How to have multiple NPM users set up locally?

Question

I am using two NPM accounts: a public one and a private one. How would I set it up so that I don't need to npm login every time I publish a module on a different account?

UPD: Looking for an NPM inbuilt solution, so no shell scripts or the like

Answer 1

This is how I'm solving it having 4 different NPM logins.

1. In each project's .gitignore (and .npmignore for NPM modules) add this line: .npmrc. This will make sure you never commit (or publish) the .npmrc file.
2. In each project's folder create .npmrc file containing this: //registry.npmjs.org/:_authToken=11111111-1111-1111-1111-111111111111 (replace the GUID with an actual NPM auth token, e.g. you can grab it from ~/.npmrc)

The npm CLI will look in your current folder for the .npmrc file (or in any parent folder) and will use it for auth.

As the result all npm commands work as is, no need to pass --userconfig or anything.

---

In addition to the above you can have the default NPM token across your computer/laptop.

1. Make sure .npmrc is NOT present in .gitignore (which is common for most projects out there).
2. Create the .npmrc file in the root folder of your project. Put this inside: //registry.npmjs.org/:_authToken=${NPM_TOKEN}. This will make npm to use NPM_TOKEN env. var. And npm will abort if such env. var. is not found.
3. Commit and push that file. (Yes. Seriously.)
4. Make sure your shell has the NPM_TOKEN environment variable set. E.g. NPM_TOKEN=11111111-1111-1111-1111-111111111111. I have it in my ~/.bash_profile.

All the projects, which have this file committed, will use your environment variable NPM_TOKEN for npm auth.

As the result all npm commands work as is, no need to pass --userconfig or anything.

This is good and secure enough for CI (Continuous Integration). All CI-s allow you to set environment variables. Using this approach you can change the NPM user with a simple env. var. change.

---

Pro Tip

Type npm whoami command to check which token is currently being used in the folder.

Answer 2

I know I'm a bit late (okay, super late) in answering this, but I've just come across the same issue whilst having to publish to both private and public registries in quick succession.

The best solution I found to this issue is by having a second or third configuration file at the user level. This is how my $HOME directory looks at the moment:

Admins-iMac% ls -la ~/.npmrc* -rw------- 1 moi staff 52 10 Apr 14:48 /Users/moi/.npmrc -rw-r--r-- 1 moi staff 498 10 Apr 14:52 /Users/moi/.npmrc-private-reg -rw-r--r-- 1 moi staff 70 10 Apr 14:48 /Users/moi/.npmrc-public-reg

In the "private" and "public" dotfiles I have Artifactory and npmjs.org user setups respectively, but aside from that they're empty. My default NPM configuration file also has very little inside it, as most of my configuration sits in a global file, the reasons behind that are beside the point for this question though...

When it comes to me publishing a module to either registry, I simply pass the --userconfig option with the path to the file that I wish to authenticate with.

For example, I just pushed a package to the public NPM registry with ease, like this:

npm publish --userconfig ~/.npmrc-public-reg

---

• npm-config: https://docs.npmjs.com/misc/config#npmrc-files