Unclear error message when trying to authenticate with wrong password: E409 Conflict
See original GitHub issueMy reason:
I’m getting the following error message from NPM 5 while trying to authenticate with a wrong password:
[mac ~]# npm login --registry http://localhost:4873
Username: username
Password:
Email: (this IS public) user@email.com
npm ERR! code E409
npm ERR! Conflict
npm ERR! A complete log of this run can be found in:
npm ERR! /Users/user/.npm/_logs/2017-12-20T12_39_01_443Z-debug.log
[mac ~]#
Steps to reproduce:
Try to npm login with an incorrect password.
App Version:
Verdaccio 2.7.0 NodeJS v8.9.3 NPM 5.5.1
Config file:
storage: /storage
uplinks:
npmjs:
url: https://registry.npmjs.org/
auth:
type: bearer
token: xxx
packages:
'@*/*':
access: $authenticated
publish: $authenticated
proxy: npmjs
'**':
access: $all
publish: $authenticated
proxy: npmjs
logs:
- {type: stdout, format: pretty, level: info}
auth:
ldap:
type: ldap
groupNameAttribute: cn
client_options:
url: ldaps://local.ad
adminDn: admin@ad.net
adminPassword: xxxx
searchBase: OU=users,DC=ad,DC=net
searchFilter: (sAMAccountName={{username}})
searchAttributes:
- memberOf
Additional information:
It seems that NPM 5 expects 401 status code and the www-authenticate header to be set to display a proper error message:
[mac ~]# npm login --registry https://registry.npmjs.org
Username: username
Password:
Email: (this IS public) user@email.com
npm ERR! code E401
npm ERR! Incorrect or missing password.
npm ERR! If you were trying to login, change your password, create an
<...>
but Verdaccio overrides response status code to be 409.
Additional verbose log:
Verdaccio log:
<...>
http <-- 409, user: undefined(127.0.0.1), req: 'PUT /-/user/org.couchdb.user:username', error: bad username/password, access denied
info <-- 127.0.0.1 requested 'GET /-/user/org.couchdb.user:username?write=true'
http <-- 200, user: undefined(127.0.0.1), req: 'GET /-/user/org.couchdb.user:username?write=true', bytes: 0/53
info <-- 127.0.0.1 requested 'PUT /-/user/org.couchdb.user:username/-rev/undefined'
warn --- LDAP error no such user: "username"
warn --- LDAP error no such user: "username"
http <-- 409, user: undefined(127.0.0.1), req: 'PUT /-/user/org.couchdb.user:username/-rev/undefined', error: bad username/password, access denied
info <-- 127.0.0.1 requested 'PUT /-/user/org.couchdb.user:username'
warn --- LDAP error no such user: "username"
http <-- 409, user: undefined(127.0.0.1), req: 'PUT /-/user/org.couchdb.user:username', error: bad username/password, access denied
<...>
Issue Analytics
- State:
- Created 6 years ago
- Comments:9 (6 by maintainers)
Top Results From Across the Web
How To Fix the “409 Conflict” Error (5 Methods) - Kinsta
The "409 conflict" error can be frustrating, but it is actually easy to fix. Learn how to fix the error using 5 different...
Read more >Which error message is better when users entered a wrong ...
I think the error message: "The password you entered is incorrect" is more clear to users, And, What's more, it's very easy to...
Read more >Generic error message for wrong password or username
One should show a generic message instead, like "Password or username are wrong".
Read more >No wrong password/credentials error on Checkout page login
When a user is logging in on the checkout page during their order and they enter the wrong password, do error is show,...
Read more >high risk login details - very confused. - Microsoft Q&A
then on the second entry for MFA, it would then say false there. then I tested this and went to azure as myself...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Okay . I’ll keep in mind @juanpicado 😃
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.