Unable to login to in-house hosted bitbucket server about verdaccio-bitbucket-server HOT 8 CLOSED

Ok, looks like a verdaccio error. disabling jwt fixes my issue

from verdaccio-bitbucket-server.

I couldn't find any api either in code which does authentication

What do you mean exactly?

What versions do you use for verdaccio, verdaccio-bitbucket-server, and bitbucket server itself?

from verdaccio-bitbucket-server.

The combination of verdaccio, verdaccio-bitbucket-server does not work on a fresh setup.

Thats the only parts I've changed in the configuration:

auth:
  bitbucket-server:
    url: "https://<server>:443/"
    limit: 1000
  htpasswd:
    file: ./htpasswd
    # Maximum amount of users allowed to register, defaults to "+inf".
    # You can set this to -1 to disable registration.
    #max_users: 1000

packages:
  '@*/*':
    # scoped packages
    access: $authenticated
    publish: $authenticated
    proxy: npmjs
    bitbucketServer: true

  '**':
    # allow all users (including non-authenticated users) to read and
    # publish all packages
    #
    # you can specify usernames/groupnames (depending on your auth plugin)
    # and three keywords: "$all", "$anonymous", "$authenticated"
    access: $authenticated

    # allow all known users to publish packages
    # (anyone can register by default, remember?)
    publish: $authenticated

    # if package is not available locally, proxy requests to 'npmjs' registry
    proxy: npmjs
    bitbucketServer: true

from verdaccio-bitbucket-server.

@RobertPaasche i could not reproduce your issue based on this configuration.
Can you set the log level to debug and post/PM me the output?

from verdaccio-bitbucket-server.

@oeph
I am currently not able to do more tests. but there where a lot of errors in the chrome dev-tools after trying to login in the frontend.

That caused a screen with a username int top left area but an empty package list.

Disabling bitbucketServer fixed it, at least for the user in htpasswd.

In the Server (http) logs the username was null for the BitbucketServer but not the htpasswd User.

We are Using Bitbucket Server v5.16.0
And the latest version of verdaccio (3.11.6), verdaccio-bitbucket-server (1.2.0)

I can try to get more informations on the next weekend.

from verdaccio-bitbucket-server.

@RobertPaasche can you provide a sample config.yaml and htpasswd file that i can use to reproduce your issue?

Could you try to start verdaccio in debug and send me the logs? (maybe also start node with --trace-warnings)

# log settings
logs:
  - {type: stdout, format: pretty, level: debug}

from verdaccio-bitbucket-server.

This issue will be closed, since it is not reproducable and I don't have further information.

from verdaccio-bitbucket-server.

@oeph I've a similar error. I can successfully use username and password auth. But when i use npm login --always-auth it will create a token and i'm not able to fetch any package.

eg: npm info npm

I always get a 400 response and no log entries.

settings:

auth:
  bitbucket-server:
    # url: "https://git.visualon.de"
    url: "http://server.bitbucket:7990"
    allow: "stash-users"
security:
  api:
    legacy: false
    jwt:
      sign:
        expiresIn: 30d
        notBefore: 0
  web:
    sign:
      expiresIn: 7d
      notBefore: 0

packages:
  '@vo/*':
    access: $authenticated
    publish: $authenticated
    unpublish: $authenticated
    proxy: pkg
    storage: vo
  '**':
    access: $all
    publish: $authenticated
    unpublish: $authenticated
    proxy: npmjs
    storage: npmjs

middlewares:
  audit:
    enabled: true

# log settings
logs:
  - { type: stdout, format: pretty, level: http }
  - { type: file, path: /verdaccio/storage/verdaccio.log, format: pretty-timestamped, level: debug }

I also tried token auth:

experiments:
  # support for npm token command
  token: true

But this does not work either.

from verdaccio-bitbucket-server.