search

bufferoverflow / verdaccio-gitlab

private npm registry (Verdaccio) using gitlab-ce as authentication and authorization provider
MIT License
160 stars 55 forks source link

Logging in breaks subsequent requests w/ Authorization header #79

Closed dejan9393 closed 5 years ago

dejan9393 commented 5 years ago

It seems that after logging in, if the authenticated GitLab user belongs to a lot of groups/projects, the JWT that is used in the Authorization header can get to a size large enough to cause net::ERR_CONNECTION_CLOSED errors. Has anyone else run into this?

dejan9393 commented 5 years ago

I've managed to find a workaround by increasing the max http header size in node and a few extra config lines for my reverse proxy (nginx):

Added

# docker-compose.yml

services:
  verdaccio:
    ...
    environment:
      - NODE_OPTIONS=--max-http-header-size=32000

to docker-compose.yml

and

# /etc/nginx/conf.d/verdaccio.conf

server {
  listen 443 ssl;
  ...
  http2_max_field_size 32k;
  http2_max_header_size 32k;
  ...
}

to the server block in my NGINX verdaccio config

dlouzan commented 5 years ago

This looks like a duplicate of #75, we'll be taking a look at this in the next weeks, the integration with verdaccio 4.x will be improved.

Thanks for the nginx extras, that might come handy when documenting solutions for this.