was asked to add //registry.npmjs.org/:_authToken=<private_token> to .npmrc, however my environment use Artifactory as a proxy for the public npm registry. How can I configure an authentication token geared specifically for the package?
You can use virtual repo concept of artifactory. You can upload the custom packages into your local repo and a common repo that will get the packages from the npm

Nexus OSS 3 - npm install requires npm login

We've started using Nexus OSS 3 as a standalone NPM server and so far it's working great but there's one thing that makes little sense to me, and that is the requirement to do the npm login before being able to npm install self published packages.
We're following the proposed repository structure:
npm_proxy - to use as proxy toward npm public repo
npm_private_internal - to use to upload self created internal packages
npm_private_external - to use to upload 3rd party packages
npm_group - to wrap all of them together so they're reachable with one URL
Now I understand that npm login should be required when publishing a new package, but why is it required when doing npm install of one of the self published packages, and can it be avoided ?
It's not required if you allow anonymous read privileges to your npm repositories. But I guess you've not given these privileges to the anonymous user?
If so, the alternative would be to base64 encode the needed credentials in your .npmrc file as described here:
https://books.sonatype.com/nexus-book/reference/npm-deploying-packages.html
But using npm login would be preferable.