Authentication error on publishing to private NPM repository on Nexus

Question

I am having authentication problem when publishing to my private npm registry hosted on my private Nexus.

My Nexus setup is I have npm-proxy, npm-registry (hosted npm with allowRepublish=false), npm-snapshots (hosted npm with allowRepublish=true) and npm-public (group with all other three repositories).

Since I am developing a library, I am using my snapshot repository, so I can redeploy same version constantly (something like snapshot in maven world).

In my library project I have set this option in package.json

"publishConfig": {
    "registry": "https://my.nexus.com/repository/npm-snapshots/"
}

Next, I created .npmrc file with following content:

registry=https://my.nexus.com/repository/npm-public/
_auth=RVhBTVBMRQ==

And with this setup I can publish project with no problem. However, what bothers me, is that I have my password (which is just base64 encoded) stored in file, that should be commited, but I can't commit it, due to credentials in it.

I have tried to instead login to npm registry and removed the auth line from .npmrc npm adduser --registry=https://my.nexus.com/repository/npm-snapshots --always-auth

I got response Logged in as myusername on https://my.nexus.com/repository/npm-snapshots.

However, when I try to run npm publish I get:

npm ERR! code E401
npm ERR! Unable to authenticate, need: BASIC realm="Sonatype Nexus Repository Manager"
npm verb exit [ 1, true ]
npm timing npm Completed in 6867ms

npm ERR! A complete log of this run can be found in:
npm ERR!     C:\Users\XXXX\AppData\Roaming\npm-cache\_logs\2019-07-30T19_31_01_598Z-debug.log

Now in my other project (which is using this library), I simply created .npmrc file with content registry=https://nexus.mjamsek.com/repository/npm-public/ and run command npm adduser --registry=https://my.nexus.com/repository/npm-public --always-auth and I was able to download the published package.

However, the publish still won't work and I don't know why.

EDIT 31.7.2019: On my list of active realms I also have npm Bearer Token Realm

Answer 1

I faced similar issue. For me it was a problem with using registry such as "https://my.nexus.com/repository/npm-snapshots/" but having a different nexus reference in package-lock.json: "https://some.previous.nexus.com/repository/npm-snapshots/".

I found it after double checking the debug log. Removing package-lock.json helped in my case.

Answer 2

Usually, you have a repository setup in Nexus which contains:

• Hosted (repo for your private packages)
• Proxy (proxy to public packages, e.g. https://registry.npmjs.org)
• Group (group for the other 2 repos. Nexus will automatically forward requests to public packages to the proxy, and private packages to the hosted)

Like this: Nexus Setup

In my usecase I needed to include the auth-configuration twice for hosted and group to make it work.

registry=https://my-private-nexus/repository/npm-group/
email=email@domain.com
always-auth=true
//my-private-nexus/repository/npm-group/:_auth=<auth-token>
//my-private-nexus/repository/npm-hosted/:_auth=<auth-token>

Successfully tested with node v18.16.0, npm 9.5.1, Nexus OSS 3.53.1-02

Answer 3

I've had a similar issue. I also have our credentials stored in an npmrc file in my user directory. When set up with node16/npm7, I would receive the error

npm ERR! code ENEEDAUTH
npm ERR! need auth This command requires you to be logged in.
npm ERR! need auth You need to authorize this machine using `npm adduser`

If I use nvm to downgrade to node12/npm6, it works. I'd prefer a working solution without downgrading, but for now it lets me move on.

UPDATE:

We finally figured it out (a while ago, but I forgot about this answer). In our .npmrc files in our user directories, we needed to add/change our authorization config entry.

Before:
_auth={base64 encoded username:password}

After:
//{path to private repository}:_auth={base64 encoded username:password}

Answer 4

I had same problem, my solution was to delete my global .npmrc file, and after login npm login.

Answer 5

Just enable anonymous access in the nexus dashboard, it will pull from your private registry.

Answer 6

I had ended with three versions of node on my machine. It turned out that the ones i installed later had their own local .npmrc files in the node_modules folders. They didn't use the global .npmrc even after i removed the local one so i had to copy it.

Answer 7

I was struggling about this problem last two days, finally the solution was to delete .npmrc file from root (user) directory. When npm tried to login, it used the creds inside this file and ignore your pass login.

Answer 8

I encountered this problem today, my solution was to delete all registry entry from my npmrc file:

registry=https://my.nexus.com/repository/npm-snapshots/

Idealy delete anything superfluous, back it up before-hand, in my case my file contained only:

strict-ssl=false

Then you can npm login --registry=https://my.nexus.com/repository/npm-public/ again.

If that's not working, you also bypass npm login with curl, look at this life saving post.

Answer 9

_auth= replaced with output of btoa('username:userpassword') and it worked for me.

I did use this btoa from chrome as below.

Answer 10

Make sure the _auth token is correct. In my case I changed my system credentials and forgot to generate new _auth token. I was getting the exact same error i.e. "npm ERR! code E401 npm ERR! Unable to authenticate, need: BASIC realm="Sonatype Nexus Repository Manager"

once i fixed it, the issue was resolved. For those who are looking for the command to generate _auth. It is: btoa('username:userpassword')

Answer 11

You need a trailing slash on the end of the registry URL passed into npm adduser, otherwise npm will chop off the last segment of the URL, and it won't work.

Answer 12

When you do npm login or npm adduser the NPM client creates an authentication token that will be used in future request to the registry. Default NXRM configuration allows only Local Authenticating Realm which doesn't recognise NPM's token. Please make sure you have npm Bearer Token Realm active.