@akemona-org/strapi-plugin-users-permissions 3.7.0

package/documentation/1.0.0/overrides/users-permissions-User.json

@@ -0,0 +1,325 @@
+{
+  "paths": {
+    "/auth/local/register": {
+      "post": {
+        "tags": ["Authentication"],
+        "security": [],
+        "externalDocs": {
+          "description": "Find out more in the strapi's documentation",
+          "url": "https://strapi.akemona.com/documentation/developer-docs/latest/development/plugins/users-permissions.html#registration"
+        },
+        "responses": {
+          "200": {
+            "description": "Successfully register a user",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/Users-PermissionsRegisterResponse"
+                }
+              }
+            }
+          }
+        },
+        "requestBody": {
+          "description": "",
+          "required": true,
+          "content": {
+            "application/json": {
+              "schema": {
+                "required": ["username", "email", "password"],
+                "properties": {
+                  "username": {
+                    "type": "string",
+                    "minLength": 3
+                  },
+                  "email": {
+                    "type": "string",
+                    "minLength": 6
+                  },
+                  "password": {
+                    "type": "string",
+                    "minLength": 6
+                  }
+                }
+              }
+            }
+          }
+        }
+      }
+    },
+    "/auth/email-confirmation": {
+      "get": {
+        "tags": ["Authentication"],
+        "security": []
+      }
+    },
+    "/auth/send-email-confirmation": {
+      "post": {
+        "security": [],
+        "externalDocs": {
+          "description": "Find out more in the strapi's documentation",
+          "url": "https://strapi.akemona.com/documentation/developer-docs/latest/development/plugins/users-permissions.html#email-validation"
+        },
+        "responses": {
+          "200": {
+            "description": "Successfully sent email",
+            "content": {
+              "application/json": {
+                "email": {
+                  "type": "string"
+                },
+                "sent": {
+                  "type": "boolean"
+                }
+              }
+            }
+          }
+        },
+        "requestBody": {
+          "description": "",
+          "required": true,
+          "content": {
+            "application/json": {
+              "schema": {
+                "required": ["email"],
+                "properties": {
+                  "email": {
+                    "type": "string",
+                    "minLength": 6
+                  }
+                }
+              }
+            }
+          }
+        }
+      }
+    },
+    "/users-permissions/search/{id}": {
+      "get": {
+        "summary": "Retrieve a list of users by searching for their username or email",
+        "parameters": [
+          {
+            "name": "id",
+            "in": "path",
+            "description": "A string matching a user's email or username",
+            "deprecated": false,
+            "required": true,
+            "schema": {
+              "type": "string"
+            }
+          }
+        ]
+      }
+    },
+    "/connect/*": {
+      "get": {
+        "summary": "Authenticate your user with a custom provider",
+        "tags": ["Authentication"],
+        "security": [],
+        "parameters": [
+          {
+            "name": "provider",
+            "in": "path",
+            "required": true,
+            "deprecated": false,
+            "description": "The name of the provider you want to use",
+            "schema": {
+              "type": "string"
+            }
+          }
+        ],
+        "externalDocs": {
+          "description": "Find out more about the authentication flow in the strapi documentation",
+          "url": "https://strapi.akemona.com/documentation/developer-docs/latest/development/plugins/users-permissions.html#setting-up-the-provider-examples"
+        },
+        "responses": {
+          "200": {
+            "description": "Your user is redirected"
+          }
+        }
+      }
+    },
+    "/auth/local": {
+      "post": {
+        "externalDocs": {
+          "description": "Find out more in the strapi's documentation",
+          "url": "https://strapi.akemona.com/documentation/developer-docs/latest/development/plugins/users-permissions.html#login"
+        },
+        "tags": ["Authentication"],
+        "security": [],
+        "requestBody": {
+          "description": "The identifier param can either be an email or a username",
+          "content": {
+            "application/json": {
+              "schema": {
+                "required": ["identifier", "password"],
+                "properties": {
+                  "identifier": {
+                    "type": "string"
+                  },
+                  "password": {
+                    "type": "string"
+                  }
+                }
+              },
+              "example": {
+                "identifier": "strapi@akemona.com",
+                "password": "superSecure123"
+              }
+            }
+          }
+        },
+        "responses": {
+          "200": {
+            "description": "Response",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/Users-PermissionsRegisterResponse"
+                }
+              }
+            }
+          }
+        }
+      }
+    },
+    "/auth/{provider}/callback": {
+      "get": {
+        "tags": ["Authentication"],
+        "externalDocs": {
+          "description": "Find out more in the strapi's documentation",
+          "url": "https://strapi.akemona.com/documentation/developer-docs/latest/development/plugins/users-permissions.html#setting-up-the-provider-examples"
+        },
+        "parameters": [
+          {
+            "name": "provider",
+            "in": "path",
+            "description": "The provider used to authenticate your user",
+            "deprecated": false,
+            "required": true,
+            "schema": {
+              "type": "string"
+            }
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Successfull redirection after approving a provider",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/Users-PermissionsRegisterResponse"
+                }
+              }
+            }
+          }
+        }
+      }
+    },
+    "/auth/forgot-password": {
+      "post": {
+        "tags": ["Authentication"],
+        "security": [],
+        "summary": "Send an email to reset your password",
+        "externalDocs": {
+          "description": "Find out more in the strapi's documentation",
+          "url": "https://strapi.akemona.com/documentation/developer-docs/latest/development/plugins/users-permissions.html#forgotten-reset-password"
+        },
+        "requestBody": {
+          "description": "",
+          "required": true,
+          "content": {
+            "application/json": {
+              "schema": {
+                "properties": {
+                  "email": {
+                    "type": "string"
+                  },
+                  "url": {
+                    "type": "string"
+                  }
+                }
+              },
+              "example": {
+                "email": "strapi@akemona.com",
+                "url": "http://mon-site.com/rest-password"
+              }
+            }
+          }
+        },
+        "responses": {
+          "200": {
+            "description": "Email sent"
+          }
+        }
+      }
+    },
+    "/auth/reset-password": {
+      "post": {
+        "tags": ["Authentication"],
+        "security": [],
+        "responses": {
+          "200": {
+            "description": "response",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/Users-PermissionsRegisterResponse"
+                }
+              }
+            }
+          }
+        },
+        "requestBody": {
+          "description": "",
+          "required": true,
+          "content": {
+            "application/json": {
+              "schema": {
+                "required": ["code", "password", "passwordConfirmation"],
+                "properties": {
+                  "code": {
+                    "type": "string"
+                  },
+                  "password": {
+                    "type": "string"
+                  },
+                  "passwordConfirmation": {
+                    "type": "string"
+                  }
+                }
+              }
+            }
+          }
+        }
+      }
+    }
+  },
+  "components": {
+    "schemas": {
+      "Users-PermissionsRegisterResponse": {
+        "properties": {
+          "jwt": {
+            "type": "string"
+          },
+          "user": {
+            "$ref": "#/components/schemas/Users-PermissionsUser"
+          }
+        }
+      }
+    }
+  },
+  "tags": [
+    {
+      "name": "Authentication",
+      "description": "All the routes related to the authentication",
+      "externalDocs": {
+        "description": "Find out more in strapi's documentation",
+        "url": "https://strapi.akemona.com/documentation/developer-docs/latest/development/plugins/users-permissions.html"
+      }
+    },
+    {
+      "name": "Users-Permissions - User"
+    }
+  ]
+}

package/middlewares/users-permissions/defaults.json

@@ -0,0 +1,5 @@
+{
+  "users-permissions": {
+    "enabled": true
+  }
+}

package/middlewares/users-permissions/index.js

@@ -0,0 +1,40 @@
+'use strict';
+
+/**
+ * Module dependencies
+ */
+
+// Public node modules.
+const _ = require('lodash');
+
+module.exports = strapi => {
+  return {
+    beforeInitialize() {
+      strapi.config.middleware.load.before.unshift('users-permissions');
+    },
+
+    initialize() {
+      _.forEach(strapi.admin.config.routes, value => {
+        if (_.get(value.config, 'policies')) {
+          value.config.policies.unshift('plugins::users-permissions.permissions');
+        }
+      });
+
+      _.forEach(strapi.config.routes, value => {
+        if (_.get(value.config, 'policies')) {
+          value.config.policies.unshift('plugins::users-permissions.permissions');
+        }
+      });
+
+      if (strapi.plugins) {
+        _.forEach(strapi.plugins, plugin => {
+          _.forEach(plugin.config.routes, value => {
+            if (_.get(value.config, 'policies')) {
+              value.config.policies.unshift('plugins::users-permissions.permissions');
+            }
+          });
+        });
+      }
+    },
+  };
+};

package/models/Permission.js

@@ -0,0 +1,7 @@
+'use strict';
+
+/**
+ * Lifecycle callbacks for the `Permission` model.
+ */
+
+module.exports = {};

package/models/Permission.settings.json

@@ -0,0 +1,43 @@
+{
+  "info": {
+    "name": "permission",
+    "description": ""
+  },
+  "pluginOptions": {
+    "content-manager": {
+      "visible": false
+    }
+  },
+  "attributes": {
+    "type": {
+      "type": "string",
+      "required": true,
+      "configurable": false
+    },
+    "controller": {
+      "type": "string",
+      "required": true,
+      "configurable": false
+    },
+    "action": {
+      "type": "string",
+      "required": true,
+      "configurable": false
+    },
+    "enabled": {
+      "type": "boolean",
+      "required": true,
+      "configurable": false
+    },
+    "policy": {
+      "type": "string",
+      "configurable": false
+    },
+    "role": {
+      "model": "role",
+      "via": "permissions",
+      "plugin": "users-permissions",
+      "configurable": false
+    }
+  }
+}

package/models/Role.js

@@ -0,0 +1,7 @@
+'use strict';
+
+/**
+ * Lifecycle callbacks for the `Role` model.
+ */
+
+module.exports = {};

package/models/Role.settings.json

@@ -0,0 +1,42 @@
+{
+  "info": {
+    "name": "role",
+    "description": ""
+  },
+  "pluginOptions": {
+    "content-manager": {
+      "visible": false
+    }
+  },
+  "attributes": {
+    "name": {
+      "type": "string",
+      "minLength": 3,
+      "required": true,
+      "configurable": false
+    },
+    "description": {
+      "type": "string",
+      "configurable": false
+    },
+    "type": {
+      "type": "string",
+      "unique": true,
+      "configurable": false
+    },
+    "permissions": {
+      "collection": "permission",
+      "via": "role",
+      "plugin": "users-permissions",
+      "configurable": false,
+      "isVirtual": true
+    },
+    "users": {
+      "collection": "user",
+      "via": "role",
+      "configurable": false,
+      "plugin": "users-permissions"
+    }
+  },
+  "collectionName": "users-permissions_role"
+}

package/models/User.config.js

@@ -0,0 +1,15 @@
+'use strict';
+
+module.exports = {
+  attributes: {
+    resetPasswordToken: {
+      hidden: true,
+    },
+    confirmationToken: {
+      hidden: true,
+    },
+    provider: {
+      hidden: true,
+    },
+  },
+};

package/models/User.js

@@ -0,0 +1,7 @@
+'use strict';
+
+/**
+ * Lifecycle callbacks for the `User` model.
+ */
+
+module.exports = {};

package/models/User.settings.json

@@ -0,0 +1,62 @@
+{
+  "collectionName": "users-permissions_user",
+  "info": {
+    "name": "user",
+    "description": ""
+  },
+  "options": {
+    "draftAndPublish": false,
+    "timestamps": true
+  },
+  "attributes": {
+    "username": {
+      "type": "string",
+      "minLength": 3,
+      "unique": true,
+      "configurable": false,
+      "required": true
+    },
+    "email": {
+      "type": "email",
+      "minLength": 6,
+      "configurable": false,
+      "required": true
+    },
+    "provider": {
+      "type": "string",
+      "configurable": false
+    },
+    "password": {
+      "type": "password",
+      "minLength": 6,
+      "configurable": false,
+      "private": true
+    },
+    "resetPasswordToken": {
+      "type": "string",
+      "configurable": false,
+      "private": true
+    },
+    "confirmationToken": {
+      "type": "string",
+      "configurable": false,
+      "private": true
+    },
+    "confirmed": {
+      "type": "boolean",
+      "default": false,
+      "configurable": false
+    },
+    "blocked": {
+      "type": "boolean",
+      "default": false,
+      "configurable": false
+    },
+    "role": {
+      "model": "role",
+      "via": "users",
+      "plugin": "users-permissions",
+      "configurable": false
+    }
+  }
+}

package/package.json

@@ -0,0 +1,70 @@
+{
+  "name": "@akemona-org/strapi-plugin-users-permissions",
+  "publishConfig": {
+    "access": "public"
+  },
+  "version": "3.7.0",
+  "description": "Protect your API with a full-authentication process based on JWT",
+  "strapi": {
+    "name": "Roles & Permissions",
+    "icon": "users",
+    "description": "users-permissions.plugin.description",
+    "required": true
+  },
+  "scripts": {
+    "test": "echo \"no tests yet\""
+  },
+  "dependencies": {
+    "@akemona-org/strapi-helper-plugin": "3.7.0",
+    "@akemona-org/strapi-utils": "3.7.0",
+    "@buffetjs/core": "3.3.8",
+    "@buffetjs/custom": "3.3.8",
+    "@buffetjs/hooks": "3.3.8",
+    "@buffetjs/icons": "3.3.8",
+    "@buffetjs/styles": "3.3.8",
+    "@buffetjs/utils": "3.3.8",
+    "@purest/providers": "^1.0.2",
+    "bcryptjs": "^2.4.3",
+    "grant-koa": "5.4.8",
+    "immutable": "^3.8.2",
+    "jsonwebtoken": "^8.1.0",
+    "koa2-ratelimit": "1.1.2",
+    "lodash": "4.17.21",
+    "purest": "3.1.0",
+    "react": "^16.14.0",
+    "react-dom": "^16.9.0",
+    "react-intl": "4.5.0",
+    "react-redux": "7.2.3",
+    "react-router": "^5.2.0",
+    "react-router-dom": "^5.0.0",
+    "reactstrap": "8.4.1",
+    "redux-saga": "^0.16.0",
+    "request": "^2.83.0",
+    "uuid": "^3.1.0"
+  },
+  "devDependencies": {
+    "koa": "^2.13.1"
+  },
+  "author": {
+    "name": "Akemona team",
+    "email": "strapi@akemona.com",
+    "url": "https://strapi.akemona.com"
+  },
+  "maintainers": [
+    {
+      "name": "Akemona team",
+      "email": "strapi@akemona.com",
+      "url": "https://strapi.akemona.com"
+    }
+  ],
+  "repository": {
+    "type": "git",
+    "url": "git://github.com/akemona/strapi.git"
+  },
+  "engines": {
+    "node": ">=10.16.0 <=14.x.x",
+    "npm": ">=6.0.0"
+  },
+  "license": "SEE LICENSE IN LICENSE",
+  "gitHead": "129a8d6191b55810fd66448dcc47fee829df986c"
+}

package/services/Jwt.js

@@ -0,0 +1,65 @@
+'use strict';
+
+/**
+ * Jwt.js service
+ *
+ * @description: A set of functions similar to controller's actions to avoid code duplication.
+ */
+
+const _ = require('lodash');
+const jwt = require('jsonwebtoken');
+
+module.exports = {
+  getToken(ctx) {
+    const params = _.assign({}, ctx.request.body, ctx.request.query);
+
+    let token = '';
+
+    if (ctx.request && ctx.request.header && ctx.request.header.authorization) {
+      const parts = ctx.request.header.authorization.split(' ');
+
+      if (parts.length === 2) {
+        const scheme = parts[0];
+        const credentials = parts[1];
+        if (/^Bearer$/i.test(scheme)) {
+          token = credentials;
+        }
+      } else {
+        throw new Error(
+          'Invalid authorization header format. Format is Authorization: Bearer [token]'
+        );
+      }
+    } else if (params.token) {
+      token = params.token;
+    } else {
+      throw new Error('No authorization header was found');
+    }
+
+    return this.verify(token);
+  },
+
+  issue(payload, jwtOptions = {}) {
+    _.defaults(jwtOptions, strapi.plugins['users-permissions'].config.jwt);
+    return jwt.sign(
+      _.clone(payload.toJSON ? payload.toJSON() : payload),
+      _.get(strapi.plugins, ['users-permissions', 'config', 'jwtSecret']),
+      jwtOptions
+    );
+  },
+
+  verify(token) {
+    return new Promise(function(resolve, reject) {
+      jwt.verify(
+        token,
+        _.get(strapi.plugins, ['users-permissions', 'config', 'jwtSecret']),
+        {},
+        function(err, tokenPayload = {}) {
+          if (err) {
+            return reject(new Error('Invalid token.'));
+          }
+          resolve(tokenPayload);
+        }
+      );
+    });
+  },
+};