fix #1502 . fix #1479 . use utf8mb4 in sequelize. change column version to length 70

typo
2019-08-30 16:27:17 +08:00 · 2019-08-30 15:49:06 +08:00
59 changed files with 238 additions and 1768 deletions
--- a/.travis.yml
+++ b/.travis.yml
@@ -3,9 +3,8 @@ language: node_js
 node_js:
  - '8'
  - '10'
-services:
-  - mysql
-  - postgresql
+addons:
+  - postgresql: '9.3'
 script: 'make test-travis-all'
 after_script:
  - 'npm i codecov && codecov'
--- a/History.md
+++ b/History.md
@@ -1,100 +1,3 @@
-3.0.0-rc.39 / 2021-01-14
-==================
-
-**features**
-  * [[`33dd355`](http://github.com/cnpm/cnpmjs.org/commit/33dd3554f5daf13de33f04128be6853ce120636f)] - feat: impl dist-tag hooks (#1612) (killa <<killa123@126.com>>)
-
-3.0.0-rc.38 / 2021-01-12
-==================
-
-**features**
-  * [[`c6040b`](http://github.com/cnpm/cnpmjs.org/commit/1c6040bc95610e23b4756baa09e8119cda2fe01e)] - performance: optimise query pkg latestModified  (#1611) (killa <<killa123@126.com>>)
-
-
-3.0.0-rc.37 / 2020-10-21
-==================
-
-**features**
-  * [[`39c3223`](http://github.com/cnpm/cnpmjs.org/commit/39c322332ffafc512bf56c1679d2904fece2ae07)] - feat: new registry api (#1597) (killa <<killa123@126.com>>)
-  * [[`45f2f8b`](http://github.com/cnpm/cnpmjs.org/commit/45f2f8b31f095eeadf0f47e234d6eb225e6b197f)] - feat: impl registry token api (#1590) (killa <<killa123@126.com>>)
-  * [[`e97835f`](http://github.com/cnpm/cnpmjs.org/commit/e97835f7020e945e59fa7a84b14ab58c580add1e)] - feat: support custom web middlewares (#1563) (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`3cb3fe0`](http://github.com/cnpm/cnpmjs.org/commit/3cb3fe02f01dd669ad4bd3aebca51c44eb9e5938)] - feat: list all package versions by date (#1557) (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`a8ff647`](http://github.com/cnpm/cnpmjs.org/commit/a8ff647aa0f73076f4625e395e5da8ced9f61680)] - feat: retry sync fail on cnpm registry (#1547) (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`2c511f2`](http://github.com/cnpm/cnpmjs.org/commit/2c511f2209329e95b0cbe7603fa98a7f93c66474)] - feat: add unpublishRemoveTarball mode (#1536) (Khaidi Chu <<i@2333.moe>>)
-  * [[`19563f5`](http://github.com/cnpm/cnpmjs.org/commit/19563f58517ffaebed8006630bd467f15b71d9ff)] - feat: allow to disable npm audits proxy (#1430) (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`8e2367e`](http://github.com/cnpm/cnpmjs.org/commit/8e2367ee1676bd36a4112cf0f6dce2c4f422806e)] - feat: dont check db data on tgz download request (#1477) (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`be05886`](http://github.com/cnpm/cnpmjs.org/commit/be05886452803d46f614bdde497ccdec8e9ed734)] - feat: add vary header on cdn (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`ea46399`](http://github.com/cnpm/cnpmjs.org/commit/ea46399265615c70ee33d9cab9ba5d5ce312fb67)] - feat: allow disable search page (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`581925d`](http://github.com/cnpm/cnpmjs.org/commit/581925db9733d295be02e75f0090db05fd6bae75)] - feat: support cache-control header on registry request (#1468) (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`7f0c141`](http://github.com/cnpm/cnpmjs.org/commit/7f0c141ac2f7679b5322aadd537c5ff1bef0b032)] - feat: allow config request protocol (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`807187e`](http://github.com/cnpm/cnpmjs.org/commit/807187ebeb0b266828a59724234e1a99c3238eb3)] - feat: add redis cache to import list all versions api perf (#1441) (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`99c4c3f`](http://github.com/cnpm/cnpmjs.org/commit/99c4c3fe35a9fde805751ef3d44413413f053f45)] - feat: support customized middlewares (#1436) (Khaidi Chu <<i@2333.moe>>)
-  * [[`4b57c11`](http://github.com/cnpm/cnpmjs.org/commit/4b57c118a0b044f41b1c98eaf92449221c984c15)] - feat: can override tgz download options (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`b395c66`](http://github.com/cnpm/cnpmjs.org/commit/b395c666be3ae6b237803239fae8678647f3b70b)] - feat: proxy npm audit request (#1419) (alsotang <<alsotang@gmail.com>>)
-  * [[`a4a25f9`](http://github.com/cnpm/cnpmjs.org/commit/a4a25f9e381aa20e1ef1e709f320aae41f3ae466)] - feat: use faster etag instead of koa-etag (#1409) (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`90580a7`](http://github.com/cnpm/cnpmjs.org/commit/90580a72e56c69f8f03bbdb64d79b4b1b139fbbf)] - feat: configurable view directory (#1400) (Khaidi Chu <<i@2333.moe>>)
-  * [[`ad2d341`](http://github.com/cnpm/cnpmjs.org/commit/ad2d341d2c9317b062a25363f4805aedfef3913b)] - feat: sync downloads total <= 10000 unpublish package (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`25a9030`](http://github.com/cnpm/cnpmjs.org/commit/25a90300473e6ac437e393de139cebde1e354e8c)] - feat: allow to close mysql trace (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`017af69`](http://github.com/cnpm/cnpmjs.org/commit/017af69cce23c870694d124f4a865864e5c061cd)] - feat: add badgeService define on config (#1387) (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`842c031`](http://github.com/cnpm/cnpmjs.org/commit/842c0316ede2b19b76d9c1ca790902de467c82e9)] - feat: show versions list on package page (#1386) (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`bd87907`](http://github.com/cnpm/cnpmjs.org/commit/bd87907b69d3e65aa544930b5c7f04e75bdbc773)] - feat: auto retry if download tgz error (#1363) (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`533c27f`](http://github.com/cnpm/cnpmjs.org/commit/533c27fa78323ee50fcd549115034915ea3017ef)] - feat: support nfs.url return multi urls (#1344) (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`e61c7fa`](http://github.com/cnpm/cnpmjs.org/commit/e61c7fa32bdc54ef4474a071da686c70e512b009)] - feat: support pass through querystring to tgz url (#1334) (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`34d3a1e`](http://github.com/cnpm/cnpmjs.org/commit/34d3a1eabe927dc5c8c87436e2b644c70a7abc2a)] - feat: auto sync delete packages which deleted in 24 hours (#1315) (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`4210b7b`](http://github.com/cnpm/cnpmjs.org/commit/4210b7bdf8bfe8dfa2578802fd1d14e7411d4ea6)] - feat: can config to not sync deleted versions (#1282) (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`56c9457`](http://github.com/cnpm/cnpmjs.org/commit/56c945740f545abe9ba55759f6b1502a3abc453d)] - feat: let opensearch host can be config (#1258) (fengmk2 <<fengmk2@gmail.com>>)
-
-**fixes**
-  * [[`b7089d3`](http://github.com/cnpm/cnpmjs.org/commit/b7089d33d400f9fd4fc398479d4dac5aab26b633)] - fix: set maintainer to current user if maintainer is undefined (#1592) (killa <<killa123@126.com>>)
-  * [[`2b74e00`](http://github.com/cnpm/cnpmjs.org/commit/2b74e00cb9ae20e9cf2f06c54ef8dbe6a36b4066)] - fix: release 3.0.0-rc.35 fix npm include functions dir (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`61549b4`](http://github.com/cnpm/cnpmjs.org/commit/61549b47a2f49c163bef6994f1e0f5f761317975)] - fix: avoid "ENAMETOOLONG: name too long" error (#1583) (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`e7bafb2`](http://github.com/cnpm/cnpmjs.org/commit/e7bafb2ee9d80ce3ef4087a6b69bc17517f85ec5)] - fix: audit proxy test cases (#1537) (Khaidi Chu <<i@2333.moe>>)
-  * [[`92b7216`](http://github.com/cnpm/cnpmjs.org/commit/92b72169a89cec333177d1ba65205a31e60ebbb2)] - fix: maintainer permission greater than scope (#1494) (Khaidi Chu <<i@2333.moe>>)
-  * [[`f084eba`](http://github.com/cnpm/cnpmjs.org/commit/f084ebae2106c8d4435dc0385e493fe18c6cec8a)] - fix: cpu usage 100% in node@6.x (#1470) (Yiman Liu <<413893093@qq.com>>)
-  * [[`8d57216`](http://github.com/cnpm/cnpmjs.org/commit/8d572169b7293a33035257d3525c66b0abb5b679)] - fix: add cache on total (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`585f55b`](http://github.com/cnpm/cnpmjs.org/commit/585f55bbcc0ce257bfab2f0f545dd8a89c66ca49)] - fix: download url pathname (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`da2f964`](http://github.com/cnpm/cnpmjs.org/commit/da2f9640b87f1b110210b7b8caaf26b4b854ede8)] - fix: dont override exists weburl (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`b094f56`](http://github.com/cnpm/cnpmjs.org/commit/b094f5692f83700f152dd6ea9eb65f67385f6b5f)] - fix: changes stream syncer without deps (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`65bca46`](http://github.com/cnpm/cnpmjs.org/commit/65bca46f3c275bac5dc7497eb266d84605f6f8f8)] - fix: don't cache npm_service.cnpmjs.org request (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`f9d4858`](http://github.com/cnpm/cnpmjs.org/commit/f9d4858862a4b70cb989c3c60478c2424ca2c139)] - fix: avoid toString as downloads count key (#1438) (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`8a2f744`](http://github.com/cnpm/cnpmjs.org/commit/8a2f744749fc9f1297ff298fafe14deacf67efea)] - fix: don't update __all__ downloads every times (#1417) (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`9bdb695`](http://github.com/cnpm/cnpmjs.org/commit/9bdb695375a800464636d70981f433b7a11dd82d)] - fix: proxy to source registry when package is public scoped with encoded path (#1415) (Albert Zhang <<label4king@163.com>>)
-  * [[`8bd0a2d`](http://github.com/cnpm/cnpmjs.org/commit/8bd0a2d49195734afa988cce69804d8540bbda19)] - fix: swap compress middleware and notFound position (#1413) (alsotang <<alsotang@gmail.com>>)
-  * [[`93d5def`](http://github.com/cnpm/cnpmjs.org/commit/93d5def8ac8882edbd526e5a7341e07c99463b25)] - fix: show package when non-semver version of semver tag (#1411) (Khaidi Chu <<i@2333.moe>>)
-  * [[`6a8434e`](http://github.com/cnpm/cnpmjs.org/commit/6a8434e0cae391981579af1a0b533aff0008904f)] - fix: Don't display sync info when the sync mode is none (#1410) (XingKai Zhang <<jack_zhxk@163.com>>)
-  * [[`4a3a851`](http://github.com/cnpm/cnpmjs.org/commit/4a3a851256483d438753b154d80d28c12c1d625c)] - fix: use <%- instead of <%= in user profile page (#1404) (Khaidi Chu <<i@2333.moe>>)
-  * [[`3497bae`](http://github.com/cnpm/cnpmjs.org/commit/3497bae2b94237664716911de965a4b27afc083a)] - fix: Obfuscate email address (#1391) (Ankur Kumar <<ankurk91@users.noreply.github.com>>)
-  * [[`9b8491b`](http://github.com/cnpm/cnpmjs.org/commit/9b8491b736ebcb98df02d26c41334cf7fce306dc)] - fix: use https://cdn.staticfile.org (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`fc79930`](http://github.com/cnpm/cnpmjs.org/commit/fc799304d8c6710e71364bdf1d1ed0961b9e8695)] - fix: should return `[done] Sync {name}` string when task finished (#1382) (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`3c20267`](http://github.com/cnpm/cnpmjs.org/commit/3c20267b22491cd2ac2d751ccc459cf1f4fb0f1f)] - fix: don't retry to save log when db error (#1381) (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`5149aa5`](http://github.com/cnpm/cnpmjs.org/commit/5149aa5a1eb01dfc17f8de1cb6c6abfecca0ed96)] - fix: proxy public package from source registry (#1375) (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`fc07a38`](http://github.com/cnpm/cnpmjs.org/commit/fc07a38bde81bd93ef9067f3aacb06ae8e76e12b)] - fix: make sure replicate pkg is the latest pkg (#1347) (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`17f8b66`](http://github.com/cnpm/cnpmjs.org/commit/17f8b6648b2cf8cb4cf17daef2a2477f74a671e8)] - fix: retry from registry when no_db_file error on replicate (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`d1fe6ce`](http://github.com/cnpm/cnpmjs.org/commit/d1fe6cede7b5a082eabfe9eb94225c9af9399e62)] - fix: add other_urls on download dist tarball (#1345) (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`8fbad39`](http://github.com/cnpm/cnpmjs.org/commit/8fbad397f3ab7177c6e6c9b458b4b0bf3d24fbd7)] - fix: use rimraf instead of fs.unlink (#1338) (Yiyu He <<dead_horse@qq.com>>)
-  * [[`0121de3`](http://github.com/cnpm/cnpmjs.org/commit/0121de31a3b7a8da38e31fca4e10d973c07d79e7)] - fix: no need to resync again (#1336) (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`84a3037`](http://github.com/cnpm/cnpmjs.org/commit/84a3037d90d4b3a316752eda7440ff5c73b0872f)] - fix: avoid query too frequently (#1329) (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`1f60a01`](http://github.com/cnpm/cnpmjs.org/commit/1f60a0136c5f2e4a33827d1f36b38c49e1e3dec6)] - fix: replicate request error, try to request from official registry (#1316) (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`6f656a0`](http://github.com/cnpm/cnpmjs.org/commit/6f656a0736c7d1d8b58288ff97590d7cb1317ecd)] - fix: save sync last time when successes > 1000 (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`1b30146`](http://github.com/cnpm/cnpmjs.org/commit/1b30146e94e7e72f9e762947b1ecdbd176d64532)] - fix: npm >= v5.5.0 login need not `email` (#1275) (#1304) (wmzy <<1256573276@qq.com>>)
-  * [[`820ae23`](http://github.com/cnpm/cnpmjs.org/commit/820ae23454f0f9755456681f3ced03e634cb3109)] - fix: control sync frequency (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`bfb29f8`](http://github.com/cnpm/cnpmjs.org/commit/bfb29f82c967cb68f4de3a314200d95a8c59baff)] - fix: use _npmUser reset the maintainers (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`95aa035`](http://github.com/cnpm/cnpmjs.org/commit/95aa035a275089b50dfc2590497e3bc7319f4f6b)] - fix: make sure maintainers exists on sync worker (liang feng <<anhulife@gmail.com>>)
-  * [[`6c69a38`](http://github.com/cnpm/cnpmjs.org/commit/6c69a38a508812f0320866d70b555de02e1fc204)] - fix: if replicate error, retry from official registry (#1230) (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`43ffa99`](http://github.com/cnpm/cnpmjs.org/commit/43ffa995cb8a724e8cd04224c2f137d407bfe014)] - fix: "start" should wait for "stop" to remove the pid file(using Promise) (#1220) (cloudstone <<baby31529@gmail.com>>)
-  * [[`6c019de`](http://github.com/cnpm/cnpmjs.org/commit/6c019de514c9f4a62db1a1814ca2359408609074)] - fix: changes_stream_syncer log url should not contain sync_upstream=true (fengmk2 <<fengmk2@gmail.com>>)
-
-**others**
-  * [[`522ad11`](http://github.com/cnpm/cnpmjs.org/commit/522ad11124f168788b28dd925417ae37eb9d3991)] - update readme for now situation (#1506) (alsotang <<alsotang@gmail.com>>)
-  * [[`0c59791`](http://github.com/cnpm/cnpmjs.org/commit/0c59791e50ef9d3080d5a2ab3e24b5899bd91446)] - Release Release 3.0.0-rc.19 (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`79fb163`](http://github.com/cnpm/cnpmjs.org/commit/79fb163a3b12f1b9c4c9eafad7f2041e7c4c4dbf)] - chore: README fix typo ( not to use plural for code ) (#1448) (Paul Verest <<enide.github@gmail.com>>)
-  * [[`be00b65`](http://github.com/cnpm/cnpmjs.org/commit/be00b6557359d328c851e538827d6c681c2c3416)] - refactor: add detail message to error and keep reason (#1445) (alsotang <<alsotang@gmail.com>>)
-  * [[`f7e9670`](http://github.com/cnpm/cnpmjs.org/commit/f7e9670025c6e7f09d8aa88c676938a2cf4849b5)] - Release Release 3.0.0-rc.14 (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`d0c3f1b`](http://github.com/cnpm/cnpmjs.org/commit/d0c3f1b19e46e73ce389e78413304a1542811b5f)] - test: shouldjs change from getter to function call (#1420) (alsotang <<alsotang@gmail.com>>)
-  * [[`d889eba`](http://github.com/cnpm/cnpmjs.org/commit/d889ebafbd6ff1bc15fbf277fd8e143a57e6cac6)] - deps: use agentkeepalive@4 (fengmk2 <<fengmk2@gmail.com>>)
-  * [[`938a14d`](http://github.com/cnpm/cnpmjs.org/commit/938a14d0a13b711c7b91d795151a7266b0a43c5a)] - chore: Hall of Fame integration on README (#1388) (Gwenael Pluchon <<gwenael.pluchon+github@gmail.com>>)
-  * [[`26d7147`](http://github.com/cnpm/cnpmjs.org/commit/26d7147562a1ae21db8bfec26983daf311353d96)] - refactor: normalize database structure (#1376) (Khaidi Chu <<i@2333.moe>>)
-  * [[`5334375`](http://github.com/cnpm/cnpmjs.org/commit/53343751f7c0a34ea0a346172bff0818d27864dd)] - chore: add latest-3 tag (fengmk2 <<fengmk2@gmail.com>>)

 3.0.0-alpha.8 / 2017-06-15
 ==================
--- a/4
+++ b/4
@@ -1,6 +1,6 @@
 TESTS = $(shell ls -S `find test -type f -name "*.test.js" -print`)
 REPORTER = spec
-TIMEOUT = 600000
+TIMEOUT = 60000
 MOCHA_OPTS =
 DB = sqlite

@@ -61,7 +61,7 @@ test-cov-mysql: init-mysql
 	@$(MAKE) test-cov DB=mysql

 test-travis: init-database
-	@NODE_ENV=test DB=${DB} \
+	@NODE_ENV=test DB=${DB} CNPM_SOURCE_NPM=https://registry.npmjs.com CNPM_SOURCE_NPM_ISCNPM=false \
 		node \
 		node_modules/.bin/istanbul cover \
 		node_modules/.bin/_mocha \
--- a/README.md
+++ b/README.md
@@ -1,9 +1,10 @@
 cnpmjs.org
 =======

-[![npm version][npm-image]][npm-url]
+[![NPM version][npm-image]][npm-url]
 [![build status][travis-image]][travis-url]
 [![Test coverage][codecov-image]][codecov-url]
+[![David deps][david-image]][david-url]
 [![Known Vulnerabilities][snyk-image]][snyk-url]
 [![npm download][download-image]][download-url]

@@ -13,6 +14,8 @@ cnpmjs.org
 [travis-url]: https://travis-ci.org/cnpm/cnpmjs.org
 [codecov-image]: https://codecov.io/gh/cnpm/cnpmjs.org/branch/master/graph/badge.svg
 [codecov-url]: https://codecov.io/gh/cnpm/cnpmjs.org
+[david-image]: https://img.shields.io/david/cnpm/cnpmjs.org.svg?style=flat-square
+[david-url]: https://david-dm.org/cnpm/cnpmjs.org
 [snyk-image]: https://snyk.io/test/npm/cnpmjs.org/badge.svg?style=flat-square
 [snyk-url]: https://snyk.io/test/npm/cnpmjs.org
 [download-image]: https://img.shields.io/npm/dm/cnpmjs.org.svg?style=flat-square
@@ -20,44 +23,51 @@ cnpmjs.org

 ![logo](https://raw.github.com/cnpm/cnpmjs.org/master/logo.png)

-## Description
+## What is this?

 Private npm registry and web for Enterprise, base on [koa](http://koajs.com/),
 MySQL and [Simple Store Service](https://github.com/cnpm/cnpmjs.org/wiki/NFS-Guide).

-Our goal is to provide a low cost maintenance, easy to use, and easy to scale solution for private npm.
+Our goal is to provide a low cost maintenance and easy to use solution for private npm.

-## What can you do with `cnpmjs.org`?
+## What can you do with `cnpmjs.org`

 * Build a private npm for your own enterprise. ([alibaba](http://www.alibaba.com/) is using `cnpmjs.org` now)
-* Build a npm mirror. (we use it to build a mirror in China: [https://npm.taobao.org/](https://npm.taobao.org/))
-* Use the private npm service provided by Alibaba Cloud DevOps which build with cnpm. [https://packages.aliyun.com/](https://packages.aliyun.com/?channel=pd_cnpm_github)
+* Build a mirror NPM. (we use it to build a mirror in China: [cnpmjs.org](http://cnpmjs.org/))
+* Build a completely independent NPM registry to store whatever you like.

 ## Features

 * **Support "scoped" packages**: [npm/npm#5239](https://github.com/npm/npm/issues/5239)
 * **Support [CORS](http://en.wikipedia.org/wiki/Cross-origin_resource_sharing)**
 * **Simple to deploy**: only need `mysql` and a [simple store system](https://github.com/cnpm/cnpmjs.org/wiki/NFS-Guide).
-* **Low cost and easy maintenance**: `package.json` info can store in MySQL, MariaDB, SQLite or PostgreSQL.
-tarball(tgz file) can store in Amazon S3 or other object storage service.
-* **Automatic synchronization**: automatically sync from any registry specified. support two sync modes:
-  - Sync all modules from upstream
-  - Only sync the modules after first access.
-* **Manual synchronization**: automatic synchronization may has little delay. you can sync manually on web page.
+You can get the source code through `npm` or `git`.
+* **Low cost and easy maintenance**: `package.json` info store in MySQL, MariaDB, SQLite or PostgreSQL databases,
+tarball(tgz file) store in CDN or other store systems.
+* **Automatic synchronization**: automatic synchronization from any registry specified, support two sync modes:
+  - Sync all modules from a specified registry, like [npm registry](http://registry.npmjs.org).
+  - Only sync the modules that exists in your own registry.
+* **Manual synchronization**: automatic synchronization may has little delay, but you can syn immediately by manually.
 * **Customized client**: we provide a client [cnpm](https://github.com/cnpm/cnpm)
 to extend `npm` with more features(`sync` command, [gzip](https://github.com/npm/npm-registry-client/pull/40) support).
-And it is easy to wrap for your own registry which build with `cnpmjs.org`.
-* **Compatible with npm client**: you can use the official npm client with `cnpmjs.org`.
-you only need to change the registry in client config.
-* **Support http_proxy**: if you're behind a firewall, you can provide a http proxy for cnpmjs.org.
+And it easy to wrap for your own registry which build with `cnpmjs.org`.
+* **Compatible with NPM client**: you can use the origin NPM client with `cnpmjs.org`,
+only need to change the registry in config. Even include manual synchronization (through `install` command).
+* **Version badge**: base on [shields.io](http://shields.io/) ![cnpm-badge](http://cnpmjs.org/badge/v/cnpmjs.org.svg?style=flat-square)
+* **Support http_proxy**: if you're behind firewall, need to request through http proxy

-## Docs
+**PROTIP** Be sure to read [Migrating from 1.x to 2.x](https://github.com/cnpm/cnpmjs.org/wiki/Migrating-from-1.x-to-2.x)
+as well as [New features in 2.x](https://github.com/cnpm/cnpmjs.org/wiki/New-features-in-2.x).

-* [How to deploy](https://github.com/cnpm/cnpmjs.org/wiki/Deploy)
+## Getting Start
+
+* [Deploy a private npm registry in 5 minutes](https://github.com/cnpm/cnpmjs.org/wiki/Deploy-a-private-npm-registry-in-5-minutes)
+* @[dead-horse](https://github.com/dead-horse): [What is cnpm?](http://deadhorse.me/slides/cnpmjs.html)
+* install and deploy cnpmjs.org through npm: [examples](https://github.com/cnpm/custom-cnpm-example)
+* Mirror NPM in China: [cnpmjs.org](http://cnpmjs.org)
 * cnpm client: [cnpm](https://github.com/cnpm/cnpm), `npm install -g cnpm`
+* [How to deploy cnpmjs.org](https://github.com/cnpm/cnpmjs.org/wiki/Deploy)
 * [Sync packages through `http_proxy`](https://github.com/cnpm/cnpmjs.org/wiki/Sync-packages-through-http_proxy)
-* [Migrating from 1.x to 2.x](https://github.com/cnpm/cnpmjs.org/wiki/Migrating-from-1.x-to-2.x)
-* [New features in 2.x](https://github.com/cnpm/cnpmjs.org/wiki/New-features-in-2.x).
 * [wiki](https://github.com/cnpm/cnpmjs.org/wiki)

 ## Develop on your local machine
@@ -95,7 +105,7 @@ $ make dev

 ### Dockerized cnpmjs.org Installation Guide

-Cnpmjs.org shipped with a simple but pragmatic Docker Compose configuration.With the configuration, you can set up a MySQL backend cnpmjs.org instance by executing just one command on Docker installed environment.
+Cnpmjs.org shipped with a simple but pragmatic Docker Compose configuration.With the configuration, you can set up a MySQL backed cnpmjs.org instance by executing just one command on Docker installed environment.

 #### Preparation

@@ -172,7 +182,8 @@ Tips: make sure your code is following the [node-style-guide](https://github.com

 ## Sponsors

- [![阿里云](https://static.aliyun.com/images/www-summerwind/logo.gif)](http://click.aliyun.com/m/4288/) [![阿里云云效](https://img.alicdn.com/tfs/TB116yt3fb2gK0jSZK9XXaEgFXa-106-20.png)](https://devops.aliyun.com/?channel=pd_cnpm_github) (2016.2 - now)
+- [![阿里云](https://static.aliyun.com/images/www-summerwind/logo.gif)](http://click.aliyun.com/m/4288/) (2016.2 - now)
+- [![UCloud云计算](https://www.ucloud.cn/static/style/images/about/logo.png)](http://www.ucloud.cn?sem=sdk-CNPMJS) (2015.3 - 2016.3)

 ## License

--- a/common/sequelize.js
+++ b/common/sequelize.js
@@ -48,7 +48,7 @@ database.syncFirst = false;

 // add longtext for mysql
 Sequelize.LONGTEXT = DataTypes.LONGTEXT = DataTypes.TEXT;
-if (config.dialect === 'mysql') {
+if (database.dialect === 'mysql') {
  Sequelize.LONGTEXT = DataTypes.LONGTEXT = 'LONGTEXT';
 }

@@ -56,8 +56,8 @@ database.define = {
  timestamps: true,
  createdAt: 'gmt_create',
  updatedAt: 'gmt_modified',
-  charset: 'utf8',
-  collate: 'utf8_general_ci',
+  charset: 'utf8mb4',
+  collate: 'utf8mb4_unicode_ci',
 };

 var sequelize = new Sequelize(database.db, database.username, database.password, database);
--- a/config/index.js
+++ b/config/index.js
@@ -62,7 +62,6 @@ var config = {
  viewDir: path.join(root, 'view', 'web'),

  customRegistryMiddlewares: [],
-  customWebMiddlewares: [],

  // config for koa-limit middleware
  // for limit download rates
@@ -101,7 +100,6 @@ var config = {

  logoURL: 'https://os.alipayobjects.com/rmsportal/oygxuIUkkrRccUz.jpg', // cnpm logo image url
  adBanner: '',
-  customHeader: '',
  customReadmeFile: '', // you can use your custom readme file instead the cnpm one
  customFooter: '', // you can add copyright and site total script html here
  npmClientName: 'cnpm', // use `${name} install package`
@@ -142,6 +140,7 @@ var config = {
    dialectOptions: {
      // if your server run on full cpu load, please set trace to false
      trace: true,
+      charset: 'utf8mb4',
    },

    // the storage engine for 'sqlite'
@@ -149,15 +148,11 @@ var config = {
    storage: path.join(dataDir, 'data.sqlite'),

    logging: !!process.env.SQL_DEBUG,
+
+    // enable proxy npm audits request or not
+    enableNpmAuditsProxy: true,
  },

-  // return total modules and versions, default is true
-  // it will use `SELECT count(DISTINCT name) FROM module` SQL on Database
-  enableTotalCount: true,
-
-  // enable proxy npm audits request or not
-  enableNpmAuditsProxy: true,
-
  // package tarball store in local filesystem by default
  nfs: require('fs-cnpm')({
    dir: path.join(dataDir, 'nfs')
@@ -166,8 +161,6 @@ var config = {
  downloadRedirectToNFS: false,
  // don't check database and just download tgz from nfs
  downloadTgzDontCheckModule: false,
-  // remove original tarball when publishing
-  unpublishRemoveTarball: true,

  // registry url name
  registryHost: 'r.cnpmjs.org',
@@ -199,7 +192,6 @@ var config = {
  // please don't change it if not necessary
  officialNpmRegistry: 'https://registry.npmjs.com',
  officialNpmReplicate: 'https://replicate.npmjs.com',
-  cnpmRegistry: 'https://r.cnpmjs.com',

  // sync source, upstream registry
  // If you want to directly sync from official npm's registry
@@ -308,13 +300,6 @@ if (process.env.NODE_ENV === 'test') {
      yield next;
    };
  });
-
-  config.customWebMiddlewares.push(() => {
-    return function* (next) {
-      this.set('x-custom-web-middleware', 'true');
-      yield next;
-    };
-  });
 }

 if (process.env.NODE_ENV !== 'test') {
--- a/controllers/registry/package/dist_tag.js
+++ b/controllers/registry/package/dist_tag.js
@@ -1,7 +1,6 @@
 'use strict';

 var packageService = require('../../../services/package');
-var hook = require('../../../services/hook');

 function ok() {
  return {
@@ -35,19 +34,6 @@ exports.update = function* () {
  for (var tag in tags) {
    var version = tags[tag];
    yield packageService.addModuleTag(name, tag, version);
-
-    // hooks
-    const envelope = {
-      event: 'package:dist-tag',
-      name: name,
-      tag: tag,
-      type: 'package',
-      version: version,
-      hookOwner: null,
-      payload: null,
-      change: null,
-    };
-    hook.trigger(envelope);
  }
  this.status = 201;
  this.body = ok();
@@ -74,18 +60,6 @@ exports.set = function* () {
  yield packageService.addModuleTag(name, tag, version);
  this.status = 201;
  this.body = ok();
-  // hooks
-  const envelope = {
-    event: 'package:dist-tag',
-    name: name,
-    tag: tag,
-    type: 'package',
-    version: version,
-    hookOwner: null,
-    payload: null,
-    change: null,
-  };
-  hook.trigger(envelope);
 };

 // DELETE /-/package/:pkg/dist-tags/:tag -- Remove tag from dist-tags
@@ -103,15 +77,4 @@ exports.destroy = function* () {
  }
  yield packageService.removeModuleTagsByNames(name, tag);
  this.body = ok();
-  // hooks
-  const envelope = {
-    event: 'package:dist-tag:rm',
-    name: name,
-    tag: tag,
-    type: 'package',
-    hookOwner: null,
-    payload: null,
-    change: null,
-  };
-  hook.trigger(envelope);
 };
--- a/controllers/registry/package/list_versions.js
+++ b/controllers/registry/package/list_versions.js
@@ -1,37 +0,0 @@
-'use strict';
-
-const moment = require('moment');
-const packageService = require('../../../services/package');
-
-// GET /-/allversions?date={2020-02-20}
-// List all packages versions sync at date(gmt_modified)
-
-module.exports = function* () {
-  const query = this.query;
-  const date = moment(query.date, 'YYYY-MM-DD');
-  if (!date.isValid()) {
-    this.status = 400;
-    const error = '[query_parse_error] Invalid value for `date`, should be `YYYY-MM-DD` format.';
-    this.body = {
-      error,
-      reason: error,
-    };
-    return;
-  }
-
-  const today = date.format('YYYY-MM-DD');
-  const rows = yield packageService.findAllModuleAbbreviateds({
-    gmt_modified: {
-      $gte: `${today} 00:00:00`,
-      $lte: `${today} 23:59:59`,
-    },
-  });
-  this.body = rows.map(row => {
-    return {
-      name: row.name,
-      version: row.version,
-      publish_time: new Date(row.publish_time),
-      gmt_modified: row.gmt_modified,
-    };
-  });
-};
--- a/controllers/registry/package/remove.js
+++ b/controllers/registry/package/remove.js
@@ -6,7 +6,6 @@ var packageService = require('../../../services/package');
 var totalService = require('../../../services/total');
 var nfs = require('../../../common/nfs');
 var logger = require('../../../common/logger');
-var config = require('../../../config');

 // DELETE /:name/-rev/:rev
 // https://github.com/npm/npm-registry-client/blob/master/lib/unpublish.js#L25
@@ -28,25 +27,23 @@ module.exports = function* remove(next) {
    totalService.plusDeleteModule(),
  ];

-  if (config.unpublishRemoveTarball) {
-    var keys = [];
-    for (var i = 0; i < mods.length; i++) {
-      var row = mods[i];
-      var dist = row.package.dist;
-      var key = dist.key;
-      if (!key) {
-        key = urlparse(dist.tarball).pathname;
-      }
-      key && keys.push(key);
+  var keys = [];
+  for (var i = 0; i < mods.length; i++) {
+    var row = mods[i];
+    var dist = row.package.dist;
+    var key = dist.key;
+    if (!key) {
+      key = urlparse(dist.tarball).pathname;
    }
+    key && keys.push(key);
+  }

-    try {
-      yield keys.map(function (key) {
-        return nfs.remove(key);
-      });
-    } catch (err) {
-      logger.error(err);
-    }
+  try {
+    yield keys.map(function (key) {
+      return nfs.remove(key);
+    });
+  } catch (err) {
+    logger.error(err);
  }

  // remove the maintainers
--- a/controllers/registry/package/remove_version.js
+++ b/controllers/registry/package/remove_version.js
@@ -5,7 +5,6 @@ var packageService = require('../../../services/package');
 var nfs = require('../../../common/nfs');
 var logger = require('../../../common/logger');
 var getCDNKey = require('../../../lib/common').getCDNKey;
-var config = require('../../../config');

 // DELETE /:name/download/:filename/-rev/:rev
 // https://github.com/npm/npm-registry-client/blob/master/lib/unpublish.js#L97
@@ -39,25 +38,21 @@ module.exports = function* removeOneVersion(next) {
    return yield next;
  }

-  if (config.unpublishRemoveTarball) {
-    var key = mod.package && mod.package.dist && mod.package.dist.key;
-    if (!key) {
-      key = getCDNKey(mod.name, filename);
-    }
-
-    if (revertTo && revertTo.package) {
-      debug('removing key: %s from nfs, revert to %s@%s', key, revertTo.name, revertTo.package.version);
-    } else {
-      debug('removing key: %s from nfs, no revert mod', key);
-    }
-
-    try {
-      yield nfs.remove(key);
-    } catch (err) {
-      logger.error(err);
-    }
+  var key = mod.package && mod.package.dist && mod.package.dist.key;
+  if (!key) {
+    key = getCDNKey(mod.name, filename);
  }

+  if (revertTo && revertTo.package) {
+    debug('removing key: %s from nfs, revert to %s@%s', key, revertTo.name, revertTo.package.version);
+  } else {
+    debug('removing key: %s from nfs, no revert mod', key);
+  }
+  try {
+    yield nfs.remove(key);
+  } catch (err) {
+    logger.error(err);
+  }
  // remove version from table
  yield packageService.removeModulesByNameAndVersions(name, [version]);
  debug('removed %s@%s', name, version);
--- a/controllers/registry/package/save.js
+++ b/controllers/registry/package/save.js
@@ -78,25 +78,15 @@ module.exports = function* save(next) {
  var versionPackage = pkg.versions[version];
  var maintainers = versionPackage.maintainers;

+  // should never happened in normal request
  if (!maintainers) {
-    var authorizeType = common.getAuthorizeType(this);
-    if (authorizeType === common.AuthorizeType.BEARER) {
-      // With the token mode, pub lib with no maintainers
-      // make the maintainer to be puber
-      maintainers = [{
-        name: this.user.name,
-        email: this.user.email,
-      }];
-    } else {
-      // should never happened in normal request
-      this.status = 400;
-      const error = '[maintainers_error] request body need maintainers';
-      this.body = {
-        error,
-        reason: error,
-      };
-      return;
-    }
+    this.status = 400;
+    const error = '[maintainers_error] request body need maintainers';
+    this.body = {
+      error,
+      reason: error,
+    };
+    return;
  }

  // notice that admins can not publish to all modules
--- a/controllers/registry/token/create.js
+++ b/controllers/registry/token/create.js
@@ -1,53 +0,0 @@
-'use strict';
-
-var ipRegex = require('ip-regex');
-var tokenService = require('../../../services/token');
-var userService = require('../../../services/user');
-var ipv4 = ipRegex.v4({ exact: true });
-
-module.exports = function* createToken() {
-  var readonly = this.request.body.readonly;
-  if (typeof readonly !== 'undefined' && typeof readonly !== 'boolean') {
-    this.status = 400;
-    var error = '[bad_request] readonly ' + readonly + ' is not boolean';
-    this.body = {
-      error,
-      reason: error,
-    };
-    return;
-  }
-  var cidrWhitelist = this.request.body.cidr_whitelist;
-  if (typeof cidrWhitelist !== 'undefined') {
-    var isValidateWhiteList = Array.isArray(cidrWhitelist) && cidrWhitelist.every(function (cidr) {
-      return ipv4.test(cidr);
-    });
-    if (!isValidateWhiteList) {
-      this.status = 400;
-      var error = '[bad_request] cide white list ' + JSON.stringify(cidrWhitelist) + ' is not validate ip array';
-      this.body = {
-        error,
-        reason: error,
-      };
-      return;
-    }
-  }
-
-  var password = this.request.body.password;
-  var user = yield userService.auth(this.user.name, password);
-  if (!user) {
-    this.status = 401;
-    var error = '[unauthorized] incorrect or missing password.';
-    this.body = {
-      error,
-      reason: error,
-    };
-    return;
-  }
-
-  var token = yield tokenService.createToken(this.user.name, {
-    readonly: !!readonly,
-    cidrWhitelist: cidrWhitelist || [],
-  });
-  this.status = 201;
-  this.body = token;
-};
--- a/controllers/registry/token/del.js
+++ b/controllers/registry/token/del.js
@@ -1,8 +0,0 @@
-'use strict';
-
-var tokenService = require('../../../services/token');
-
-module.exports = function* deleteToken() {
-  yield tokenService.deleteToken(this.user.name, this.params.UUID);
-  this.status = 204;
-};
--- a/controllers/registry/token/list.js
+++ b/controllers/registry/token/list.js
@@ -1,60 +0,0 @@
-'use strict';
-
-var tokenService = require('../../../services/token');
-
-var DEFAULT_PER_PAGE = 10;
-var MIN_PER_PAGE = 1;
-var MAX_PER_PAGE = 9999;
-
-module.exports = function* createToken() {
-  var perPage = typeof this.query.perPage === 'undefined' ? DEFAULT_PER_PAGE : parseInt(this.query.perPage);
-  if (Number.isNaN(perPage)) {
-    this.status = 400;
-    var error = 'perPage ' + this.query.perPage + ' is not a number';
-    this.body = {
-      error,
-      reason: error,
-    };
-    return;
-  }
-  if (perPage < MIN_PER_PAGE || perPage > MAX_PER_PAGE) {
-    this.status = 400;
-    var error = 'perPage ' + this.query.perPage + ' is out of boundary';
-    this.body = {
-      error,
-      reason: error,
-    };
-    return;
-  }
-
-  var page = typeof this.query.page === 'undefined' ? 0 : parseInt(this.query.page);
-  if (Number.isNaN(page)) {
-    this.status = 400;
-    var error = 'page ' + this.query.page + ' is not a number';
-    this.body = {
-      error,
-      reason: error,
-    };
-    return;
-  }
-  if (page < 0) {
-    this.status = 400;
-    var error = 'page ' + this.query.page + ' is invalidate';
-    this.body = {
-      error,
-      reason: error,
-    };
-    return;
-  }
-
-  var tokens = yield tokenService.listToken(this.user.name, {
-    page: page,
-    perPage: perPage,
-  });
-
-  this.status = 200;
-  this.body = {
-    objects: tokens,
-    urls: {},
-  };
-};
--- a/controllers/registry/user/add.js
+++ b/controllers/registry/user/add.js
@@ -3,7 +3,6 @@
 var ensurePasswordSalt = require('./common').ensurePasswordSalt;
 var userService = require('../../../services/user');
 var config = require('../../../config');
-var tokenService = require('../../../services/token');

 // npm 1.4.4
 // add new user first
@@ -64,13 +63,8 @@ module.exports = function* addUser() {
    return;
  }
  if (loginedUser) {
-    var token = yield tokenService.createToken(body.name, {
-      readonly: !!body.readonly,
-      cidrWhitelist: body.cidr_whitelist || [],
-    });
    this.status = 201;
    this.body = {
-      token: token.token,
      ok: true,
      id: 'org.couchdb.user:' + loginedUser.login,
      rev: Date.now() + '-' + loginedUser.login
@@ -124,15 +118,8 @@ module.exports = function* addUser() {
  // add new user
  var result = yield userService.add(user);
  this.etag = '"' + result.rev + '"';
-
-  var token = yield tokenService.createToken(body.name, {
-    readonly: !!body.readonly,
-    cidrWhitelist: body.cidr_whitelist || [],
-  });
-
  this.status = 201;
  this.body = {
-    token: token.token,
    ok: true,
    id: 'org.couchdb.user:' + name,
    rev: result.rev
--- a/controllers/registry/user/ping.js
+++ b/controllers/registry/user/ping.js
@@ -1,7 +0,0 @@
-'use strict';
-
-// https://docs.npmjs.com/cli/ping
-module.exports = function* () {
-  this.status = 200;
-  this.body = {};
-};
--- a/controllers/registry/user/whoami.js
+++ b/controllers/registry/user/whoami.js
@@ -1,9 +0,0 @@
-'use strict';
-
-// https://docs.npmjs.com/cli/whoami
-module.exports = function* () {
-  this.status = 200;
-  this.body = {
-    username: this.user.name,
-  };
-};
--- a/controllers/sync_module_worker.js
+++ b/controllers/sync_module_worker.js
@@ -322,8 +322,7 @@ SyncModuleWorker.prototype.next = function* (concurrencyId) {
  yield this.syncByName(concurrencyId, name, registry);
 };

-SyncModuleWorker.prototype.syncByName = function* (concurrencyId, name, registry, retryCount) {
-  retryCount = retryCount || 0;
+SyncModuleWorker.prototype.syncByName = function* (concurrencyId, name, registry) {
  var that = this;
  that.syncingNames[name] = true;
  var pkg = null;
@@ -374,28 +373,17 @@ SyncModuleWorker.prototype.syncByName = function* (concurrencyId, name, registry
    // if 404
    if (!err.res || err.res.statusCode !== 404) {
      var errMessage = err.name + ': ' + err.message;
-      that.log('[c#%s] [error] [%s] get package(%s%s) error: %s, status: %s, retryCount: %s',
-        concurrencyId, name, registry, packageUrl, errMessage, status, retryCount);
-
-      // retry from cnpmRegistry again, max 3 times
-      if (registry === config.cnpmRegistry && retryCount < 3) {
-        this.log('[c#%d] [%s] retry from %s after 3s, retryCount: %s',
-          concurrencyId, name, registry, retryCount);
-        yield sleep(3000);
-        yield that.syncByName(concurrencyId, name, registry, retryCount + 1);
-        return;
-      }
-
-      // replicate/cnpmRegistry request error, try to request from official registry
-      if (registry !== config.officialNpmReplicate && registry !== config.cnpmRegistry) {
+      that.log('[c#%s] [error] [%s] get package(%s%s) error: %s, status: %s',
+        concurrencyId, name, registry, packageUrl, errMessage, status);
+      // replicate request error, try to request from official registry
+      if (registry !== config.officialNpmReplicate) {
        // sync fail
        yield that._doneOne(concurrencyId, name, false);
        return;
      }

      // retry from officialNpmRegistry when officialNpmReplicate fail
-      this.log('[c#%d] [%s] retry from %s, retryCount: %s',
-        concurrencyId, name, config.officialNpmRegistry, retryCount);
+      this.log('[c#%d] [%s] retry from %s', concurrencyId, name, config.officialNpmRegistry);
      try {
        var result = yield npmSerivce.request(packageUrl, { registry: config.officialNpmRegistry });
        pkg = result.data;
@@ -1325,7 +1313,7 @@ SyncModuleWorker.prototype._syncOneVersion = function *(versionIndex, sourcePack
  var downurl = sourcePackage.dist.tarball;
  var urlobj = urlparse(downurl);
  var filename = path.basename(urlobj.pathname);
-  var filepath = common.getTarballFilepath(sourcePackage.name, sourcePackage.version, filename);
+  var filepath = common.getTarballFilepath(filename);
  var ws = fs.createWriteStream(filepath);

  var downloadOptions = {
--- a/docs/db.sql
+++ b/docs/db.sql
@@ -81,7 +81,7 @@ CREATE TABLE IF NOT EXISTS `module` (
 `gmt_modified` datetime NOT NULL COMMENT 'modified time',
 `author` varchar(100) NOT NULL COMMENT 'module author',
 `name` varchar(214) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL COMMENT 'module name',
- `version` varchar(30) NOT NULL COMMENT 'module version',
+ `version` varchar(70) NOT NULL COMMENT 'module version',
 `description` longtext COMMENT 'module description',
 `package` longtext CHARACTER SET utf8 COLLATE utf8_general_ci COMMENT 'package.json',
 `dist_shasum` varchar(100) DEFAULT NULL COMMENT 'module dist SHASUM',
@@ -92,8 +92,7 @@ CREATE TABLE IF NOT EXISTS `module` (
 UNIQUE KEY `uk_name` (`name`,`version`),
 KEY `idx_gmt_modified` (`gmt_modified`),
 KEY `idx_publish_time` (`publish_time`),
- KEY `idx_author` (`author`),
- KEY `idx_name_gmt_modified` (`name`,`gmt_modified`)
+ KEY `idx_author` (`author`)
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COMMENT='module info';
 -- ALTER TABLE `module` ADD `description` longtext;
 -- ALTER TABLE `module` ADD `publish_time` bigint(20) unsigned, ADD KEY `publish_time` (`publish_time`);
@@ -117,7 +116,7 @@ CREATE TABLE IF NOT EXISTS `module_abbreviated` (
 `gmt_create` datetime NOT NULL COMMENT 'create time',
 `gmt_modified` datetime NOT NULL COMMENT 'modified time',
 `name` varchar(214) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL COMMENT 'module name',
- `version` varchar(30) NOT NULL COMMENT 'module version',
+ `version` varchar(70) NOT NULL COMMENT 'module version',
 `package` longtext CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci COMMENT 'the abbreviated metadata',
 `publish_time` bigint(20) unsigned COMMENT 'the publish time',
 PRIMARY KEY (`id`),
@@ -135,7 +134,7 @@ CREATE TABLE IF NOT EXISTS `package_readme` (
 `gmt_modified` datetime NOT NULL COMMENT 'modified time',
 `name` varchar(214) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL COMMENT 'module name',
 `readme` longtext CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci COMMENT 'the latest version readme',
- `version` varchar(30) NOT NULL COMMENT 'module version',
+ `version` varchar(70) NOT NULL COMMENT 'module version',
 PRIMARY KEY (`id`),
 UNIQUE KEY `uk_name` (`name`),
 KEY `idx_gmt_modified` (`gmt_modified`)
@@ -165,7 +164,7 @@ CREATE TABLE IF NOT EXISTS `tag` (
 `gmt_modified` datetime NOT NULL COMMENT 'modified time',
 `name` varchar(214) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL COMMENT 'module name',
 `tag` varchar(30) NOT NULL COMMENT 'tag name',
- `version` varchar(30) NOT NULL COMMENT 'module version',
+ `version` varchar(70) NOT NULL COMMENT 'module version',
 `module_id` bigint(20) unsigned NOT NULL COMMENT 'module id',
 PRIMARY KEY (`id`),
 UNIQUE KEY `uk_name` (`name`, `tag`),
@@ -319,17 +318,3 @@ CREATE TABLE IF NOT EXISTS `dist_file` (
 -- ALTER TABLE `dist_file`
 --   CHANGE `name` `name` varchar(214) NOT NULL COMMENT 'file name',
 --   CHANGE `parent` `parent` varchar(214) NOT NULL COMMENT 'parent dir' DEFAULT '/';
-
-CREATE TABLE IF NOT EXISTS `token` (
- `id` bigint(20) unsigned NOT NULL AUTO_INCREMENT COMMENT 'primary key',
- `gmt_create` datetime NOT NULL COMMENT 'create time',
- `gmt_modified` datetime NOT NULL COMMENT 'modified time',
- `token` varchar(100) NOT NULL COMMENT 'token',
- `user_id` varchar(100) NOT NULL COMMENT 'user name',
- `readonly` tinyint NOT NULL DEFAULT 0 COMMENT 'readonly or not, 1: true, other: false',
- `token_key` varchar(200) NOT NULL COMMENT 'token sha512 hash',
- `cidr_whitelist` varchar(500) NOT NULL COMMENT 'ip list, ["127.0.0.1"]',
- PRIMARY KEY (`id`),
- UNIQUE KEY `uk_token` (`token`),
- KEY `idx_user` (`user_id`)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8 COMMENT='token info';
--- a/docs/registry-api.md
+++ b/docs/registry-api.md
@@ -50,7 +50,7 @@ Status: 4xx

 ## Authentication

-There are two ways to authenticate through the API.
+There is only one way to authenticate through the API.

 ## Basic Authentication

@@ -58,12 +58,6 @@ There are two ways to authenticate through the API.
 $ curl -u "username:password" https://registry.npmjs.org
 ```

-## Bearer Authentication
-
-```bash
-$ curl -H "Authorization: Bearer ${UUId}" https://registry.npmjs.org
-```
-
 ## Failed login limit

 ```bash
@@ -909,8 +903,7 @@ Status: 201 Created
 {
  "ok": true,
  "id": "org.couchdb.user:fengmk2",
-  "rev": "32-984ee97e01aea166dcab6d1517c730e3",
-  "token": "85d32fad-bd43-4dd7-9451-4f7d907313a2"
+  "rev": "32-984ee97e01aea166dcab6d1517c730e3"
 }
 ```

@@ -963,76 +956,3 @@ Status: 201 Created
 ```

 ## Search
-
-## Token
-
- [Create token](/docs/registry-api.md#create-token)
- [List token](/docs/registry-api.md#list-token)
- [Delete token](/docs/registry-api.md#delete-token)
-
-### Create token
-
-* Authentication required.
-
-```
-POST /-/npm/v1/tokens
-```
-
-#### Input
-```json
-{
-  "password": "123",
-  "readonly": false,
-  "cidr_whitelist": [
-    "127.0.0.1"
-  ]
-}
-```
-
-#### Response 200
-```json
-HTTP/1.1 200 OK
-
-{
-  "token": "85d32fad-bd43-4dd7-9451-4f7d907313a2",
-  "key": "d06309a210570ef71cd9c7bd4849e7e96eeaa841976e63326436f6fd320dc4bbd452710e4e0fedc2efc2ea4a793b7159e95e9596e85e00dee26adc3f8afbb97f",
-  "cidr_whitelist": [ "127.0.0.1" ],
-  "created": "2015-01-04T08:28:51.378Z",
-  "updated": "2015-01-04T08:28:51.378Z",
-  "readonly": false
-}
-```
-
-### List token
-* Authentication required.
-
-```
-GET /-/npm/v1/tokens
-```
-
-### Input
-perPage=10&page=0
-
-#### Response 200
-```json
-{
-  "objects": [{
-    "token": "85d32f...7313a2",
-    "key": "d06309a210570ef71cd9c7bd4849e7e96eeaa841976e63326436f6fd320dc4bbd452710e4e0fedc2efc2ea4a793b7159e95e9596e85e00dee26adc3f8afbb97f",
-    "cidr_whitelist": [ "127.0.0.1" ],
-    "created": "2015-01-04T08:28:51.378Z",
-    "updated": "2015-01-04T08:28:51.378Z",
-    "readonly": false
-  }]
-}
-```
-
-### Delete token
-
-* Authentication required.
-
-```
-GET /-/npm/v1/tokens/token/:UUID
-```
-
-#### Response 204
--- a/docs/web/readme.md
+++ b/docs/web/readme.md
@@ -8,7 +8,6 @@ So `cnpm` is meaning: **Company npm**.
 - [cnpmjs.org](/) version: <span id="app-version"></span>
 - [Node.js](https://nodejs.org) version: <span id="node-version"></span>
 - For developers in China, please visit [the China mirror](https://npm.taobao.org). 中国用户请访问[国内镜像站点](https://npm.taobao.org)。
- Use the private npm service provided by Alibaba Cloud DevOps which build with cnpm. [https://packages.aliyun.com/](https://packages.aliyun.com/?channel=pd_cnpm_github)

 <div class="ant-table">
 <table class="downloads">
@@ -152,5 +151,5 @@ Release [History](/history).

 ## Sponsors

- [![阿里云](https://static.aliyun.com/images/www-summerwind/logo.gif)](http://click.aliyun.com/m/4288/) [![阿里云云效](https://img.alicdn.com/tfs/TB116yt3fb2gK0jSZK9XXaEgFXa-106-20.png)](https://devops.aliyun.com/?channel=pd_cnpm_github) (2016.2 - now)
+- [![阿里云](https://static.aliyun.com/images/www-summerwind/logo.gif)](http://click.aliyun.com/m/4288/) (2016.2 - now)
 - [![UCloud云计算](https://www.ucloud.cn/static/style/images/about/logo.png)](http://www.ucloud.cn?sem=sdk-CNPMJS) (2015.3 - 2016.3)
--- a/lib/common.js
+++ b/lib/common.js
@@ -2,18 +2,13 @@

 var crypto = require('crypto');
 var path = require('path');
-var utility = require('utility');
-var util = require('util');
 var config = require('../config');
-var BASIC_PREFIX = /basic /i;
-var BEARER_PREFIX = /bearer /i;
+var util = require('util');

-exports.getTarballFilepath = function (packageName, packageVersion, filename) {
+exports.getTarballFilepath = function (filename) {
  // ensure download file path unique
  // TODO: not only .tgz, and also other extname
-  var name = filename.replace(/\.tgz$/, '.' + crypto.randomBytes(16).toString('hex'));
-  // use filename string md5 instead, fix "ENAMETOOLONG: name too long" error
-  name = packageName.replace(/\//g, '-').replace(/\@/g, '') + '-' + packageVersion.substring(0, 20) + '.' + utility.md5(name) + '.tgz';
+  var name = filename.replace(/\.tgz$/, '.' + crypto.randomBytes(16).toString('hex') + '.tgz');
  return path.join(config.uploadDir, name);
 };

@@ -69,26 +64,8 @@ exports.isLocalModule = function (mods) {
 };

 exports.isPrivateScopedPackage = function (name) {
-  if (!name) {
-    return false;
-  }
-
  if (name[0] !== '@') {
    return false;
  }
  return config.scopes.indexOf(name.split('/')[0]) >= 0;
 };
-
-var AuthorizeType = exports.AuthorizeType = {
-  BASIC: 'BASIC',
-  BEARER: 'BEARER',
-};
-
-exports.getAuthorizeType = function (ctx) {
-  var authorization = (ctx.get('authorization') || '').trim();
-  if (BASIC_PREFIX.test(authorization)) {
-    return AuthorizeType.BASIC;
-  } else if (BEARER_PREFIX.test(authorization)) {
-    return AuthorizeType.BEARER;
-  }
-};
--- a/middleware/auth.js
+++ b/middleware/auth.js
@@ -2,9 +2,7 @@

 var debug = require('debug')('cnpmjs.org:middleware:auth');
 var UserService = require('../services/user');
-var TokenService = require('../services/token');
 var config = require('../config');
-var common = require('../lib/common');

 /**
 * Parse the request authorization
@@ -15,23 +13,25 @@ module.exports = function () {
  return function* auth(next) {
    this.user = {};

-    var authorization = (this.get('authorization') || '').trim();
+    var authorization = (this.get('authorization') || '').split(' ')[1] || '';
+    authorization = authorization.trim();
    debug('%s %s with %j', this.method, this.url, authorization);
    if (!authorization) {
      return yield unauthorized.call(this, next);
    }

+    authorization = Buffer.from(authorization, 'base64').toString();
+    var pos = authorization.indexOf(':');
+    if (pos === -1) {
+       return yield unauthorized.call(this, next);
+    }
+
+    var username = authorization.slice(0, pos);
+    var password = authorization.slice(pos + 1);
+
    var row;
    try {
-      var authorizeType = common.getAuthorizeType(this);
-
-      if (authorizeType === common.AuthorizeType.BASIC) {
-        row = yield basicAuth(authorization);
-      } else if (authorizeType === common.AuthorizeType.BEARER) {
-        row = yield bearerAuth(authorization, this.method, this.ip);
-      } else {
-        return yield unauthorized.call(this, next);
-      }
+      row = yield UserService.auth(username, password);
    } catch (err) {
      // do not response error here
      // many request do not need login
@@ -51,30 +51,6 @@ module.exports = function () {
  };
 };

-function* basicAuth(authorization) {
-  authorization = authorization.split(' ')[1];
-  authorization = Buffer.from(authorization, 'base64').toString();
-
-  var pos = authorization.indexOf(':');
-  if (pos === -1) {
-    return null;
-  }
-
-  var username = authorization.slice(0, pos);
-  var password = authorization.slice(pos + 1);
-
-  return yield UserService.auth(username, password);
-}
-
-function* bearerAuth(authorization, method, ip) {
-  var token = authorization.split(' ')[1];
-  var isReadOperation = method === 'HEAD' || method === 'GET';
-  return yield TokenService.validateToken(token, {
-    isReadOperation: isReadOperation,
-    accessIp: ip,
-  });
-}
-
 function* unauthorized(next) {
  if (!config.alwaysAuth || this.method !== 'GET') {
    return yield next;
--- a/middleware/login.js
+++ b/middleware/login.js
@@ -3,11 +3,6 @@
 var http = require('http');

 module.exports = function *login(next) {
-  if (this.path === '/-/ping' && this.query.write !== 'true') {
-    yield next;
-    return;
-  }
-
  if (this.user.error) {
    var status = this.user.error.status;
    this.status = http.STATUS_CODES[status]
--- a/models/index.js
+++ b/models/index.js
@@ -26,7 +26,6 @@ module.exports = {
  User: load('user'),
  Total: load('total'),
  DownloadTotal: load('download_total'),
-  Token: load('token'),

  query: function* (sql, args) {
    var options = { replacements: args };
--- a/models/module.js
+++ b/models/module.js
@@ -21,7 +21,7 @@ CREATE TABLE IF NOT EXISTS `module` (
 `gmt_modified` datetime NOT NULL COMMENT 'modified time',
 `author` varchar(100) NOT NULL COMMENT 'module author',
 `name` varchar(214) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL COMMENT 'module name',
- `version` varchar(30) NOT NULL COMMENT 'module version',
+ `version` varchar(70) NOT NULL COMMENT 'module version',
 `description` longtext COMMENT 'module description',
 `package` longtext CHARACTER SET utf8 COLLATE utf8_general_ci COMMENT 'package.json',
 `dist_shasum` varchar(100) DEFAULT NULL COMMENT 'module dist SHASUM',
@@ -49,7 +49,7 @@ module.exports = function (sequelize, DataTypes) {
      comment: 'module name'
    },
    version: {
-      type: DataTypes.STRING(30),
+      type: DataTypes.STRING(70),
      allowNull: false,
      comment: 'module version'
    },
--- a/models/module_abbreviated.js
+++ b/models/module_abbreviated.js
@@ -6,7 +6,7 @@ CREATE TABLE IF NOT EXISTS `module_abbreviated` (
 `gmt_create` datetime NOT NULL COMMENT 'create time',
 `gmt_modified` datetime NOT NULL COMMENT 'modified time',
 `name` varchar(214) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL COMMENT 'module name',
- `version` varchar(30) NOT NULL COMMENT 'module version',
+ `version` varchar(70) NOT NULL COMMENT 'module version',
 `package` longtext CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci COMMENT 'the abbreviated metadata',
 `publish_time` bigint(20) unsigned COMMENT 'the publish time',
 PRIMARY KEY (`id`),
@@ -24,7 +24,7 @@ module.exports = function (sequelize, DataTypes) {
      comment: 'module name'
    },
    version: {
-      type: DataTypes.STRING(30),
+      type: DataTypes.STRING(70),
      allowNull: false,
      comment: 'module version'
    },
--- a/models/package_readme.js
+++ b/models/package_readme.js
@@ -7,7 +7,7 @@ CREATE TABLE IF NOT EXISTS `package_readme` (
 `gmt_modified` datetime NOT NULL COMMENT 'modified time',
 `name` varchar(214) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL COMMENT 'module name',
 `readme` longtext CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci COMMENT 'the latest version readme',
- `version` varchar(30) NOT NULL COMMENT 'module version',
+ `version` varchar(70) NOT NULL COMMENT 'module version',
 PRIMARY KEY (`id`),
 UNIQUE KEY `uk_name` (`name`),
 KEY `idx_gmt_modified` (`gmt_modified`)
@@ -22,7 +22,7 @@ module.exports = function (sequelize, DataTypes) {
      comment: 'module name'
    },
    version: {
-      type: DataTypes.STRING(30),
+      type: DataTypes.STRING(70),
      allowNull: false,
      comment: 'module latest version'
    },
--- a/models/tag.js
+++ b/models/tag.js
@@ -21,7 +21,7 @@ CREATE TABLE IF NOT EXISTS `tag` (
 `gmt_modified` datetime NOT NULL COMMENT 'modified time',
 `name` varchar(214) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL COMMENT 'module name',
 `tag` varchar(30) NOT NULL COMMENT 'tag name',
- `version` varchar(30) NOT NULL COMMENT 'module version',
+ `version` varchar(70) NOT NULL COMMENT 'module version',
 `module_id` bigint(20) unsigned NOT NULL COMMENT 'module id',
 PRIMARY KEY (`id`),
 UNIQUE KEY `uk_name` (`name`, `tag`),
@@ -42,7 +42,7 @@ module.exports = function (sequelize, DataTypes) {
      comment: 'tag name',
    },
    version: {
-      type: DataTypes.STRING(30),
+      type: DataTypes.STRING(70),
      allowNull: false,
      comment: 'module version',
    },
--- a/models/token.js
+++ b/models/token.js
@@ -1,117 +0,0 @@
-'use strict';
-
-/*
-CREATE TABLE IF NOT EXISTS `token` (
- `id` bigint(20) unsigned NOT NULL AUTO_INCREMENT COMMENT 'primary key',
- `gmt_create` datetime NOT NULL COMMENT 'create time',
- `gmt_modified` datetime NOT NULL COMMENT 'modified time',
- `token` varchar(100) NOT NULL COMMENT 'token',
- `user_id` varchar(100) NOT NULL COMMENT 'user name',
- `readonly` tinyint NOT NULL DEFAULT 0 COMMENT 'readonly or not, 1: true, other: false',
- `token_key` varchar(200) NOT NULL COMMENT 'token sha512 hash',
- `cidr_whitelist` varchar(500) NOT NULL COMMENT 'ip list, ["127.0.0.1"]',
- PRIMARY KEY (`id`),
- UNIQUE KEY `uk_token` (`token`),
- KEY `idx_user_id` (`user_id`)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8 COMMENT='token info';
- */
-
-module.exports = function (sequelize, DataTypes) {
-  return sequelize.define('Token', {
-    token: {
-      type: DataTypes.STRING(100),
-      allowNull: false,
-      comment: 'token',
-    },
-    userId: {
-      field: 'user_id',
-      type: DataTypes.STRING(100),
-      allowNull: false,
-      comment: 'user name'
-    },
-    readonly: {
-      type: DataTypes.BOOLEAN,
-      allowNull: false,
-      defaultValue: false,
-      comment: 'readonly or not, 1: true, other: false',
-    },
-    key: {
-      field: 'token_key',
-      type: DataTypes.STRING(256),
-      allowNull: false,
-      comment: 'token sha512 hash',
-    },
-    cidrWhitelist: {
-      field: 'cidr_whitelist',
-      type: DataTypes.STRING(500),
-      allowNull: false,
-      comment: 'ip list, ["127.0.0.1"]',
-      get: function () {
-        try {
-          return JSON.parse(this.getDataValue('cidrWhitelist'));
-        } catch (_) {
-          return [];
-        }
-      },
-      set: function (val) {
-        try {
-          var stringifyVal = JSON.stringify(val);
-          this.setDataValue('cidrWhitelist', stringifyVal);
-        } catch (_) {
-          // ...
-        }
-      }
-    },
-  }, {
-    tableName: 'token',
-    comment: 'token info',
-    indexes: [
-      {
-        unique: true,
-        fields: [ 'token' ],
-      },
-      {
-        fields: [ 'user_id' ],
-      }
-    ],
-    classMethods: {
-      findByToken: function* (token) {
-        return yield this.find({ where: { token: token } });
-      },
-      add: function* (tokenObj) {
-        var row = this.build(tokenObj);
-        return yield row.save();
-      },
-      listByUser: function* (userId, offset, limit) {
-        return yield this.findAll({
-          where: {
-            userId: userId,
-          },
-          limit: limit,
-          offset: offset,
-          order: 'id asc',
-        });
-      },
-      deleteByKeyOrToken: function* (userId, keyOrToken) {
-        const self = this;
-        yield sequelize.transaction(function (t) {
-          return self.destroy({
-            where: {
-              userId: userId,
-              $or: [
-                { key: { like: keyOrToken + '%' } },
-                { token: keyOrToken },
-              ],
-            },
-            transaction: t,
-          }).then(function (deleteRows) {
-            // Key like query should not match more than 1 row
-            if (deleteRows > 1) {
-              throw new Error(`Token ID "${keyOrToken}" was ambiguous`);
-            }
-          });
-        });
-      },
-    },
-  });
-};
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
  "name": "cnpmjs.org",
-  "version": "3.0.0-rc.40",
+  "version": "3.0.0-rc.29",
  "description": "Private npm registry and web for Enterprise, base on MySQL and Simple Store Service",
  "main": "index.js",
  "scripts": {
@@ -36,7 +36,6 @@
    "humanize-ms": "^1.2.1",
    "humanize-number": "~0.0.2",
    "ioredis": "^4.6.2",
-    "ip-regex": "^4.1.0",
    "is-type-of": "^1.2.0",
    "kcors": "^1.2.1",
    "koa": "^1.2.0",
@@ -69,7 +68,6 @@
    "tunnel-agent": "^0.6.0",
    "urllib": "^2.24.0",
    "utility": "^1.12.0",
-    "uuid": "^8.3.0",
    "xss": "^0.3.3"
  },
  "devDependencies": {
--- a/routes/registry.js
+++ b/routes/registry.js
@@ -11,7 +11,6 @@ var unpublishable = require('../middleware/unpublishable');
 var showTotal = require('../controllers/total');

 var listAll = require('../controllers/registry/package/list_all');
-var listAllPackageVersions = require('../controllers/registry/package/list_versions');
 var listShorts = require('../controllers/registry/package/list_shorts');
 var listSince = require('../controllers/registry/package/list_since');
 var listAllVersions = require('../controllers/registry/package/list');
@@ -29,12 +28,6 @@ var listPackagesByUser = require('../controllers/registry/package/list_by_user')
 var addUser = require('../controllers/registry/user/add');
 var showUser = require('../controllers/registry/user/show');
 var updateUser = require('../controllers/registry/user/update');
-var whoami = require('../controllers/registry/user/whoami');
-var ping = require('../controllers/registry/user/ping');
-
-var createToken = require('../controllers/registry/token/create');
-var delToken = require('../controllers/registry/token/del');
-var listToken = require('../controllers/registry/token/list');

 var sync = require('../controllers/sync');
 var userPackage = require('../controllers/registry/user_package');
@@ -58,11 +51,6 @@ function routes(app) {
  // get all module names, for auto completion
  app.get('/-/short', listShorts);

-  app.get('/-/allversions', listAllPackageVersions);
-
-  app.get('/-/whoami', login, whoami);
-  app.get('/-/ping', login, ping);
-
  // module
  // scope package: params: [$name]
  app.get(/^\/(@[\w\-\.]+\/[^\/]+)$/, syncByInstall, listAllVersions);
@@ -111,11 +99,6 @@ function routes(app) {
  app.get('/-/user/org.couchdb.user::name', showUser);
  app.put('/-/user/org.couchdb.user::name/-rev/:rev', login, updateUser);

-  // token api
-  app.get('/-/npm/v1/tokens', login, listToken);
-  app.post('/-/npm/v1/tokens', login, createToken);
-  app.delete('/-/npm/v1/tokens/token/:UUID', login, delToken);
-
  // list all packages of user
  app.get('/-/by-user/:user', userPackage.list);
  app.get('/-/users/:user/packages', listPackagesByUser);
--- a/servers/web.js
+++ b/servers/web.js
@@ -42,10 +42,6 @@ if (config.pagemock) {
  }));
 }

-for (const mw of config.customWebMiddlewares) {
-  app.use(mw(app));
-}
-
 app.use(opensearch);
 app.keys = ['todokey', config.sessionSecret];
 app.proxy = true;
@@ -71,8 +67,7 @@ var footer = config.customFooter || fs.readFileSync(path.join(viewDir, 'footer.h
 var layout = fs.readFileSync(path.join(viewDir, 'layout.html'), 'utf8')
  .replace('{{footer}}', footer)
  .replace('{{logoURL}}', config.logoURL)
-  .replace('{{adBanner}}', config.adBanner || '')
-  .replace('{{customHeader}}', config.customHeader || '');
+  .replace('{{adBanner}}', config.adBanner || '');
 fs.writeFileSync(layoutFile, layout);

 // custom web readme home page support
--- a/services/package.js
+++ b/services/package.js
@@ -251,12 +251,16 @@ exports.listModulesByName = function* (moduleName, attributes) {
 };

 exports.getModuleLastModified = function* (name) {
-  var gmt_modified = yield Module.max('gmt_modified', {
+  var mod = yield Module.find({
    where: {
      name: name,
    },
+    order: [
+      ['gmt_modified', 'DESC']
+    ],
+    attributes: [ 'gmt_modified' ]
  });
-  return gmt_modified;
+  return mod && mod.gmt_modified || null;
 };

 // module:update
@@ -341,18 +345,6 @@ exports.listModuleAbbreviatedsByName = function* (name) {
  return rows;
 };

-exports.findAllModuleAbbreviateds = function* (where, order, limit, offset) {
-  const params = {
-    where,
-    order,
-    limit,
-    offset,
-    attributes: [ 'name', 'version', 'publish_time', 'gmt_modified'  ],
-  };
-  const rows = yield models.ModuleAbbreviated.findAll(params);
-  return rows;
-};
-
 // https://github.com/npm/registry/blob/master/docs/responses/package-metadata.md#abbreviated-version-object
 exports.saveModuleAbbreviated = function* (mod) {
  var pkg = JSON.stringify({
--- a/services/token.js
+++ b/services/token.js
@@ -1,121 +0,0 @@
-'use strict';
-
-var Token = require('../models').Token;
-var UserService = require('./user');
-var uuid = require('uuid');
-var crypto = require('crypto');
-var DEFAULT_TOKEN_OPTIONS = {
-  readonly: false,
-  cidrWhitelist: [],
-};
-var DEFAULT_LIST_TOKEN_OPTIONS = {
-  perPage: 10,
-  page: 0,
-};
-
-/**
- * 1. check the token exits
- * 1. check readOnly
- * 1. check cidr white list
- *
- * @param {string} token -
- * @param {object} options -
- * @param {string} options.isReadOperation -
- * @param {string} options.accessIp -
- */
-exports.validateToken = function* (token, options) {
-  var row = yield Token.findByToken(token);
-  if (!row) {
-    return null;
-  }
-
-  var name = row.userId;
-  var tokenObj = convertToken(row);
-  // write operation and readonly token
-  // validate fail
-  if (!options.isReadOperation && tokenObj.readonly) {
-    return null;
-  }
-
-  // has a cidr whitelist and access ip not in list
-  // validate fail
-  var cidrWhitelist = tokenObj.cidr_whitelist;
-  if (cidrWhitelist.length && !cidrWhitelist.includes(options.accessIp)) {
-    return null;
-  }
-
-  return yield UserService.get(name);
-};
-
-/**
- * create token for user
- * @param {string} userId -
- * @param {object} [options] -
- * @param {object} [options.readonly] - default is false
- * @param {object} [options.cidrWhitelist] - default is []
- */
-exports.createToken = function* (userId, options) {
-  options = Object.assign({}, DEFAULT_TOKEN_OPTIONS, options);
-  var token = uuid.v4();
-  var key = createTokenKey(token);
-  var tokenObj = {
-    token: token,
-    userId: userId,
-    readonly: options.readonly,
-    key: key,
-    cidrWhitelist: options.cidrWhitelist,
-  };
-  var row = yield Token.add(tokenObj);
-  return convertToken(row, { redacte: false });
-};
-
-/**
- * list token for user
- * @param {string} userId -
- * @param {object} [options] -
- * @param {object} [options.perPage] - default is 10
- * @param {object} [options.page] - default is 0
- */
-exports.listToken = function* (userId, options) {
-  options = Object.assign({}, DEFAULT_LIST_TOKEN_OPTIONS, options);
-  var rows = yield Token.listByUser(userId, options.perPage * options.page, options.perPage);
-  return rows.map(function(row) {
-    return convertToken(row);
-  });
-};
-
-/**
- * delete token for user
- * @param {string} userId -
- * @param {string} keyOrToken - the key prefix or full token
- */
-exports.deleteToken = function* (userId, keyOrToken) {
-  yield Token.deleteByKeyOrToken(userId, keyOrToken);
-};
-
-function convertToken(row, options) {
-  options = options || {};
-  var token = row.token;
-  if (options.redacte !== false) {
-    token = redacteToken(token);
-  }
-  return {
-    token: token,
-    key: row.key,
-    cidr_whitelist: row.cidrWhitelist,
-    created: row.gmt_create,
-    updated: row.gmt_create,
-    readonly: row.readonly,
-  };
-}
-
-function redacteToken(token) {
-  if (!token) {
-    return null;
-  }
-  return `${token.substr(0, 6)}...${token.substr(-6)}`;
-}
-
-function createTokenKey(token) {
-  return crypto.createHash('sha512').update(token).digest('hex');
-}
--- a/services/total.js
+++ b/services/total.js
@@ -13,29 +13,18 @@ if (config.database.dialect === 'postgres') {
 }

 exports.get = function* () {
-  var rs;
  // var DB_SIZE_SQL = 'SELECT TABLE_NAME AS name, data_length, index_length \
  //   FROM information_schema.tables WHERE TABLE_SCHEMA = ? \
  //   GROUP BY TABLE_NAME \
  //   ORDER BY data_length DESC \
  //   LIMIT 0, 200';
-  if (config.enableTotalCount) {
-    rs = yield [
-      // models.query(DB_SIZE_SQL, [config.db]),
-      models.queryOne(TOTAL_MODULE_SQL),
-      models.queryOne(TOTAL_VERSION_SQL),
-      models.queryOne(TOTAL_USER_SQL),
-      exports.getTotalInfo(),
-    ];
-  } else {
-    rs = yield [
-      models.queryOne(TOTAL_USER_SQL),
-      exports.getTotalInfo(),
-    ];
-    // set total modules and versions to zero
-    rs.unshift({ count: 0 });
-    rs.unshift({ count: 0 });
-  }
+  var rs = yield [
+    // models.query(DB_SIZE_SQL, [config.db]),
+    models.queryOne(TOTAL_MODULE_SQL),
+    models.queryOne(TOTAL_VERSION_SQL),
+    models.queryOne(TOTAL_USER_SQL),
+    exports.getTotalInfo(),
+  ];

  // var sizes = rs[0];
  var mc = rs[0];
--- a/test/controllers/registry/package/dist_tag.test.js
+++ b/test/controllers/registry/package/dist_tag.test.js
@@ -1,6 +1,5 @@
 'use strict';

-var assert = require('assert');
 var request = require('supertest');
 var mm = require('mm');
 var pedding = require('pedding');
@@ -118,27 +117,6 @@ describe('test/controllers/registry/package/dist_tag.test.js', function () {
        .expect(201, done);
      });
    });
-
-    it('should fire globalHook', function (done) {
-      done = pedding(2, done);
-      mm(config, 'globalHook', function* (envelope) {
-        assert(envelope.version === '1.0.1');
-        assert(envelope.name === '@cnpmtest/dist_tag_test_module_set');
-        assert(envelope.type === 'package');
-        assert(envelope.event === 'package:dist-tag');
-        assert(envelope.tag === 'exists');
-        done();
-      })
-      request(app)
-        .put('/-/package/@cnpmtest/dist_tag_test_module_set/dist-tags/exists')
-        .set('authorization', utils.otherUserAuth)
-        .set('content-type', 'application/json')
-        .send(JSON.stringify('1.0.1'))
-        .expect({
-          ok: 'dist-tags updated'
-        })
-        .expect(201, done);
-    });
  });

  describe('destroy()', function () {
@@ -200,25 +178,6 @@ describe('test/controllers/registry/package/dist_tag.test.js', function () {
      })
      .expect(200, done);
    });
-
-    it('should fire globalHook', function (done) {
-      done = pedding(2, done);
-      mm(config, 'globalHook', function* (envelope) {
-        assert(envelope.name === '@cnpmtest/dist_tag_test_module_destroy');
-        assert(envelope.type === 'package');
-        assert(envelope.event === 'package:dist-tag:rm');
-        assert(envelope.tag === 'next');
-        done();
-      })
-      request(app)
-        .delete('/-/package/@cnpmtest/dist_tag_test_module_destroy/dist-tags/next')
-        .set('authorization', utils.otherUserAuth)
-        .set('content-type', 'application/json')
-        .expect({
-          ok: 'dist-tags updated'
-        })
-        .expect(200, done);
-    });
  });

  describe('save()', function () {
@@ -284,39 +243,6 @@ describe('test/controllers/registry/package/dist_tag.test.js', function () {
        }, done);
      });
    });
-
-    it('should fire globalHook', function (done) {
-      done = pedding(3, done);
-      mm(config, 'globalHook', function* (envelope) {
-        if (envelope.tag === 'latest') {
-          assert(envelope.version === '1.0.1');
-          assert(envelope.name === '@cnpmtest/dist_tag_test_module_save');
-          assert(envelope.type === 'package');
-          assert(envelope.event === 'package:dist-tag');
-          assert(envelope.tag === 'latest');
-          done();
-        }
-        if (envelope.tag === 'new') {
-          assert(envelope.version === '1.0.1');
-          assert(envelope.name === '@cnpmtest/dist_tag_test_module_save');
-          assert(envelope.type === 'package');
-          assert(envelope.event === 'package:dist-tag');
-          assert(envelope.tag === 'new');
-          done();
-        }
-      })
-      request(app)
-        .put('/-/package/@cnpmtest/dist_tag_test_module_save/dist-tags')
-        .set('authorization', utils.otherUserAuth)
-        .send({
-          latest: '1.0.1',
-          new: '1.0.1'
-        })
-        .expect({
-          ok: 'dist-tags updated'
-        })
-        .expect(201, done);
-    });
  });

  describe('update()', function () {
--- a/test/controllers/registry/package/list.test.js
+++ b/test/controllers/registry/package/list.test.js
@@ -319,7 +319,7 @@ describe('test/controllers/registry/package/list.test.js', () => {
          assert(Object.keys(data.versions).length > 0);
          for (const v in data.versions) {
            const pkg = data.versions[v];
-            // assert('_hasShrinkwrap' in pkg);
+            assert('_hasShrinkwrap' in pkg);
            assert(pkg.publish_time && typeof pkg.publish_time === 'number');
            assert(pkg._publish_on_cnpm === undefined);
          }
@@ -344,7 +344,7 @@ describe('test/controllers/registry/package/list.test.js', () => {
          assert(Object.keys(data.versions).length > 0);
          for (const v in data.versions) {
            const pkg = data.versions[v];
-            // assert('_hasShrinkwrap' in pkg);
+            assert('_hasShrinkwrap' in pkg);
            assert(pkg.publish_time && typeof pkg.publish_time === 'number');
            assert(pkg._publish_on_cnpm === undefined);
          }
@@ -382,7 +382,7 @@ describe('test/controllers/registry/package/list.test.js', () => {
          assert(Object.keys(data.versions).length > 0);
          for (const v in data.versions) {
            const pkg = data.versions[v];
-            // assert('_hasShrinkwrap' in pkg);
+            assert('_hasShrinkwrap' in pkg);
            assert(pkg.publish_time && typeof pkg.publish_time === 'number');
            assert(pkg._publish_on_cnpm === undefined);
          }
@@ -407,7 +407,7 @@ describe('test/controllers/registry/package/list.test.js', () => {
          assert(Object.keys(data.versions).length > 0);
          for (const v in data.versions) {
            const pkg = data.versions[v];
-            // assert('_hasShrinkwrap' in pkg);
+            assert('_hasShrinkwrap' in pkg);
            assert(pkg.publish_time && typeof pkg.publish_time === 'number');
            assert(pkg._publish_on_cnpm === undefined);
            assert(pkg.dist.tarball.includes('.tgz?bucket=foo-us1&admin=1&other_urls=http'));
--- a/test/controllers/registry/package/list_versions.test.js
+++ b/test/controllers/registry/package/list_versions.test.js
@@ -1,43 +0,0 @@
-'use strict';
-
-const should = require('should');
-const request = require('supertest');
-const mm = require('mm');
-const moment = require('moment');
-const config = require('../../../../config');
-const app = require('../../../../servers/registry');
-const utils = require('../../../utils');
-
-describe('test/controllers/registry/package/list_versions.test.js', function () {
-  afterEach(mm.restore);
-
-  before(function (done) {
-    utils.sync('pedding', done);
-  });
-
-  describe('GET /-/allversions', function () {
-    it('should get 200', function (done) {
-      mm(config, 'syncModel', 'all');
-      request(app)
-      .get('/-/allversions?date=' + moment().format('YYYY-MM-DD'))
-      .expect(200, function (err, res) {
-        should.not.exist(err);
-        console.log(res.body);
-        const rows = res.body;
-        rows.length.should.above(0);
-        done();
-      });
-    });
-
-    it('should get 404', function (done) {
-      mm(config, 'syncModel', 'all');
-      request(app)
-      .get('/-/allversions?date=notadsfwe')
-      .expect(400, function (err, res) {
-        should.not.exist(err);
-        res.body.reason.should.equal('[query_parse_error] Invalid value for `date`, should be `YYYY-MM-DD` format.');
-        done();
-      });
-    });
-  });
-});
--- a/test/controllers/registry/package/remove.test.js
+++ b/test/controllers/registry/package/remove.test.js
@@ -65,32 +65,6 @@ describe('test/controllers/registry/package/remove.test.js', function () {
    });
  });

-  it('should not remove nfs', function (done) {
-    let called = false;
-    mm(config, 'unpublishRemoveTarball', false);
-    mm(nfs, 'remove', function* () {
-      called = true;
-    });
-
-    var pkg = utils.getPackage('@cnpmtest/testmodule-remove-2', '3.0.0', utils.otherUser);
-    request(app)
-      .put('/' + pkg.name)
-      .set('authorization', utils.otherUserAuth)
-      .send(pkg)
-      .expect(201, function() {
-        request(app)
-          .del('/@cnpmtest/testmodule-remove-2/-rev/1')
-          .set('authorization', utils.adminAuth)
-          .expect(200, function (err) {
-            called.should.equal(false);
-            should.not.exist(err);
-            request(app)
-              .get('/@cnpmtest/testmodule-remove-2')
-              .expect(404, done);
-          });
-      });
-  });
-
  describe('mock error', function () {
    beforeEach(function (done) {
      var pkg = utils.getPackage('@cnpmtest/testmodule-remove-mock-1', '2.0.0', utils.admin);
--- a/test/controllers/registry/package/remove_version.test.js
+++ b/test/controllers/registry/package/remove_version.test.js
@@ -7,7 +7,6 @@ var app = require('../../../../servers/registry');
 var utils = require('../../../utils');
 var packageService = require('../../../../services/package');
 var nfs = require('../../../../common/nfs');
-var config = require('../../../../config');

 describe('test/controllers/registry/package/remove_version.test.js', function () {
  afterEach(mm.restore);
@@ -79,32 +78,6 @@ describe('test/controllers/registry/package/remove_version.test.js', function ()
    .expect(200, done);
  });

-  it('should not remove nfs', function (done) {
-    let called = false;
-    mm(config, 'unpublishRemoveTarball', false);
-    mm(nfs, 'remove', function* () {
-      called = true;
-    });
-
-    var pkg = utils.getPackage('@cnpmtest/testmodule-remove_version-2', '3.0.0', utils.otherUser);
-    request(app)
-      .put('/' + pkg.name)
-      .set('authorization', utils.otherUserAuth)
-      .send(pkg)
-      .expect(201, function() {
-        request(app)
-          .del('/@cnpmtest/testmodule-remove_version-2/download/@cnpmtest/testmodule-remove_version-2-3.0.0.tgz/-rev/1')
-          .set('authorization', utils.adminAuth)
-          .expect(200, function (err) {
-            called.should.equal(false);
-            should.not.exist(err);
-            request(app)
-              .get('/@cnpmtest/testmodule-remove-2')
-              .expect(404, done);
-          });
-      });
-  });
-
  describe('mock error', function () {
    before(function (done) {
      var pkg = utils.getPackage('@cnpmtest/testmodule-remove_version-1', '0.0.2', utils.otherUser);
--- a/test/controllers/registry/package/save.test.js
+++ b/test/controllers/registry/package/save.test.js
@@ -6,7 +6,6 @@ var request = require('supertest');
 var pedding = require('pedding');
 var mm = require('mm');
 var packageService = require('../../../../services/package');
-var tokenService = require('../../../../services/token');
 var app = require('../../../../servers/registry');
 var config = require('../../../../config');
 var utils = require('../../../utils');
@@ -173,20 +172,6 @@ describe('test/controllers/registry/package/save.test.js', function () {
      .expect(400, done);
    });

-    it('should publish use token', function* () {
-      var token = yield tokenService.createToken(utils.admin);
-
-      var pkg = utils.getPackageWithToken('testmodule-new-3', '0.0.1', utils.admin);
-
-      yield request(app)
-        .put('/' + pkg.name)
-        .set('authorization', 'Bearer ' + token.token)
-        .send(pkg)
-        .expect(201);
-
-      yield tokenService.deleteToken(utils.admin, token.token);
-    });
-
    it('should 400 when dist-tags missing', function (done) {
      var pkg = utils.getPackage('testmodule-new-1', '0.0.1', utils.admin);
      delete pkg['dist-tags'];
--- a/test/controllers/registry/token/create.test.js
+++ b/test/controllers/registry/token/create.test.js
@@ -1,79 +0,0 @@
-'use strict';
-
-var should = require('should');
-var request = require('supertest');
-var app = require('../../../../servers/registry');
-var tokenService = require('../../../../services/token');
-var TestUtil = require('../../../utils');
-
-describe('test/controllers/registry/token/create.test.js', function () {
-  describe('POST /-/npm/v1/tokens', function () {
-    var token;
-
-    beforeEach(function* () {
-      token = yield tokenService.createToken(TestUtil.admin);
-    });
-
-    afterEach(function* () {
-      yield tokenService.deleteToken(TestUtil.admin, token.token);
-    });
-
-    it('should work', function (done) {
-      request(app)
-        .post('/-/npm/v1/tokens')
-        .set('authorization', 'Bearer ' + token.token)
-        .send({
-          password: TestUtil.admin,
-          readonly: true,
-          cidr_whitelist: [ '127.0.0.1' ],
-        })
-        .expect(201, function (err, res) {
-          should.not.exist(err);
-          res.body.should.have.keys('token', 'key', 'cidr_whitelist', 'readonly', 'created', 'updated');
-          res.body.readonly.should.equal(true);
-          res.body.cidr_whitelist.should.deepEqual([ '127.0.0.1' ]);
-          done();
-        });
-    });
-
-    describe('password is wrong', function () {
-      it('should 401', function (done) {
-        request(app)
-          .post('/-/npm/v1/tokens')
-          .set('authorization', 'Bearer ' + token.token)
-          .send({
-            password: 'wrong password',
-            readonly: true,
-            cidr_whitelist: [ '127.0.0.1' ],
-          })
-          .expect(401, done);
-      });
-    });
-
-    describe('client error', function () {
-      it('should check readonly', function (done) {
-        request(app)
-          .post('/-/npm/v1/tokens')
-          .set('authorization', 'Bearer ' + token.token)
-          .send({
-            password: TestUtil.admin,
-            readonly: 'true',
-            cidr_whitelist: [ '127.0.0.1' ],
-          })
-          .expect(400, done);
-      });
-
-      it('should check cird', function (done) {
-        request(app)
-          .post('/-/npm/v1/tokens')
-          .set('authorization', 'Bearer ' + token.token)
-          .send({
-            password: TestUtil.admin,
-            readonly: true,
-            cidr_whitelist: [ 'xxx.0.0.1' ],
-          })
-          .expect(400, done);
-      });
-    });
-  });
-});
--- a/test/controllers/registry/token/del.test.js
+++ b/test/controllers/registry/token/del.test.js
@@ -1,24 +0,0 @@
-'use strict';
-
-var should = require('should');
-var app = require('../../../../servers/registry');
-var request = require('supertest');
-var tokenService = require('../../../../services/token');
-var TestUtil = require('../../../utils');
-
-describe('test/controllers/registry/token/del.test.js', function () {
-  describe('DELETE /-/npm/v1/tokens', function () {
-    var token;
-
-    beforeEach(function* () {
-      token = yield tokenService.createToken(TestUtil.admin);
-    });
-
-    it('should work', function (done) {
-      request(app)
-        .delete(`/-/npm/v1/tokens/token/${token.token}`)
-        .set('authorization', 'Bearer ' + token.token)
-        .expect(204, done);
-    });
-  });
-});
--- a/test/controllers/registry/token/list.test.js
+++ b/test/controllers/registry/token/list.test.js
@@ -1,62 +0,0 @@
-'use strict';
-
-var should = require('should');
-var app = require('../../../../servers/registry');
-var request = require('supertest');
-var tokenService = require('../../../../services/token');
-var TestUtil = require('../../../utils');
-
-describe('test/controllers/registry/token/list.test.js', function () {
-  describe('GET /-/npm/v1/tokens', function () {
-    var token;
-
-    beforeEach(function* () {
-      token = yield tokenService.createToken(TestUtil.admin);
-    });
-
-    afterEach(function* () {
-      yield tokenService.deleteToken(TestUtil.admin, token.token);
-    });
-
-    it('should work', function (done) {
-      request(app)
-        .get(`/-/npm/v1/tokens`)
-        .set('authorization', 'Bearer ' + token.token)
-        .expect(200, function (err, res) {
-          should.not.exist(err);
-          should.exist(res.body.objects);
-          done();
-        });
-    });
-
-    describe('client error', function () {
-      it('should check perPage is number', function (done) {
-        request(app)
-          .get(`/-/npm/v1/tokens?perPage=xxx`)
-          .set('authorization', 'Bearer ' + token.token)
-          .expect(400, done);
-      });
-
-      it('should check perPage in boundary', function (done) {
-        request(app)
-          .get(`/-/npm/v1/tokens?perPage=999999999`)
-          .set('authorization', 'Bearer ' + token.token)
-          .expect(400, done);
-      });
-
-      it('should check page is number', function (done) {
-        request(app)
-          .get(`/-/npm/v1/tokens?page=xxx`)
-          .set('authorization', 'Bearer ' + token.token)
-          .expect(400, done);
-      });
-
-      it('should check page gt 0', function (done) {
-        request(app)
-          .get(`/-/npm/v1/tokens?page=-4`)
-          .set('authorization', 'Bearer ' + token.token)
-          .expect(400, done);
-      });
-    });
-  });
-});
--- a/test/controllers/registry/user/add.test.js
+++ b/test/controllers/registry/user/add.test.js
@@ -127,7 +127,7 @@ describe('test/controllers/registry/user/add.test.js', function () {
      })
      .expect(201, function (err, res) {
        should.not.exist(err);
-        res.body.should.have.keys('ok', 'id', 'rev', 'token');
+        res.body.should.have.keys('ok', 'id', 'rev');
        res.body.id.should.equal('org.couchdb.user:cnpmjstest11111');
        res.body.rev.should.match(/\d+\-cnpmjstest11111/);
        res.body.ok.should.equal(true);
--- a/test/controllers/registry/user/ping.test.js
+++ b/test/controllers/registry/user/ping.test.js
@@ -1,78 +0,0 @@
-'use strict';
-
-var should = require('should');
-var request = require('supertest');
-var mm = require('mm');
-var app = require('../../../../servers/registry');
-var config = require('../../../../config');
-var tokenService = require('../../../../services/token');
-var TestUtil = require('../../../utils');
-
-describe('test/controllers/registry/user/ping.test.js', function () {
-  afterEach(mm.restore);
-
-  describe('/-/ping', function () {
-    var token;
-
-    beforeEach(function* () {
-      mm(config, 'syncModel', 'all');
-      token = yield tokenService.createToken(TestUtil.admin);
-    });
-
-    afterEach(function* () {
-      yield tokenService.deleteToken(TestUtil.admin, token.token);
-    });
-
-    describe('with write', function () {
-      describe('has login', function () {
-        it('should work', function (done) {
-          request(app)
-            .get('/-/ping?write=true')
-            .set('authorization', 'Bearer ' + token.token)
-            .expect(200, function (err) {
-              should.not.exist(err);
-              done();
-            });
-        });
-      });
-
-      describe('has not login', function () {
-        it('should work', function (done) {
-          request(app)
-            .get('/-/ping?write=true')
-            .set('authorization', 'Bearer mock_token')
-            .expect(401, function (err) {
-              should.not.exist(err);
-              done();
-            });
-        });
-      });
-    });
-
-    describe('with not write', function () {
-      describe('has login', function () {
-        it('should work', function (done) {
-          request(app)
-            .get('/-/ping')
-            .set('authorization', 'Bearer ' + token.token)
-            .expect(200, function (err) {
-              should.not.exist(err);
-              done();
-            });
-        });
-      });
-
-      describe('has not login', function () {
-        it('should work', function (done) {
-          request(app)
-            .get('/-/ping')
-            .set('authorization', 'Bearer ' + token.token)
-            .expect(200, function (err) {
-              should.not.exist(err);
-              done();
-            });
-        });
-      });
-    });
-  });
-});
--- a/test/controllers/registry/user/whoami.test.js
+++ b/test/controllers/registry/user/whoami.test.js
@@ -1,37 +0,0 @@
-'use strict';
-
-var should = require('should');
-var request = require('supertest');
-var mm = require('mm');
-var app = require('../../../../servers/registry');
-var config = require('../../../../config');
-var tokenService = require('../../../../services/token');
-var TestUtil = require('../../../utils');
-
-describe('test/controllers/registry/user/whoami.test.js', function () {
-  afterEach(mm.restore);
-
-  describe('/-/whoami', function () {
-    var token;
-
-    beforeEach(function* () {
-      mm(config, 'syncModel', 'all');
-      token = yield tokenService.createToken(TestUtil.admin);
-    });
-
-    afterEach(function* () {
-      yield tokenService.deleteToken(TestUtil.admin, token.token);
-    });
-
-    it('should work', function (done) {
-      request(app)
-        .get('/-/whoami')
-        .set('authorization', 'Bearer ' + token.token)
-        .expect(200, function (err, res) {
-          should.not.exist(err);
-          res.body.username.should.eql(TestUtil.admin);
-          done();
-        });
-    });
-  });
-});
--- a/test/controllers/registry/user_package.test.js
+++ b/test/controllers/registry/user_package.test.js
@@ -49,8 +49,8 @@ describe('test/controllers/registry/user_package.test.js', function () {
        should.not.exist(err);
        res.body.fengmk2.should.be.an.Array();
        res.body.fengmk2.should.containEql('pedding');
-        // res.body['dead-horse'].should.be.an.Array();
-        // res.body['dead-horse'].should.containEql('pedding');
+        res.body['dead-horse'].should.be.an.Array();
+        res.body['dead-horse'].should.containEql('pedding');
        done();
      });

@@ -60,8 +60,8 @@ describe('test/controllers/registry/user_package.test.js', function () {
        should.not.exist(err);
        res.body.fengmk2.should.be.an.Array();
        res.body.fengmk2.should.containEql('pedding');
-        // res.body['dead-horse'].should.be.an.Array();
-        // res.body['dead-horse'].should.containEql('pedding');
+        res.body['dead-horse'].should.be.an.Array();
+        res.body['dead-horse'].should.containEql('pedding');
        done();
      });
    });
--- a/test/controllers/sync_module_worker.test.js
+++ b/test/controllers/sync_module_worker.test.js
@@ -307,7 +307,7 @@ describe('test/controllers/sync_module_worker.test.js', () => {
    console.log('get %d rows', rows.length);
    rows.forEach(row => {
      assert(row.package.deprecated);
-      // assert(row.package._hasShrinkwrap === false);
+      assert(row.package._hasShrinkwrap === false);
    });

    // mock deprecated missing
--- a/test/controllers/web/user/show.test.js
+++ b/test/controllers/web/user/show.test.js
@@ -81,7 +81,6 @@ describe('controllers/web/user/show.test.js', function () {

          // he.enclde('fengmk2@gmail.com') ↓
          assert(res.text.includes('&#x66;&#x65;&#x6E;&#x67;&#x6D;&#x6B;&#x32;&#x40;&#x67;&#x6D;&#x61;&#x69;&#x6C;&#x2E;&#x63;&#x6F;&#x6D;'));
-          assert(res.headers['x-custom-web-middleware'] === 'true');
          done()
        });
    });
--- a/test/fixtures/package_and_tgz_by_token.json
+++ b/test/fixtures/package_and_tgz_by_token.json
@@ -1 +0,0 @@
-{"_id":"mk2testmodule","name":"mk2testmodule","description":"","dist-tags":{"latest":"0.0.1"},"versions":{"0.0.1":{"name":"mk2testmodule","version":"0.0.1","description":"","main":"index.js","scripts":{"test":"echo \"Error: no test specified\" && exit 1"},"author":"","license":"ISC","readme":"ERROR: No README data found!","_id":"mk2testmodule@0.0.1","dist":{"shasum":"fa475605f88bab9b1127833633ca3ae0a477224c","tarball":"http://127.0.0.1:7001/mk2testmodule/-/mk2testmodule-0.0.1.tgz"},"_from":".","_npmVersion":"1.4.3","_npmUser":{"name":"fengmk2","email":"fengmk2@gmail.com"}}},"readme":"ERROR: No README data found!","_attachments":{"mk2testmodule-0.0.1.tgz":{"content_type":"application/octet-stream","data":"H4sIAAAAAAAAA+2SsWrDMBCGPfspDg2ZinOyEgeylg6Zu2YR8rVRHEtGkkOg5N0jWaFdujVQAv6W4/7/dHcSGqTq5Ccthxyro7emeDCI2KxWkOKmaaaIdc4TouZQ8FqgwI3AdVMgF8ijho9e5DdGH6SLq/y1T74LfMcn4asEYEb2xLbA+q4O5ENv2/FE7CVZZ3JeW5NcrLDiWW3JK6eHcHey2Es9Zdq0dIkfKau50EcjjYpCmpDKSB0s7Nmbc9ZtwVhIBviBlP7Q1O4ZLBZAFx2As3jyOnWTYzhY9zPzpBUZPy2/e39l5bX87wedmZmZeRJuheTX2wAIAAA=","length":251}}}
--- a/test/middleware/auth.test.js
+++ b/test/middleware/auth.test.js
@@ -5,12 +5,11 @@ var app = require('../../servers/registry');
 var mm = require('mm');
 var config = require('../../config');
 var userService = require('../../services/user');
-var tokenService = require('../../services/token');

 describe('test/middleware/auth.test.js', function () {
  afterEach(mm.restore);

-  describe('basic auth', function () {
+  describe('auth()', function () {
    it('should pass if no authorization', function (done) {
      request(app)
      .get('/-/user/org.couchdb.user:cnpmjstest10')
@@ -64,25 +63,6 @@ describe('test/middleware/auth.test.js', function () {
    });
  });

-  describe('bearer auth', function () {
-    var token;
-
-    beforeEach(function* () {
-      token = yield tokenService.createToken('cnpmjstest10');
-    });
-
-    afterEach(function* () {
-      yield tokenService.deleteToken('cnpmjstest10', token.token);
-    });
-
-    it('should ok', function (done) {
-      request(app)
-        .get('/-/user/org.couchdb.user:cnpmjstest10')
-        .set('authorization', 'Bearer ' + token.token)
-        .expect(200, done);
-    });
-  });
-
  describe('config.alwaysAuth = true', function () {
    beforeEach(function () {
      mm(config, 'alwaysAuth', true);
--- a/test/models/token.test.js
+++ b/test/models/token.test.js
@@ -1,65 +0,0 @@
-'use strict';
-
-var mm = require('mm');
-var should = require('should');
-var uuid = require('uuid');
-var sequelize = require('../../models').sequelize;
-var Token = require('../../models').Token;
-var TestUtil = require('../utils');
-
-describe('models/token.test.js', function () {
-  afterEach(mm.restore);
-
-  describe('deleteByKeyOrToken', function () {
-    var token1;
-    var token2;
-
-    beforeEach(function *() {
-      var token1Str = 'mock_token1_' + uuid.v4();
-      var token2Str= 'mock_token2_' + uuid.v4();
-
-      token1 = yield Token.add({
-        token: token1Str,
-        userId: TestUtil.admin,
-        readonly: false,
-        key: '1_token_1' + token1Str,
-        cidrWhitelist: [],
-      });
-
-      token2 = yield Token.add({
-        token: token2Str,
-        userId: TestUtil.admin,
-        readonly: false,
-        key: '1_token_2' + token2Str,
-        cidrWhitelist: [],
-      });
-    });
-
-    describe('delete by key', function () {
-      it('should work', function* () {
-        yield Token.deleteByKeyOrToken(TestUtil.admin, '1_token_1');
-        var tokenRow = yield Token.findByToken(token1.token);
-        should.not.exist(tokenRow);
-      });
-
-      describe('key is ambiguous', function () {
-        it('should not delete token', function* () {
-          var error;
-          try {
-            yield Token.deleteByKeyOrToken(TestUtil.admin, '1_token_');
-          } catch (e) {
-            error = e;
-          }
-          should.exist(error);
-          error.message.should.match(/Token ID ".+" was ambiguous/);
-
-          var token1Row = yield Token.findByToken(token1.token);
-          should.exist(token1Row);
-
-          var token2Row = yield Token.findByToken(token2.token);
-          should.exist(token2Row);
-        });
-      });
-    });
-  });
-});
--- a/test/services/package.test.js
+++ b/test/services/package.test.js
@@ -1,19 +1,59 @@
+/**!
+ * cnpmjs.org - test/services/package.test.js
+ *
+ * Copyright(c) fengmk2 and other contributors.
+ * MIT Licensed
+ *
+ * Authors:
+ *   fengmk2 <fengmk2@gmail.com> (http://fengmk2.com)
+ */
+
 'use strict';

+/**
+ * Module dependencies.
+ */
+
 var should = require('should');
 var sleep = require('co-sleep');
 var Package = require('../../services/package');
 var utils = require('../utils');

 describe('test/services/package.test.js', function () {
+  function* createModule(name, version, user, tag) {
+    var sourcePackage = {
+      version: version,
+      name: name,
+      publish_time: Date.now(),
+    };
+    var mod = {
+      version: sourcePackage.version,
+      name: sourcePackage.name,
+      package: sourcePackage,
+      author: user || 'unittest',
+      publish_time: sourcePackage.publish_time,
+    };
+    var dist = {
+      tarball: 'http://registry.npmjs.org/' + name + '/-/' + name + '-' + version + '.tgz',
+      shasum: '9d7bc446e77963933301dd602d5731cb861135e0',
+      size: 100,
+    };
+    mod.package.dist = dist;
+    yield Package.saveModule(mod);
+    yield Package.saveModuleAbbreviated(mod);
+    // add tag
+    yield Package.addModuleTag(name, tag || 'latest', version);
+    return yield Package.getModule(mod.name, mod.version);
+  }
+
  describe('addModuleTag()', function () {
    it('should add latest tag to 1.0.0', function* () {
-      var r = yield utils.createModule('test-addModuleTag-module-name', '1.0.0');
+      var r = yield createModule('test-addModuleTag-module-name', '1.0.0');
      var tag = yield Package.addModuleTag(r.name, 'latest', r.version);
      should.exist(tag);
      tag.id.should.above(0);

-      r = yield utils.createModule('test-addModuleTag-module-name', '1.1.0');
+      r = yield createModule('test-addModuleTag-module-name', '1.1.0');
      var tag2 = yield Package.addModuleTag(r.name, 'latest', r.version);
      should.exist(tag2);
      tag.id.should.equal(tag2.id);
@@ -30,7 +70,7 @@ describe('test/services/package.test.js', function () {

  describe('getModuleByTag()', function () {
    it('should get latest module', function* () {
-      var r = yield utils.createModule('test-getModuleByTag-module-name', '1.0.0');
+      var r = yield createModule('test-getModuleByTag-module-name', '1.0.0');
      var tag = yield Package.addModuleTag(r.name, 'latest', r.version);
      should.exist(tag);

@@ -66,9 +106,9 @@ describe('test/services/package.test.js', function () {

  describe('listPublicModuleNamesByUser(), listPublicModulesByUser()', function () {
    before(function* () {
-      yield utils.createModule('listPublicModuleNamesByUser-module0', '1.0.0', 'listPublicModuleNamesByUser-user');
-      yield utils.createModule('listPublicModuleNamesByUser-module1', '1.0.0', 'listPublicModuleNamesByUser-user');
-      yield utils.createModule('listPublicModuleNamesByUser-module2', '1.0.0', 'listPublicModuleNamesByUser-user');
+      yield createModule('listPublicModuleNamesByUser-module0', '1.0.0', 'listPublicModuleNamesByUser-user');
+      yield createModule('listPublicModuleNamesByUser-module1', '1.0.0', 'listPublicModuleNamesByUser-user');
+      yield createModule('listPublicModuleNamesByUser-module2', '1.0.0', 'listPublicModuleNamesByUser-user');
    });

    it('should got all public module names', function* () {
@@ -103,8 +143,8 @@ describe('test/services/package.test.js', function () {
    });

    it('should return all version modules', function* () {
-      yield utils.createModule('test-listModulesByName-module-1', '1.0.0');
-      yield utils.createModule('test-listModulesByName-module-1', '2.0.0');
+      yield createModule('test-listModulesByName-module-1', '1.0.0');
+      yield createModule('test-listModulesByName-module-1', '2.0.0');
      var modules = yield Package.listModulesByName('test-listModulesByName-module-1');
      modules.should.length(2);
      modules.forEach(function (mod) {
@@ -121,8 +161,8 @@ describe('test/services/package.test.js', function () {
    });

    it('should work', function* () {
-      yield utils.createModule('@cnpm-test/test-listPrivateModules-module-1', '1.0.0');
-      yield utils.createModule('@cnpm-test/test-listPrivateModules-module-2', '1.0.0');
+      yield createModule('@cnpm-test/test-listPrivateModules-module-1', '1.0.0');
+      yield createModule('@cnpm-test/test-listPrivateModules-module-2', '1.0.0');
      var modules = yield Package.listPrivateModulesByScope('@cnpm-test');
      modules.should.length(2);
      modules[0].name.should.containEql('@cnpm-test/test-listPrivateModules-module-');
@@ -131,12 +171,12 @@ describe('test/services/package.test.js', function () {

  describe('listPublicModuleNamesSince(), listAllPublicModuleNames()', function () {
    it('should got those module names', function* () {
-      yield utils.createModule('test-listPublicModuleNamesSince-module-0', '1.0.0');
+      yield createModule('test-listPublicModuleNamesSince-module-0', '1.0.0');
      yield sleep(1100);
      var start = Date.now() - 1000;
-      yield utils.createModule('test-listPublicModuleNamesSince-module-1', '1.0.0');
-      yield utils.createModule('test-listPublicModuleNamesSince-module-1', '1.0.1', null, 'beta');
-      yield utils.createModule('test-listPublicModuleNamesSince-module-2', '1.0.0');
+      yield createModule('test-listPublicModuleNamesSince-module-1', '1.0.0');
+      yield createModule('test-listPublicModuleNamesSince-module-1', '1.0.1', null, 'beta');
+      yield createModule('test-listPublicModuleNamesSince-module-2', '1.0.0');
      var names = yield Package.listPublicModuleNamesSince(start);
      names.should.length(2);
      names.should.eql(['test-listPublicModuleNamesSince-module-1', 'test-listPublicModuleNamesSince-module-2']);
@@ -151,7 +191,7 @@ describe('test/services/package.test.js', function () {

  describe('getModuleLastModified()', function () {
    it('should get a datetime', function* () {
-      yield utils.createModule('test-getModuleLastModified-module-0', '1.0.0');
+      yield createModule('test-getModuleLastModified-module-0', '1.0.0');
      var t = yield Package.getModuleLastModified('test-getModuleLastModified-module-0');
      t.should.be.a.Date();
    });
@@ -164,9 +204,9 @@ describe('test/services/package.test.js', function () {

  describe('removeModulesByName()', function () {
    it('should remove all', function* () {
-      yield utils.createModule('test-removeModulesByName-module-1', '1.0.0');
-      yield utils.createModule('test-removeModulesByName-module-1', '1.0.1', null, 'beta');
-      yield utils.createModule('test-removeModulesByName-module-1', '2.0.0');
+      yield createModule('test-removeModulesByName-module-1', '1.0.0');
+      yield createModule('test-removeModulesByName-module-1', '1.0.1', null, 'beta');
+      yield createModule('test-removeModulesByName-module-1', '2.0.0');

      var mods = yield Package.listModulesByName('test-removeModulesByName-module-1');
      mods.should.length(3);
@@ -178,10 +218,10 @@ describe('test/services/package.test.js', function () {

  describe('removeModulesByNameAndVersions()', function () {
    it('should remove some versions', function* () {
-      yield utils.createModule('test-removeModulesByNameAndVersions-module-1', '0.0.0');
-      yield utils.createModule('test-removeModulesByNameAndVersions-module-1', '1.0.0');
-      yield utils.createModule('test-removeModulesByNameAndVersions-module-1', '1.0.1', null, 'beta');
-      yield utils.createModule('test-removeModulesByNameAndVersions-module-1', '2.0.0');
+      yield createModule('test-removeModulesByNameAndVersions-module-1', '0.0.0');
+      yield createModule('test-removeModulesByNameAndVersions-module-1', '1.0.0');
+      yield createModule('test-removeModulesByNameAndVersions-module-1', '1.0.1', null, 'beta');
+      yield createModule('test-removeModulesByNameAndVersions-module-1', '2.0.0');

      var mods = yield Package.listModulesByName('test-removeModulesByNameAndVersions-module-1');
      mods.should.length(4);
@@ -205,11 +245,11 @@ describe('test/services/package.test.js', function () {

  describe('removeModuleTags()', function () {
    it('should remove all tags by name', function* () {
-      var r2 = yield utils.createModule('test-removeModuleTagsByName2-module-name', '1.0.0');
+      var r2 = yield createModule('test-removeModuleTagsByName2-module-name', '1.0.0');
      var tag = yield Package.addModuleTag(r2.name, 'latest', r2.version);
      should.exist(tag);

-      var r = yield utils.createModule('test-removeModuleTagsByName-module-name', '1.0.0');
+      var r = yield createModule('test-removeModuleTagsByName-module-name', '1.0.0');
      var tag = yield Package.addModuleTag(r.name, 'latest', r.version);
      should.exist(tag);
      var tag = yield Package.addModuleTag(r.name, 'beta', r.version);
@@ -228,7 +268,7 @@ describe('test/services/package.test.js', function () {

  describe('removeModuleTagsByIds()', function () {
    it('should remove tags by ids', function* () {
-      var r = yield utils.createModule('test-removeModuleTagsByIds-module-name', '1.0.0');
+      var r = yield createModule('test-removeModuleTagsByIds-module-name', '1.0.0');
      var tag1 = yield Package.addModuleTag(r.name, 'latest', r.version);
      should.exist(tag1);
      var tag2 = yield Package.addModuleTag(r.name, 'beta', r.version);
@@ -251,7 +291,7 @@ describe('test/services/package.test.js', function () {

  describe('removeModuleTagsByNames()', function () {
    it('should remove some tags', function* () {
-      var r = yield utils.createModule('test-removeModuleTagsByNames-module-name', '1.0.0');
+      var r = yield createModule('test-removeModuleTagsByNames-module-name', '1.0.0');
      var tag1 = yield Package.addModuleTag(r.name, 'latest', r.version);
      should.exist(tag1);
      var tag2 = yield Package.addModuleTag(r.name, 'beta', r.version);
@@ -300,17 +340,17 @@ describe('test/services/package.test.js', function () {

  describe('getModuleByRange()', function() {
    it('should get undefined when not match semver range', function* () {
-      yield utils.createModule('test-getModuleByRange-module-0', '1.0.0');
-      yield utils.createModule('test-getModuleByRange-module-0', '1.1.0');
-      yield utils.createModule('test-getModuleByRange-module-0', '2.0.0');
+      yield createModule('test-getModuleByRange-module-0', '1.0.0');
+      yield createModule('test-getModuleByRange-module-0', '1.1.0');
+      yield createModule('test-getModuleByRange-module-0', '2.0.0');
      var mod = yield Package.getModuleByRange('test-getModuleByRange-module-0', '~2.1.0');
      should.not.exist(mod);
    });

    it('should get package with semver range', function* () {
-      yield utils.createModule('test-getModuleByRange-module-1', '1.0.0');
-      yield utils.createModule('test-getModuleByRange-module-1', '1.1.0');
-      yield utils.createModule('test-getModuleByRange-module-1', '2.0.0');
+      yield createModule('test-getModuleByRange-module-1', '1.0.0');
+      yield createModule('test-getModuleByRange-module-1', '1.1.0');
+      yield createModule('test-getModuleByRange-module-1', '2.0.0');
      var mod = yield Package.getModuleByRange('test-getModuleByRange-module-1', '1');
      mod.package.name.should.equal(mod.name);
      mod.name.should.equal('test-getModuleByRange-module-1');
@@ -318,9 +358,9 @@ describe('test/services/package.test.js', function () {
    });

    it('should get package with semver range when have invalid version', function* () {
-      yield utils.createModule('test-getModuleByRange-module-2', '1.0.0');
-      yield utils.createModule('test-getModuleByRange-module-2', '1.1.0');
-      yield utils.createModule('test-getModuleByRange-module-2', 'next');
+      yield createModule('test-getModuleByRange-module-2', '1.0.0');
+      yield createModule('test-getModuleByRange-module-2', '1.1.0');
+      yield createModule('test-getModuleByRange-module-2', 'next');
      var mod = yield Package.getModuleByRange('test-getModuleByRange-module-2', '1');
      mod.package.name.should.equal(mod.name);
      mod.name.should.equal('test-getModuleByRange-module-2');
@@ -372,7 +412,7 @@ describe('test/services/package.test.js', function () {
    });

    it('should return updated module instance', function* () {
-      var r = yield utils.createModule('test-updateModulePackageFields-name', '1.0.0');
+      var r = yield createModule('test-updateModulePackageFields-name', '1.0.0');
      should.exist(r);
      var r1 = yield Package.updateModulePackageFields(r.id, {foo: 'update for field'});
      r1.id.should.equal(r.id);
@@ -388,7 +428,7 @@ describe('test/services/package.test.js', function () {
    });

    it('should return updated module instance', function* () {
-      var r = yield utils.createModule('test-updateModuleReadme-name', '1.0.0');
+      var r = yield createModule('test-updateModuleReadme-name', '1.0.0');
      should.exist(r);
      var r1 = yield Package.updateModuleReadme(r.id, 'test updateModuleReadme');
      r1.id.should.equal(r.id);
@@ -404,7 +444,7 @@ describe('test/services/package.test.js', function () {
    });

    it('should return updated module instance', function* () {
-      var r = yield utils.createModule('test-updateModuleDescription-name', '1.0.0');
+      var r = yield createModule('test-updateModuleDescription-name', '1.0.0');
      should.exist(r);
      var r1 = yield Package.updateModuleDescription(r.id, 'test updateModuleDescription');
      r1.id.should.equal(r.id);
@@ -421,7 +461,7 @@ describe('test/services/package.test.js', function () {
    });

    it('should return the update module when update lastTime exists', function* () {
-      var r1 = yield utils.createModule('test-update-module-last-modified-package-name', '1.0.0');
+      var r1 = yield createModule('test-update-module-last-modified-package-name', '1.0.0');
      yield sleep(1100);
      yield Package.updateModuleLastModified(r1.name);
      var r2 = yield Package.getModule(r1.name, r1.version);
--- a/test/services/token.test.js
+++ b/test/services/token.test.js
@@ -1,177 +0,0 @@
-'use strict';
-
-var should = require('should');
-var TokenService = require('../../services/token');
-var TestUtils = require('../utils');
-
-describe('service/token.test.js', function() {
-  var token;
-  afterEach(function* () {
-    if (!token) return
-    yield TokenService.deleteToken(TestUtils.admin, token.token);
-  });
-
-  describe('createToken()', function() {
-    describe('default options', function() {
-      it('should create token success', function* () {
-        token = yield TokenService.createToken(TestUtils.admin);
-        should.exist(token);
-        should.exist(token.token);
-        should.exist(token.key);
-        token.cidr_whitelist.should.eql([]);
-        token.readonly.should.eql(false);
-      });
-    });
-
-    describe('custom options', function() {
-      it('should create token success', function* () {
-        token = yield TokenService.createToken(TestUtils.admin, {
-          cidrWhitelist: [ '127.0.0.1' ],
-          readonly: true,
-        });
-        should.exist(token);
-        should.exist(token.token);
-        should.exist(token.key);
-        token.cidr_whitelist.should.eql([ '127.0.0.1' ]);
-        token.readonly.should.eql(true);
-      });
-    });
-  });
-
-  describe('validateToken()', function() {
-    describe('normal', function() {
-      beforeEach(function* () {
-        token = yield TokenService.createToken(TestUtils.admin);
-      });
-
-      describe('token is exits', function() {
-        it('should get user', function* () {
-          var user = yield TokenService.validateToken(token.token, {
-            isReadOperation: true,
-            accessIp: '127.0.0.1',
-          });
-          should.exist(user);
-        });
-      });
-
-      describe('token is not exits', function() {
-        it('should not get user', function* () {
-          var user = yield TokenService.validateToken('not exits', {
-            isReadOperation: true,
-            accessIp: '127.0.0.1',
-          });
-          should.not.exist(user);
-        });
-      });
-    });
-
-    describe('readonly case', function() {
-      beforeEach(function* () {
-        token = yield TokenService.createToken(TestUtils.admin, {
-          readonly: true,
-        });
-      });
-
-      describe('read operation', function() {
-        it('should get user', function* () {
-          var user = yield TokenService.validateToken(token.token, {
-            isReadOperation: true,
-            accessIp: '127.0.0.1',
-          });
-          should.exist(user);
-        });
-      });
-
-      describe('write operation', function() {
-        it('should not get user', function* () {
-          var user = yield TokenService.validateToken('not exits', {
-            isReadOperation: false,
-            accessIp: '127.0.0.1',
-          });
-          should.not.exist(user);
-        });
-      });
-    });
-
-    describe('cidr case', function() {
-      beforeEach(function* () {
-        token = yield TokenService.createToken(TestUtils.admin, {
-          cidrWhitelist: [ '127.0.0.1' ],
-        });
-      });
-
-      describe('in white list', function() {
-        it('should get user', function* () {
-          var user = yield TokenService.validateToken(token.token, {
-            isReadOperation: true,
-            accessIp: '127.0.0.1',
-          });
-          should.exist(user);
-        });
-      });
-
-      describe('not in white list', function() {
-        it('should not get user', function* () {
-          var user = yield TokenService.validateToken('not exits', {
-            isReadOperation: true,
-            accessIp: '127.0.0.2',
-          });
-          should.not.exist(user);
-        });
-      });
-    });
-  });
-
-  describe('listToken()', function() {
-    var token1;
-    var token2;
-
-    beforeEach(function* () {
-      token1 = yield TokenService.createToken(TestUtils.admin);
-      token2 = yield TokenService.createToken(TestUtils.admin);
-    });
-
-    afterEach(function* () {
-      yield TokenService.deleteToken(token1.user, token1.token);
-      yield TokenService.deleteToken(token2.user, token2.token);
-    });
-
-    it('perPage/page should work', function* () {
-      var tokens = yield TokenService.listToken(TestUtils.admin, {
-        perPage: 1,
-        page: 0,
-      });
-      should.exist(tokens);
-      tokens[0].key.should.eql(token1.key);
-
-      tokens = yield TokenService.listToken(TestUtils.admin, {
-        perPage: 1,
-        page: 1,
-      });
-      should.exist(tokens);
-      tokens[0].key.should.eql(token2.key);
-    });
-  });
-
-  describe('deleteToken()', function() {
-    beforeEach(function* () {
-      token = yield TokenService.createToken(TestUtils.admin);
-    });
-
-    describe('delete by key prefix', function() {
-      it('should work', function* () {
-        yield TokenService.deleteToken(TestUtils.admin, token.key.substring(0, 6));
-        var user = yield TokenService.validateToken(token.token, { isReadOperation: false, accessIp: '127.0.0.1' });
-        should.not.exists(user);
-      });
-    });
-
-    describe('delete by token', function() {
-      it('should work', function* () {
-        yield TokenService.deleteToken(TestUtils.admin, token.token);
-        var user = yield TokenService.validateToken(token.token, { isReadOperation: false, accessIp: '127.0.0.1' });
-        should.not.exists(user);
-      });
-    });
-  });
-});
--- a/test/services/total.test.js
+++ b/test/services/total.test.js
@@ -1,13 +1,22 @@
+/**!
+ * cnpmjs.org - test/services/total.test.js
+ *
+ * Copyright(c) fengmk2 and other contributors.
+ * MIT Licensed
+ *
+ * Authors:
+ *   fengmk2 <fengmk2@gmail.com> (http://fengmk2.github.com)
+ */
+
 'use strict';

+/**
+ * Module dependencies.
+ */
+
 var Total = require('../../services/total');
-var config = require('../../config');
-var utils = require('../utils');
-var mm = require('mm');

 describe('services/total.test.js', function () {
-  afterEach(mm.restore);
-
  describe('plusDeleteModule()', function () {
    it('should plus delete module count', function* () {
      var info = yield Total.getTotalInfo();
@@ -25,21 +34,9 @@ describe('services/total.test.js', function () {
  });

  describe('get()', function () {
-    it('should get all total info, enableTotalCount: true', function* () {
-      yield utils.createModule('test-services-total-get-enableTotalCount-true', '1.0.0');
+    it('should get all total info', function* () {
      var info = yield Total.get();
      info.disk_size.should.be.a.Number();
-      info.doc_count.should.above(0);
-      info.doc_version_count.should.above(0);
-    });
-
-    it('should get all total info, enableTotalCount: false', function* () {
-      mm(config, 'enableTotalCount', false);
-      yield utils.createModule('test-services-total-get-enableTotalCount-false', '1.0.0');
-      var info = yield Total.get();
-      info.disk_size.should.be.a.Number();
-      info.doc_count.should.equal(0);
-      info.doc_version_count.should.equal(0);
    });
  });

--- a/test/utils.js
+++ b/test/utils.js
@@ -5,7 +5,6 @@ var fs = require('fs');
 var mm = require('mm');
 var config = require('../config');
 var SyncModuleWorker = require('../controllers/sync_module_worker');
-var Package = require('../services/package');

 var fixtures = path.join(__dirname, 'fixtures');

@@ -31,7 +30,6 @@ var thirdUser = exports.thirdUser = 'cnpmjstest103';
 exports.thirdUserAuth = 'Basic ' + Buffer.from(thirdUser + ':' + thirdUser).toString('base64');

 var _pkg = fs.readFileSync(path.join(fixtures, 'package_and_tgz.json'));
-var _pkg2 = fs.readFileSync(path.join(fixtures, 'package_and_tgz_by_token.json'));

 exports.getPackage = function (name, version, user, tag, readme) {
  // name: mk2testmodule
@@ -59,29 +57,6 @@ exports.getPackage = function (name, version, user, tag, readme) {
  return pkg;
 };

-exports.getPackageWithToken = function (name, version, user, tag, readme) {
-  // name: mk2testmodule
-  name = name || 'mk2testmodule';
-  version = version || '0.0.1';
-  tag = tag || 'latest';
-  var tags = {};
-  tags[tag] = version;
-
-  var pkg = JSON.parse(_pkg2);
-  var versions = pkg.versions;
-  pkg.versions = {};
-  pkg.versions[version] = versions[Object.keys(versions)[0]];
-  pkg.versions[version].name = name;
-  pkg.versions[version].version = version;
-  pkg.versions[version]._id = name + '@' + version;
-  pkg.name = name;
-  pkg['dist-tags'] = tags;
-  if (readme) {
-    pkg.versions[version].readme = pkg.readme = readme;
-  }
-  return pkg;
-};
-
 exports.sync = function (name, callback) {
  mm(config, 'syncModel', 'all');
  var worker = new SyncModuleWorker({
@@ -99,29 +74,3 @@ exports.getFileContent = function (name) {
  var fixtures = path.join(__dirname, 'fixtures');
  return fs.readFileSync(path.join(fixtures, name), 'utf8');
 };
-
-exports.createModule = function* (name, version, user, tag) {
-  var sourcePackage = {
-    version: version,
-    name: name,
-    publish_time: Date.now(),
-  };
-  var mod = {
-    version: sourcePackage.version,
-    name: sourcePackage.name,
-    package: sourcePackage,
-    author: user || 'unittest',
-    publish_time: sourcePackage.publish_time,
-  };
-  var dist = {
-    tarball: 'http://registry.npmjs.org/' + name + '/-/' + name + '-' + version + '.tgz',
-    shasum: '9d7bc446e77963933301dd602d5731cb861135e0',
-    size: 100,
-  };
-  mod.package.dist = dist;
-  yield Package.saveModule(mod);
-  yield Package.saveModuleAbbreviated(mod);
-  // add tag
-  yield Package.addModuleTag(name, tag || 'latest', version);
-  return yield Package.getModule(mod.name, mod.version);
-}
--- a/view/web/layout.html
+++ b/view/web/layout.html
@@ -43,7 +43,6 @@
  </head>
  <body>
    <div class="container">
-      {{customHeader}}
      <header id="header">
        <div class="logo">
          <a href="/"><img src="{{logoURL}}"></a>
Author	SHA1	Message	Date
alsotang	173764b5cb	fix #1502 . fix #1479 . use utf8mb4 in sequelize. change column `version` to length 70	2019-08-30 16:27:17 +08:00
alsotang	7c65bc40ab	typo	2019-08-30 15:49:06 +08:00
				`@@ -1 +0,0 @@`
				{"_id":"mk2testmodule","name":"mk2testmodule","description":"","dist-tags":{"latest":"0.0.1"},"versions":{"0.0.1":{"name":"mk2testmodule","version":"0.0.1","description":"","main":"index.js","scripts":{"test":"echo \"Error: no test specified\" && exit 1"},"author":"","license":"ISC","readme":"ERROR: No README data found!","_id":"mk2testmodule@0.0.1","dist":{"shasum":"fa475605f88bab9b1127833633ca3ae0a477224c","tarball":"http://127.0.0.1:7001/mk2testmodule/-/mk2testmodule-0.0.1.tgz"},"_from":".","_npmVersion":"1.4.3","_npmUser":{"name":"fengmk2","email":"fengmk2@gmail.com"}}},"readme":"ERROR: No README data found!","_attachments":{"mk2testmodule-0.0.1.tgz":{"content_type":"application/octet-stream","data":"H4sIAAAAAAAAA+2SsWrDMBCGPfspDg2ZinOyEgeylg6Zu2YR8rVRHEtGkkOg5N0jWaFdujVQAv6W4/7/dHcSGqTq5Ccthxyro7emeDCI2KxWkOKmaaaIdc4TouZQ8FqgwI3AdVMgF8ijho9e5DdGH6SLq/y1T74LfMcn4asEYEb2xLbA+q4O5ENv2/FE7CVZZ3JeW5NcrLDiWW3JK6eHcHey2Es9Zdq0dIkfKau50EcjjYpCmpDKSB0s7Nmbc9ZtwVhIBviBlP7Q1O4ZLBZAFx2As3jyOnWTYzhY9zPzpBUZPy2/e39l5bX87wedmZmZeRJuheTX2wAIAAA=","length":251}}}