You should use always-auth true with npm and configure couch to require auth for all access (see config of couchdb)
On Saturday, March 29, 2014 11:29:50 PM UTC+1, Matthias Bleyl wrote: > > We set up a private NPM repository with some success: > > * the repository seems to work fine > * it is possible to publish packages into the repository > * it is possible to install packages from the repository > > However, it seems for the moment that EVERYBODY (knowing our repository) > would be able to publish packages there, and that EVERYBODY would be able > to install packages from our repository? > > Our idea is of course to restrict the access to authorized users only - > but how to do it? > > I found some discussions on the net but no clear answers. > > What can we do to block our private repository from unauthorized access by > other users? > -- -- Job Board: http://jobs.nodejs.org/ Posting guidelines: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines You received this message because you are subscribed to the Google Groups "nodejs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/nodejs?hl=en?hl=en --- You received this message because you are subscribed to the Google Groups "nodejs" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
