Can not see my packages in web UI

[dimmduh]

Can only see when set access to $all and not loggined, when I login - I can not see repos any more

[juanpicado]

@dimmduh could you provide more info? Configuraiton, enviornment, verdaccio version and plugin version. Causes might be multiple and we need all you can provide to give you the best guidance.

[KRKroening]

I'm encountering the same problem in my project. Can log in and publish with my gitlab credentials fine. If my config is set to access:$all, then I am able to see my package(author is listed as Anonymous even though publish: $authenticated). If access: $authenticated, neither logged in or not can see my package.

storage: /verdaccio/storage/data

plugins: /verdaccio/plugins

listen:
  - 0.0.0.0:4873

url_prefix: /modules

auth:
  gitlab:
    url: https://gitlab.com
    authCache:
      enabled: true
      ttl: 300
    publish: $maintainer

uplinks:
  npmjs:
    url: https://registry.npmjs.org/

packages:
  '@*/*':
    # scoped packages
    access: $all
    # access: $authenticated
    publish: $authenticated
    proxy: npmjs
    gitlab: true

  '**':
    access: $all
    # access: $authenticated
    publish: $authenticated
    proxy: npmjs
    gitlab: true

logs:
  - { type: stdout, format: pretty, level: info }
  #- {type: file, path: verdaccio.log, level: info}

I'm running verdaccio-gitlab v2.2.0, locally in a docker swarm behind a Traefik reverse proxy. We do not host our own Gitlab instance. I cloned down your project and am building my own docker image from that.

When I try to load the home page while authenticated, the network call return 500, browser console prints { title: "Warning", message: "Unable to load package list: undefined" } and { title: "Warning", message: "Unable to load package list: _ is null" }

Service logs show a successful login, then on subsequent refreshing of the home page, the service logs print 200, user: null(172.27.0.1 via 10.0.0.5), req: 'GET /', bytes: 0/604. I added extra debug statements (and changed the log level to debug) in the allow_access function. On authenticated attempts, none of my debug statements print(first line of function). On unauthenticated attempts, statements print through to [gitlab] allow anonymous access to package as expected.

On login:

info <-- 10.0.0.5 requested 'POST /-/verdaccio/login'
debug--- [gitlab] querying gitlab user groups with params: { min_access_level: 40 }
debug--- [gitlab] saving data in cache for user: USERNAME
info --- [gitlab] user: USERNAME successfully authenticated
debug--- [gitlab] user: USERNAME, with groups: [ 'USERNAME', ...
http <-- 200, user: USERNAME(172.27.0.1 via 10.0.0.5), req: 'POST /-/verdaccio/login', bytes: 59/12683
info <-- 10.0.0.5 requested 'GET /'
http <-- 200, user: null(172.27.0.1 via 10.0.0.5), req: 'GET /', bytes: 0/604
info <-- 10.0.0.5 requested 'GET /-/static/0.style.cdd1fdf79cd6bec30c42.css'
info <-- 10.0.0.5 requested 'GET /-/static/vendors.b6891b53f2830d5ac3cb.js'
http <-- 200, user: null(172.27.0.1 via 10.0.0.5), req: 'GET /-/static/0.style.cdd1fdf79cd6bec30c42.css', bytes: 0/863
info <-- 10.0.0.5 requested 'GET /-/static/manifest.b6891b53f2830d5ac3cb.js'

Still logged in, refresh home page:

 info <-- 10.0.0.5 requested 'GET /'
 http <-- 200, user: null(172.27.0.1 via 10.0.0.5), req: 'GET /', bytes: 0/604
 info <-- 10.0.0.5 requested 'GET /-/static/0.style.cdd1fdf79cd6bec30c42.css'
 http <-- 200, user: null(172.27.0.1 via 10.0.0.5), req: 'GET /-/static/0.style.cdd1fdf79cd6bec30c42.css', bytes: 0/863
 info <-- 10.0.0.5 requested 'GET /-/static/manifest.b6891b53f2830d5ac3cb.js'
 http <-- 200, user: null(172.27.0.1 via 10.0.0.5), req: 'GET /-/static/manifest.b6891b53f2830d5ac3cb.js', bytes: 0/1547
 info <-- 10.0.0.5 requested 'GET /-/static/vendors.b6891b53f2830d5ac3cb.js'
 info <-- 10.0.0.5 requested 'GET /-/static/main.b6891b53f2830d5ac3cb.js'
 http <-- 200, user: null(172.27.0.1 via 10.0.0.5), req: 'GET /-/static/main.b6891b53f2830d5ac3cb.js', bytes: 0/18698
 http <-- 200, user: null(172.27.0.1 via 10.0.0.5), req: 'GET /-/static/vendors.b6891b53f2830d5ac3cb.js', bytes: 0/178097

On logout ("Blah" statement is first line of the allow_access function):

 info <-- 10.0.0.5 requested 'GET /-/verdaccio/packages'
 info --- Blah
 debug--- [gitlab] allow anonymous access to package: @scope/package-name

One thing to note: I did have to make a change to _matchGroupWithPackage() to account my specific needs. The groups weren't matching up with our repo structure and how projects/packages were named. I've been unable to find any place where similar validation is occurring on the access side, so not sure if this contributes.

Thanks

[dimmduh]

my problem in nginx before verdaccio the url "-/verdaccio/packages" does not load on main page, but if I open this url direct it works.

I use https, and all urls to static goes like http:// , chorme browser blocks these requests

[lddsb]

I have the same issue here, It's the console when I open main page:

[lddsb]

I can see the packages if I set access: $all and nologin

[haritonstefan]

I had the same issue. Upon investigation I concluded that it fails when a specific user has access to too many groups. Verdaccio is sending the authorized user in headers, which became too big.

[stremlau]

More discussion related to this issue can be found here: https://github.com/bufferoverflow/verdaccio-gitlab/issues/75

[suenot]

Have the same error.

[pysiekytel]

To workaround that fully set NODE_OPTIONS: "--max-http-header-size=32768" environmental variable to verdaccio If you are using nginx as proxy to verdaccio you have to tune also your vhost:

large_client_header_buffers 8 32k;