login / adduser doesn't work when you have separate accounts for different scopes in the same registry

cli

(Jan Dockx) #1

What I Wanted to Do

Login and stay logged in with 2 accounts on https://registry.npmjs.org/, each for a different scope.
I want to see 2 _authToken entries in ~/.npmrc.

What Happened Instead

The second login replaced the general _authToken for the same registry, instead of adding one for the same registry, but a different scope.

Reproduction Steps

> npm login --scope=@A
Username: a
Password: XXXX
Email: (this IS public) personal@emailProvider.com
Logged in as a to scope @A on https://registry.npmjs.org/.

There is an _authToken in ~/.npmrc

//registry.npmjs.org/:_authToken=WWWW-WWWWW-WWWWW-WWWWW

Then

> npm login --scope=@B
Username: b
Password: YYYYY
Email: (this IS public) me@work.com
Logged in as a to scope @B on https://registry.npmjs.org/.

There is another _authToken in ~/.npmrc

//registry.npmjs.org/:_authToken=VVVV-VVVVV-VVVVVV-VVVVVV

The first token (WWWW-WWWWW-WWWWW-WWWWW) is gone.

Rinse and repeat.

Details

Platform Info

irrelevant


(Kat Marchán) #2

Yeah this is kinda deeply embedded in the design of our auth system. Can you tell me more about why you’re trying to do this?


(Jan Dockx) #3

I need to use different personas, often with different email addresses, for different clients, and personal work. When they use the same registry URI, e.g., the public npm registry, I’m toast (or at least, it’s a hassle, and error prone).


(Lars Willighagen) #4

You could maybe create a separate .npmrc for each persona in the relevant directories, with some (possible) problems:

  1. Your login is unavailable outside of those directories
  2. I don’t know if npm adduser/npm.config works with .npmrcs outside your home directory
  3. I don’t know if the auth would be loaded properly

(I’ll try to test this)

No, this doesn’t seem to work.


(Kat Marchán) #5

This is my recommendation tbh