@strapi/admin 5.49.0 → 5.50.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/admin/admin/src/components/ErrorElement.js +97 -2
- package/dist/admin/admin/src/components/ErrorElement.js.map +1 -1
- package/dist/admin/admin/src/components/ErrorElement.mjs +99 -4
- package/dist/admin/admin/src/components/ErrorElement.mjs.map +1 -1
- package/dist/admin/admin/src/components/FormInputs/Boolean.js +3 -2
- package/dist/admin/admin/src/components/FormInputs/Boolean.js.map +1 -1
- package/dist/admin/admin/src/components/FormInputs/Boolean.mjs +3 -2
- package/dist/admin/admin/src/components/FormInputs/Boolean.mjs.map +1 -1
- package/dist/admin/admin/src/components/LazyOutlet.js +57 -0
- package/dist/admin/admin/src/components/LazyOutlet.js.map +1 -0
- package/dist/admin/admin/src/components/LazyOutlet.mjs +35 -0
- package/dist/admin/admin/src/components/LazyOutlet.mjs.map +1 -0
- package/dist/admin/admin/src/components/MainNav/NavUser.js +10 -0
- package/dist/admin/admin/src/components/MainNav/NavUser.js.map +1 -1
- package/dist/admin/admin/src/components/MainNav/NavUser.mjs +10 -0
- package/dist/admin/admin/src/components/MainNav/NavUser.mjs.map +1 -1
- package/dist/admin/admin/src/components/RelativeTime.js +3 -2
- package/dist/admin/admin/src/components/RelativeTime.js.map +1 -1
- package/dist/admin/admin/src/components/RelativeTime.mjs +3 -2
- package/dist/admin/admin/src/components/RelativeTime.mjs.map +1 -1
- package/dist/admin/admin/src/core/apis/router.js +19 -17
- package/dist/admin/admin/src/core/apis/router.js.map +1 -1
- package/dist/admin/admin/src/core/apis/router.mjs +19 -17
- package/dist/admin/admin/src/core/apis/router.mjs.map +1 -1
- package/dist/admin/admin/src/hooks/useQueryParams.js +0 -1
- package/dist/admin/admin/src/hooks/useQueryParams.js.map +1 -1
- package/dist/admin/admin/src/hooks/useQueryParams.mjs +0 -1
- package/dist/admin/admin/src/hooks/useQueryParams.mjs.map +1 -1
- package/dist/admin/admin/src/layouts/AuthenticatedLayout.js +4 -2
- package/dist/admin/admin/src/layouts/AuthenticatedLayout.js.map +1 -1
- package/dist/admin/admin/src/layouts/AuthenticatedLayout.mjs +4 -2
- package/dist/admin/admin/src/layouts/AuthenticatedLayout.mjs.map +1 -1
- package/dist/admin/admin/src/pages/Auth/AuthPage.js +3 -2
- package/dist/admin/admin/src/pages/Auth/AuthPage.js.map +1 -1
- package/dist/admin/admin/src/pages/Auth/AuthPage.mjs +3 -2
- package/dist/admin/admin/src/pages/Auth/AuthPage.mjs.map +1 -1
- package/dist/admin/admin/src/pages/SessionsPage.js +318 -0
- package/dist/admin/admin/src/pages/SessionsPage.js.map +1 -0
- package/dist/admin/admin/src/pages/SessionsPage.mjs +296 -0
- package/dist/admin/admin/src/pages/SessionsPage.mjs.map +1 -0
- package/dist/admin/admin/src/pages/Settings/Layout.js +4 -1
- package/dist/admin/admin/src/pages/Settings/Layout.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/Layout.mjs +5 -2
- package/dist/admin/admin/src/pages/Settings/Layout.mjs.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/ApplicationInfo/ApplicationInfoPage.js +1 -0
- package/dist/admin/admin/src/pages/Settings/pages/ApplicationInfo/ApplicationInfoPage.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/ApplicationInfo/ApplicationInfoPage.mjs +1 -0
- package/dist/admin/admin/src/pages/Settings/pages/ApplicationInfo/ApplicationInfoPage.mjs.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/CreatePage.js +7 -0
- package/dist/admin/admin/src/pages/Settings/pages/Roles/CreatePage.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/CreatePage.mjs +7 -0
- package/dist/admin/admin/src/pages/Settings/pages/Roles/CreatePage.mjs.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/EditPage.js +7 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/EditPage.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/EditPage.mjs +7 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/EditPage.mjs.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/CollapsePropertyMatrix.js +34 -0
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/CollapsePropertyMatrix.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/CollapsePropertyMatrix.mjs +34 -0
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/CollapsePropertyMatrix.mjs.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/Permissions.js +38 -2
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/Permissions.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/Permissions.mjs +38 -2
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/Permissions.mjs.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/forms.js +18 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/forms.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/forms.mjs +18 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/forms.mjs.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/localePermissionValidation.js +59 -0
- package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/localePermissionValidation.js.map +1 -0
- package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/localePermissionValidation.mjs +52 -0
- package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/localePermissionValidation.mjs.map +1 -0
- package/dist/admin/admin/src/router.js +9 -0
- package/dist/admin/admin/src/router.js.map +1 -1
- package/dist/admin/admin/src/router.mjs +9 -0
- package/dist/admin/admin/src/router.mjs.map +1 -1
- package/dist/admin/admin/src/services/auth.js +43 -2
- package/dist/admin/admin/src/services/auth.js.map +1 -1
- package/dist/admin/admin/src/services/auth.mjs +41 -3
- package/dist/admin/admin/src/services/auth.mjs.map +1 -1
- package/dist/admin/admin/src/translations/en.json.js +22 -0
- package/dist/admin/admin/src/translations/en.json.js.map +1 -1
- package/dist/admin/admin/src/translations/en.json.mjs +22 -0
- package/dist/admin/admin/src/translations/en.json.mjs.map +1 -1
- package/dist/admin/admin/src/translations/ja.json.js +748 -265
- package/dist/admin/admin/src/translations/ja.json.js.map +1 -1
- package/dist/admin/admin/src/translations/ja.json.mjs +745 -266
- package/dist/admin/admin/src/translations/ja.json.mjs.map +1 -1
- package/dist/admin/admin/src/translations/languageNativeNames.js +1 -0
- package/dist/admin/admin/src/translations/languageNativeNames.js.map +1 -1
- package/dist/admin/admin/src/translations/languageNativeNames.mjs +1 -0
- package/dist/admin/admin/src/translations/languageNativeNames.mjs.map +1 -1
- package/dist/admin/admin/src/utils/retryDynamicImport.js +85 -0
- package/dist/admin/admin/src/utils/retryDynamicImport.js.map +1 -0
- package/dist/admin/admin/src/utils/retryDynamicImport.mjs +80 -0
- package/dist/admin/admin/src/utils/retryDynamicImport.mjs.map +1 -0
- package/dist/admin/admin/tests/server.js +25 -0
- package/dist/admin/admin/tests/server.js.map +1 -1
- package/dist/admin/admin/tests/server.mjs +25 -0
- package/dist/admin/admin/tests/server.mjs.map +1 -1
- package/dist/admin/index.js +2 -0
- package/dist/admin/index.js.map +1 -1
- package/dist/admin/index.mjs +1 -0
- package/dist/admin/index.mjs.map +1 -1
- package/dist/admin/src/StrapiApp.d.ts +5 -5
- package/dist/admin/src/components/FormInputs/Boolean.d.ts +0 -1
- package/dist/admin/src/components/FormInputs/Checkbox.d.ts +0 -1
- package/dist/admin/src/components/FormInputs/DateTime.d.ts +0 -1
- package/dist/admin/src/components/FormInputs/Email.d.ts +0 -1
- package/dist/admin/src/components/FormInputs/Enumeration.d.ts +0 -1
- package/dist/admin/src/components/FormInputs/Number.d.ts +0 -1
- package/dist/admin/src/components/FormInputs/Password.d.ts +0 -1
- package/dist/admin/src/components/FormInputs/Renderer.d.ts +0 -1
- package/dist/admin/src/components/FormInputs/String.d.ts +0 -1
- package/dist/admin/src/components/FormInputs/Textarea.d.ts +0 -1
- package/dist/admin/src/components/FormInputs/Time.d.ts +0 -1
- package/dist/admin/src/components/GuidedTour/GuidedTourProvider.d.ts +0 -1
- package/dist/admin/src/components/LazyOutlet.d.ts +20 -0
- package/dist/admin/src/components/MainNav/MainNav.d.ts +1 -1
- package/dist/admin/src/components/MainNav/NavUser.d.ts +0 -1
- package/dist/admin/src/components/SubNav.d.ts +5 -6
- package/dist/admin/src/core/apis/Plugin.d.ts +1 -1
- package/dist/admin/src/core/apis/Widgets.d.ts +0 -1
- package/dist/admin/src/core/apis/router.d.ts +1 -1
- package/dist/admin/src/core/store/configure.d.ts +2 -2
- package/dist/admin/src/core/utils/createHook.d.ts +4 -4
- package/dist/admin/src/features/AppInfo.d.ts +1 -2
- package/dist/admin/src/features/StrapiApp.d.ts +1 -2
- package/dist/admin/src/hooks/useAPIErrorHandler.d.ts +1 -1
- package/dist/admin/src/hooks/useAdminRoles.d.ts +2 -2
- package/dist/admin/src/hooks/useFetchClient.d.ts +1 -1
- package/dist/admin/src/hooks/usePersistentState.d.ts +0 -1
- package/dist/admin/src/hooks/useQueryParams.d.ts +1 -1
- package/dist/admin/src/hooks/useThrottledCallback.d.ts +0 -1
- package/dist/admin/src/index.d.ts +1 -0
- package/dist/admin/src/layouts/UnauthenticatedLayout.d.ts +2 -2
- package/dist/admin/src/pages/SessionsPage.d.ts +2 -0
- package/dist/admin/src/pages/Settings/pages/Roles/components/CollapseLabel.d.ts +2 -3
- package/dist/admin/src/pages/Settings/pages/Roles/components/ConditionsButton.d.ts +2 -2
- package/dist/admin/src/pages/Settings/pages/Roles/components/HiddenAction.d.ts +0 -1
- package/dist/admin/src/pages/Settings/pages/Roles/components/Permissions.d.ts +2 -0
- package/dist/admin/src/pages/Settings/pages/Roles/utils/forms.d.ts +1 -1
- package/dist/admin/src/pages/Settings/pages/Roles/utils/localePermissionValidation.d.ts +5 -0
- package/dist/admin/src/pages/Settings/pages/Roles/utils/permissions.d.ts +3 -1
- package/dist/admin/src/pages/Settings/pages/Webhooks/hooks/useWebhooks.d.ts +8 -8
- package/dist/admin/src/reducer.d.ts +1 -1
- package/dist/admin/src/services/admin.d.ts +2 -2
- package/dist/admin/src/services/api.d.ts +1 -1
- package/dist/admin/src/services/apiTokens.d.ts +1 -1
- package/dist/admin/src/services/auth.d.ts +29 -27
- package/dist/admin/src/services/contentApi.d.ts +1 -1
- package/dist/admin/src/services/users.d.ts +7 -7
- package/dist/admin/src/services/webhooks.d.ts +2 -2
- package/dist/admin/src/translations/languageNativeNames.d.ts +1 -0
- package/dist/admin/src/utils/locales.d.ts +0 -1
- package/dist/admin/src/utils/retryDynamicImport.d.ts +19 -0
- package/dist/admin/src/utils/shims.d.ts +1 -1
- package/dist/admin/tests/store.d.ts +4 -4
- package/dist/admin/tests/utils.d.ts +5 -5
- package/dist/ee/admin/src/pages/SettingsPage/pages/AuditLogs/utils/getDisplayedFilters.d.ts +1 -1
- package/dist/ee/admin/src/services/ai.d.ts +2 -2
- package/dist/ee/server/src/audit-logs/services/audit-logs.d.ts +1 -1
- package/dist/ee/server/src/audit-logs/services/audit-logs.d.ts.map +1 -1
- package/dist/ee/server/src/audit-logs/services/lifecycles.d.ts +3 -3
- package/dist/ee/server/src/audit-logs/services/lifecycles.d.ts.map +1 -1
- package/dist/ee/server/src/audit-logs/validation/audit-logs.d.ts +2 -2
- package/dist/ee/server/src/audit-logs/validation/audit-logs.d.ts.map +1 -1
- package/dist/ee/server/src/bootstrap.d.ts.map +1 -1
- package/dist/ee/server/src/controllers/authentication-utils/utils.d.ts +30 -31
- package/dist/ee/server/src/controllers/authentication-utils/utils.d.ts.map +1 -1
- package/dist/ee/server/src/controllers/index.d.ts +1 -2
- package/dist/ee/server/src/controllers/index.d.ts.map +1 -1
- package/dist/ee/server/src/controllers/user.d.ts +1 -1
- package/dist/ee/server/src/destroy.d.ts.map +1 -1
- package/dist/ee/server/src/index.d.ts +2 -3
- package/dist/ee/server/src/index.d.ts.map +1 -1
- package/dist/ee/server/src/register.d.ts.map +1 -1
- package/dist/ee/server/src/routes/utils.d.ts.map +1 -1
- package/dist/ee/server/src/services/auth.d.ts.map +1 -1
- package/dist/ee/server/src/services/index.d.ts +1 -1
- package/dist/ee/server/src/services/metrics.d.ts.map +1 -1
- package/dist/ee/server/src/services/passport/sso.d.ts.map +1 -1
- package/dist/ee/server/src/services/persist-tables.d.ts +1 -1
- package/dist/ee/server/src/services/persist-tables.d.ts.map +1 -1
- package/dist/ee/server/src/services/role.d.ts.map +1 -1
- package/dist/ee/server/src/services/user.d.ts.map +1 -1
- package/dist/ee/server/src/utils/index.d.ts.map +1 -1
- package/dist/ee/server/src/utils/sso-lock.d.ts.map +1 -1
- package/dist/ee/server/src/validation/authentication.d.ts +2 -2
- package/dist/ee/server/src/validation/role.d.ts +6 -6
- package/dist/ee/server/src/validation/role.d.ts.map +1 -1
- package/dist/ee/server/src/validation/user.d.ts.map +1 -1
- package/dist/server/server/src/content-types/session.js +6 -0
- package/dist/server/server/src/content-types/session.js.map +1 -1
- package/dist/server/server/src/content-types/session.mjs +6 -0
- package/dist/server/server/src/content-types/session.mjs.map +1 -1
- package/dist/server/server/src/controllers/admin.js.map +1 -1
- package/dist/server/server/src/controllers/admin.mjs.map +1 -1
- package/dist/server/server/src/controllers/authenticated-session.js +61 -0
- package/dist/server/server/src/controllers/authenticated-session.js.map +1 -0
- package/dist/server/server/src/controllers/authenticated-session.mjs +59 -0
- package/dist/server/server/src/controllers/authenticated-session.mjs.map +1 -0
- package/dist/server/server/src/controllers/authentication.js +11 -4
- package/dist/server/server/src/controllers/authentication.js.map +1 -1
- package/dist/server/server/src/controllers/authentication.mjs +12 -5
- package/dist/server/server/src/controllers/authentication.mjs.map +1 -1
- package/dist/server/server/src/controllers/index.js +2 -0
- package/dist/server/server/src/controllers/index.js.map +1 -1
- package/dist/server/server/src/controllers/index.mjs +2 -0
- package/dist/server/server/src/controllers/index.mjs.map +1 -1
- package/dist/server/server/src/controllers/role.js +2 -4
- package/dist/server/server/src/controllers/role.js.map +1 -1
- package/dist/server/server/src/controllers/role.mjs +2 -4
- package/dist/server/server/src/controllers/role.mjs.map +1 -1
- package/dist/server/server/src/routes/serve-admin-panel.js +1 -1
- package/dist/server/server/src/routes/serve-admin-panel.js.map +1 -1
- package/dist/server/server/src/routes/serve-admin-panel.mjs +1 -1
- package/dist/server/server/src/routes/serve-admin-panel.mjs.map +1 -1
- package/dist/server/server/src/routes/users.js +12 -26
- package/dist/server/server/src/routes/users.js.map +1 -1
- package/dist/server/server/src/routes/users.mjs +12 -26
- package/dist/server/server/src/routes/users.mjs.map +1 -1
- package/dist/server/server/src/services/permission/permissions-manager/sanitize.js +0 -2
- package/dist/server/server/src/services/permission/permissions-manager/sanitize.js.map +1 -1
- package/dist/server/server/src/services/permission/permissions-manager/sanitize.mjs +0 -2
- package/dist/server/server/src/services/permission/permissions-manager/sanitize.mjs.map +1 -1
- package/dist/server/server/src/services/role.js +2 -1
- package/dist/server/server/src/services/role.js.map +1 -1
- package/dist/server/server/src/services/role.mjs +2 -1
- package/dist/server/server/src/services/role.mjs.map +1 -1
- package/dist/server/server/src/strategies/admin.js +4 -0
- package/dist/server/server/src/strategies/admin.js.map +1 -1
- package/dist/server/server/src/strategies/admin.mjs +4 -0
- package/dist/server/server/src/strategies/admin.mjs.map +1 -1
- package/dist/server/src/ai/controllers/ai.d.ts +3 -3
- package/dist/server/src/ai/services/ai.d.ts.map +1 -1
- package/dist/server/src/bootstrap.d.ts.map +1 -1
- package/dist/server/src/config/admin-conditions.d.ts +2 -2
- package/dist/server/src/config/admin-conditions.d.ts.map +1 -1
- package/dist/server/src/content-types/index.d.ts +6 -0
- package/dist/server/src/content-types/index.d.ts.map +1 -1
- package/dist/server/src/content-types/session.d.ts +6 -0
- package/dist/server/src/content-types/session.d.ts.map +1 -1
- package/dist/server/src/controllers/admin-token.d.ts +5 -5
- package/dist/server/src/controllers/api-token.d.ts +1 -1
- package/dist/server/src/controllers/authenticated-session.d.ts +8 -0
- package/dist/server/src/controllers/authenticated-session.d.ts.map +1 -0
- package/dist/server/src/controllers/authenticated-user.d.ts +1 -1
- package/dist/server/src/controllers/authentication.d.ts +4 -4
- package/dist/server/src/controllers/authentication.d.ts.map +1 -1
- package/dist/server/src/controllers/formatters/conditions.d.ts +0 -1
- package/dist/server/src/controllers/formatters/conditions.d.ts.map +1 -1
- package/dist/server/src/controllers/formatters/format-actions-by-sections.d.ts.map +1 -1
- package/dist/server/src/controllers/homepage.d.ts +2 -2
- package/dist/server/src/controllers/homepage.d.ts.map +1 -1
- package/dist/server/src/controllers/index.d.ts +33 -43
- package/dist/server/src/controllers/index.d.ts.map +1 -1
- package/dist/server/src/controllers/role.d.ts +4 -4
- package/dist/server/src/controllers/transfer/runner.d.ts +4 -4
- package/dist/server/src/controllers/transfer/runner.d.ts.map +1 -1
- package/dist/server/src/controllers/transfer/token.d.ts +1 -1
- package/dist/server/src/controllers/user.d.ts +2 -2
- package/dist/server/src/controllers/webhooks.d.ts +4 -4
- package/dist/server/src/domain/action/index.d.ts +4 -65
- package/dist/server/src/domain/action/index.d.ts.map +1 -1
- package/dist/server/src/domain/action/provider.d.ts +30 -3
- package/dist/server/src/domain/action/provider.d.ts.map +1 -1
- package/dist/server/src/domain/condition/index.d.ts.map +1 -1
- package/dist/server/src/domain/condition/provider.d.ts +19 -2
- package/dist/server/src/domain/condition/provider.d.ts.map +1 -1
- package/dist/server/src/domain/permission/index.d.ts +0 -1
- package/dist/server/src/domain/permission/index.d.ts.map +1 -1
- package/dist/server/src/domain/user.d.ts.map +1 -1
- package/dist/server/src/index.d.ts +51 -63
- package/dist/server/src/index.d.ts.map +1 -1
- package/dist/server/src/middlewares/data-transfer.d.ts.map +1 -1
- package/dist/server/src/middlewares/index.d.ts +0 -1
- package/dist/server/src/middlewares/index.d.ts.map +1 -1
- package/dist/server/src/middlewares/rateLimit.d.ts.map +1 -1
- package/dist/server/src/policies/hasPermissions.d.ts.map +1 -1
- package/dist/server/src/policies/index.d.ts.map +1 -1
- package/dist/server/src/policies/isAuthenticatedAdmin.d.ts.map +1 -1
- package/dist/server/src/policies/isTelemetryEnabled.d.ts.map +1 -1
- package/dist/server/src/register.d.ts.map +1 -1
- package/dist/server/src/routes/index.d.ts +0 -1
- package/dist/server/src/routes/index.d.ts.map +1 -1
- package/dist/server/src/routes/serve-admin-panel.d.ts.map +1 -1
- package/dist/server/src/routes/transfer.d.ts +0 -1
- package/dist/server/src/routes/transfer.d.ts.map +1 -1
- package/dist/server/src/routes/users.d.ts.map +1 -1
- package/dist/server/src/services/action.d.ts.map +1 -1
- package/dist/server/src/services/api-token.d.ts +5 -6
- package/dist/server/src/services/api-token.d.ts.map +1 -1
- package/dist/server/src/services/auth.d.ts.map +1 -1
- package/dist/server/src/services/condition.d.ts.map +1 -1
- package/dist/server/src/services/content-type.d.ts.map +1 -1
- package/dist/server/src/services/encryption.d.ts.map +1 -1
- package/dist/server/src/services/homepage.d.ts.map +1 -1
- package/dist/server/src/services/index.d.ts +12 -21
- package/dist/server/src/services/index.d.ts.map +1 -1
- package/dist/server/src/services/metrics.d.ts.map +1 -1
- package/dist/server/src/services/passport/local-strategy.d.ts.map +1 -1
- package/dist/server/src/services/passport.d.ts +0 -1
- package/dist/server/src/services/passport.d.ts.map +1 -1
- package/dist/server/src/services/permission/engine.d.ts +1 -2
- package/dist/server/src/services/permission/engine.d.ts.map +1 -1
- package/dist/server/src/services/permission/permissions-manager/index.d.ts +5 -5
- package/dist/server/src/services/permission/permissions-manager/index.d.ts.map +1 -1
- package/dist/server/src/services/permission/permissions-manager/permission-fields.d.ts.map +1 -1
- package/dist/server/src/services/permission/permissions-manager/query-builders.d.ts.map +1 -1
- package/dist/server/src/services/permission/permissions-manager/sanitize.d.ts +3 -3
- package/dist/server/src/services/permission/permissions-manager/sanitize.d.ts.map +1 -1
- package/dist/server/src/services/permission/permissions-manager/validate.d.ts.map +1 -1
- package/dist/server/src/services/permission/queries.d.ts.map +1 -1
- package/dist/server/src/services/permission/sections-builder/builder.d.ts +4 -4
- package/dist/server/src/services/permission/sections-builder/builder.d.ts.map +1 -1
- package/dist/server/src/services/permission/sections-builder/handlers.d.ts.map +1 -1
- package/dist/server/src/services/permission/sections-builder/index.d.ts +4 -4
- package/dist/server/src/services/permission/sections-builder/section.d.ts.map +1 -1
- package/dist/server/src/services/permission/sections-builder/utils.d.ts +0 -1
- package/dist/server/src/services/permission/sections-builder/utils.d.ts.map +1 -1
- package/dist/server/src/services/permission.d.ts +13 -38
- package/dist/server/src/services/permission.d.ts.map +1 -1
- package/dist/server/src/services/project-settings.d.ts +2 -4
- package/dist/server/src/services/project-settings.d.ts.map +1 -1
- package/dist/server/src/services/role.d.ts +7 -1
- package/dist/server/src/services/role.d.ts.map +1 -1
- package/dist/server/src/services/token.d.ts +1 -1
- package/dist/server/src/services/token.d.ts.map +1 -1
- package/dist/server/src/services/transfer/token.d.ts +11 -11
- package/dist/server/src/services/transfer/token.d.ts.map +1 -1
- package/dist/server/src/services/user.d.ts +3 -3
- package/dist/server/src/services/user.d.ts.map +1 -1
- package/dist/server/src/strategies/admin-token.d.ts +4 -4
- package/dist/server/src/strategies/admin-token.d.ts.map +1 -1
- package/dist/server/src/strategies/admin.d.ts.map +1 -1
- package/dist/server/src/strategies/api-token-utils.d.ts.map +1 -1
- package/dist/server/src/strategies/content-api-token.d.ts.map +1 -1
- package/dist/server/src/strategies/data-transfer.d.ts.map +1 -1
- package/dist/server/src/utils/normalize-email.d.ts.map +1 -1
- package/dist/server/src/validation/action-provider.d.ts +2 -2
- package/dist/server/src/validation/action-provider.d.ts.map +1 -1
- package/dist/server/src/validation/admin-tokens.d.ts +2 -2
- package/dist/server/src/validation/api-tokens.d.ts +4 -4
- package/dist/server/src/validation/authentication/forgot-password.d.ts +1 -1
- package/dist/server/src/validation/authentication/login.d.ts +1 -1
- package/dist/server/src/validation/authentication/register.d.ts +6 -6
- package/dist/server/src/validation/authentication/register.d.ts.map +1 -1
- package/dist/server/src/validation/authentication/reset-password.d.ts +1 -1
- package/dist/server/src/validation/common-functions/check-fields-are-correctly-nested.d.ts.map +1 -1
- package/dist/server/src/validation/common-functions/check-fields-dont-have-duplicates.d.ts.map +1 -1
- package/dist/server/src/validation/common-validators.d.ts.map +1 -1
- package/dist/server/src/validation/permission.d.ts +6 -6
- package/dist/server/src/validation/permission.d.ts.map +1 -1
- package/dist/server/src/validation/policies/hasPermissions.d.ts +2 -2
- package/dist/server/src/validation/project-settings.d.ts +6 -6
- package/dist/server/src/validation/role.d.ts +8 -8
- package/dist/server/src/validation/role.d.ts.map +1 -1
- package/dist/server/src/validation/transfer/token.d.ts +4 -4
- package/dist/server/src/validation/user.d.ts +8 -8
- package/dist/shared/contracts/permissions.d.ts +1 -0
- package/dist/shared/contracts/permissions.d.ts.map +1 -1
- package/dist/shared/contracts/sessions.d.ts +62 -0
- package/dist/shared/contracts/sessions.d.ts.map +1 -0
- package/dist/shared/contracts/shared.d.ts +1 -1
- package/dist/shared/contracts/shared.d.ts.map +1 -1
- package/dist/shared/utils/session-auth.d.ts +1 -1
- package/dist/shared/utils/session-auth.d.ts.map +1 -1
- package/package.json +11 -11
|
@@ -0,0 +1,59 @@
|
|
|
1
|
+
import { sortSessionsForDisplay, sanitizeSessionEntry } from '@strapi/utils';
|
|
2
|
+
import { getSessionManager } from '../../../shared/utils/session-auth.mjs';
|
|
3
|
+
|
|
4
|
+
const ORIGIN = 'admin';
|
|
5
|
+
const getCurrentSessionId = (ctx)=>{
|
|
6
|
+
const session = ctx.state.session;
|
|
7
|
+
return typeof session?.id === 'string' ? session.id : undefined;
|
|
8
|
+
};
|
|
9
|
+
var authenticatedSession = {
|
|
10
|
+
async list (ctx) {
|
|
11
|
+
const sessionManager = getSessionManager();
|
|
12
|
+
if (!sessionManager) {
|
|
13
|
+
return ctx.internalServerError();
|
|
14
|
+
}
|
|
15
|
+
const userId = String(ctx.state.user.id);
|
|
16
|
+
const currentSessionId = getCurrentSessionId(ctx);
|
|
17
|
+
const sessions = await sessionManager(ORIGIN).listSessions(userId);
|
|
18
|
+
const data = sortSessionsForDisplay(sessions.map((session)=>sanitizeSessionEntry(session, currentSessionId)));
|
|
19
|
+
ctx.body = {
|
|
20
|
+
data
|
|
21
|
+
};
|
|
22
|
+
},
|
|
23
|
+
async revoke (ctx) {
|
|
24
|
+
const sessionManager = getSessionManager();
|
|
25
|
+
if (!sessionManager) {
|
|
26
|
+
return ctx.internalServerError();
|
|
27
|
+
}
|
|
28
|
+
const userId = String(ctx.state.user.id);
|
|
29
|
+
const { sessionId } = ctx.params;
|
|
30
|
+
const revoked = await sessionManager(ORIGIN).revokeSessionById(userId, sessionId);
|
|
31
|
+
if (!revoked) {
|
|
32
|
+
return ctx.notFound('Session not found');
|
|
33
|
+
}
|
|
34
|
+
ctx.body = {
|
|
35
|
+
data: {}
|
|
36
|
+
};
|
|
37
|
+
},
|
|
38
|
+
async revokeAll (ctx) {
|
|
39
|
+
const sessionManager = getSessionManager();
|
|
40
|
+
if (!sessionManager) {
|
|
41
|
+
return ctx.internalServerError();
|
|
42
|
+
}
|
|
43
|
+
const userId = String(ctx.state.user.id);
|
|
44
|
+
const keepCurrent = ctx.query.keepCurrent === 'true' || ctx.query.keepCurrent === '1';
|
|
45
|
+
if (keepCurrent) {
|
|
46
|
+
const currentSessionId = getCurrentSessionId(ctx);
|
|
47
|
+
const sessions = await sessionManager(ORIGIN).listSessions(userId);
|
|
48
|
+
await Promise.all(sessions.filter((session)=>session.sessionId !== currentSessionId).map((session)=>sessionManager(ORIGIN).revokeSessionById(userId, session.sessionId)));
|
|
49
|
+
} else {
|
|
50
|
+
await sessionManager(ORIGIN).invalidateRefreshToken(userId);
|
|
51
|
+
}
|
|
52
|
+
ctx.body = {
|
|
53
|
+
data: {}
|
|
54
|
+
};
|
|
55
|
+
}
|
|
56
|
+
};
|
|
57
|
+
|
|
58
|
+
export { authenticatedSession as default };
|
|
59
|
+
//# sourceMappingURL=authenticated-session.mjs.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"authenticated-session.mjs","sources":["../../../../../server/src/controllers/authenticated-session.ts"],"sourcesContent":["import type { Context } from 'koa';\nimport { sanitizeSessionEntry, sortSessionsForDisplay } from '@strapi/utils';\n\nimport { getSessionManager } from '../../../shared/utils/session-auth';\nimport type {\n GetSessions,\n DeleteSession,\n DeleteAllSessions,\n} from '../../../shared/contracts/sessions';\n\nconst ORIGIN = 'admin';\n\nconst getCurrentSessionId = (ctx: Context): string | undefined => {\n const session = ctx.state.session as { id?: string } | undefined;\n return typeof session?.id === 'string' ? session.id : undefined;\n};\n\nexport default {\n async list(ctx: Context) {\n const sessionManager = getSessionManager();\n if (!sessionManager) {\n return ctx.internalServerError();\n }\n\n const userId = String(ctx.state.user.id);\n const currentSessionId = getCurrentSessionId(ctx);\n const sessions = await sessionManager(ORIGIN).listSessions(userId);\n\n const data = sortSessionsForDisplay(\n sessions.map((session) => sanitizeSessionEntry(session, currentSessionId))\n );\n\n ctx.body = { data } satisfies GetSessions.Response;\n },\n\n async revoke(ctx: Context) {\n const sessionManager = getSessionManager();\n if (!sessionManager) {\n return ctx.internalServerError();\n }\n\n const userId = String(ctx.state.user.id);\n const { sessionId } = ctx.params;\n\n const revoked = await sessionManager(ORIGIN).revokeSessionById(userId, sessionId);\n if (!revoked) {\n return ctx.notFound('Session not found');\n }\n\n ctx.body = { data: {} } satisfies DeleteSession.Response;\n },\n\n async revokeAll(ctx: Context) {\n const sessionManager = getSessionManager();\n if (!sessionManager) {\n return ctx.internalServerError();\n }\n\n const userId = String(ctx.state.user.id);\n const keepCurrent = ctx.query.keepCurrent === 'true' || ctx.query.keepCurrent === '1';\n\n if (keepCurrent) {\n const currentSessionId = getCurrentSessionId(ctx);\n const sessions = await sessionManager(ORIGIN).listSessions(userId);\n\n await Promise.all(\n sessions\n .filter((session) => session.sessionId !== currentSessionId)\n .map((session) => sessionManager(ORIGIN).revokeSessionById(userId, session.sessionId))\n );\n } else {\n await sessionManager(ORIGIN).invalidateRefreshToken(userId);\n }\n\n ctx.body = { data: {} } satisfies DeleteAllSessions.Response;\n },\n};\n"],"names":["ORIGIN","getCurrentSessionId","ctx","session","state","id","undefined","list","sessionManager","getSessionManager","internalServerError","userId","String","user","currentSessionId","sessions","listSessions","data","sortSessionsForDisplay","map","sanitizeSessionEntry","body","revoke","sessionId","params","revoked","revokeSessionById","notFound","revokeAll","keepCurrent","query","Promise","all","filter","invalidateRefreshToken"],"mappings":";;;AAUA,MAAMA,MAAAA,GAAS,OAAA;AAEf,MAAMC,sBAAsB,CAACC,GAAAA,GAAAA;AAC3B,IAAA,MAAMC,OAAAA,GAAUD,GAAAA,CAAIE,KAAK,CAACD,OAAO;AACjC,IAAA,OAAO,OAAOA,OAAAA,EAASE,EAAAA,KAAO,QAAA,GAAWF,OAAAA,CAAQE,EAAE,GAAGC,SAAAA;AACxD,CAAA;AAEA,2BAAe;AACb,IAAA,MAAMC,MAAKL,GAAY,EAAA;AACrB,QAAA,MAAMM,cAAAA,GAAiBC,iBAAAA,EAAAA;AACvB,QAAA,IAAI,CAACD,cAAAA,EAAgB;AACnB,YAAA,OAAON,IAAIQ,mBAAmB,EAAA;AAChC,QAAA;AAEA,QAAA,MAAMC,SAASC,MAAAA,CAAOV,GAAAA,CAAIE,KAAK,CAACS,IAAI,CAACR,EAAE,CAAA;AACvC,QAAA,MAAMS,mBAAmBb,mBAAAA,CAAoBC,GAAAA,CAAAA;AAC7C,QAAA,MAAMa,QAAAA,GAAW,MAAMP,cAAAA,CAAeR,MAAAA,CAAAA,CAAQgB,YAAY,CAACL,MAAAA,CAAAA;QAE3D,MAAMM,IAAAA,GAAOC,uBACXH,QAAAA,CAASI,GAAG,CAAC,CAAChB,OAAAA,GAAYiB,qBAAqBjB,OAAAA,EAASW,gBAAAA,CAAAA,CAAAA,CAAAA;AAG1DZ,QAAAA,GAAAA,CAAImB,IAAI,GAAG;AAAEJ,YAAAA;AAAK,SAAA;AACpB,IAAA,CAAA;AAEA,IAAA,MAAMK,QAAOpB,GAAY,EAAA;AACvB,QAAA,MAAMM,cAAAA,GAAiBC,iBAAAA,EAAAA;AACvB,QAAA,IAAI,CAACD,cAAAA,EAAgB;AACnB,YAAA,OAAON,IAAIQ,mBAAmB,EAAA;AAChC,QAAA;AAEA,QAAA,MAAMC,SAASC,MAAAA,CAAOV,GAAAA,CAAIE,KAAK,CAACS,IAAI,CAACR,EAAE,CAAA;AACvC,QAAA,MAAM,EAAEkB,SAAS,EAAE,GAAGrB,IAAIsB,MAAM;AAEhC,QAAA,MAAMC,UAAU,MAAMjB,cAAAA,CAAeR,MAAAA,CAAAA,CAAQ0B,iBAAiB,CAACf,MAAAA,EAAQY,SAAAA,CAAAA;AACvE,QAAA,IAAI,CAACE,OAAAA,EAAS;YACZ,OAAOvB,GAAAA,CAAIyB,QAAQ,CAAC,mBAAA,CAAA;AACtB,QAAA;AAEAzB,QAAAA,GAAAA,CAAImB,IAAI,GAAG;AAAEJ,YAAAA,IAAAA,EAAM;AAAG,SAAA;AACxB,IAAA,CAAA;AAEA,IAAA,MAAMW,WAAU1B,GAAY,EAAA;AAC1B,QAAA,MAAMM,cAAAA,GAAiBC,iBAAAA,EAAAA;AACvB,QAAA,IAAI,CAACD,cAAAA,EAAgB;AACnB,YAAA,OAAON,IAAIQ,mBAAmB,EAAA;AAChC,QAAA;AAEA,QAAA,MAAMC,SAASC,MAAAA,CAAOV,GAAAA,CAAIE,KAAK,CAACS,IAAI,CAACR,EAAE,CAAA;QACvC,MAAMwB,WAAAA,GAAc3B,GAAAA,CAAI4B,KAAK,CAACD,WAAW,KAAK,MAAA,IAAU3B,GAAAA,CAAI4B,KAAK,CAACD,WAAW,KAAK,GAAA;AAElF,QAAA,IAAIA,WAAAA,EAAa;AACf,YAAA,MAAMf,mBAAmBb,mBAAAA,CAAoBC,GAAAA,CAAAA;AAC7C,YAAA,MAAMa,QAAAA,GAAW,MAAMP,cAAAA,CAAeR,MAAAA,CAAAA,CAAQgB,YAAY,CAACL,MAAAA,CAAAA;YAE3D,MAAMoB,OAAAA,CAAQC,GAAG,CACfjB,QAAAA,CACGkB,MAAM,CAAC,CAAC9B,OAAAA,GAAYA,OAAAA,CAAQoB,SAAS,KAAKT,kBAC1CK,GAAG,CAAC,CAAChB,OAAAA,GAAYK,cAAAA,CAAeR,QAAQ0B,iBAAiB,CAACf,MAAAA,EAAQR,OAAAA,CAAQoB,SAAS,CAAA,CAAA,CAAA;QAE1F,CAAA,MAAO;YACL,MAAMf,cAAAA,CAAeR,MAAAA,CAAAA,CAAQkC,sBAAsB,CAACvB,MAAAA,CAAAA;AACtD,QAAA;AAEAT,QAAAA,GAAAA,CAAImB,IAAI,GAAG;AAAEJ,YAAAA,IAAAA,EAAM;AAAG,SAAA;AACxB,IAAA;AACF,CAAA;;;;"}
|
|
@@ -16,6 +16,9 @@ function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
|
|
|
16
16
|
var passport__default = /*#__PURE__*/_interopDefault(passport);
|
|
17
17
|
var compose__default = /*#__PURE__*/_interopDefault(compose);
|
|
18
18
|
|
|
19
|
+
const buildSessionMetadataFromContext = (ctx)=>utils.buildSessionMetadata({
|
|
20
|
+
userAgent: ctx.request.headers['user-agent']
|
|
21
|
+
});
|
|
19
22
|
const { ApplicationError, ValidationError } = utils.errors;
|
|
20
23
|
var authentication = {
|
|
21
24
|
login: compose__default.default([
|
|
@@ -66,7 +69,8 @@ var authentication = {
|
|
|
66
69
|
const userId = String(user.id);
|
|
67
70
|
const { deviceId, rememberMe } = sessionAuth.extractDeviceParams(ctx.request.body);
|
|
68
71
|
const { token: refreshToken, absoluteExpiresAt } = await sessionManager('admin').generateRefreshToken(userId, deviceId, {
|
|
69
|
-
type: rememberMe ? 'refresh' : 'session'
|
|
72
|
+
type: rememberMe ? 'refresh' : 'session',
|
|
73
|
+
metadata: buildSessionMetadataFromContext(ctx)
|
|
70
74
|
});
|
|
71
75
|
const cookieOptions = sessionAuth.buildCookieOptionsWithExpiry(rememberMe ? 'refresh' : 'session', absoluteExpiresAt, ctx.request.secure);
|
|
72
76
|
ctx.cookies.set(sessionAuth.REFRESH_COOKIE_NAME, refreshToken, cookieOptions);
|
|
@@ -111,7 +115,8 @@ var authentication = {
|
|
|
111
115
|
const userId = String(user.id);
|
|
112
116
|
const { deviceId, rememberMe } = sessionAuth.extractDeviceParams(ctx.request.body);
|
|
113
117
|
const { token: refreshToken, absoluteExpiresAt } = await sessionManager('admin').generateRefreshToken(userId, deviceId, {
|
|
114
|
-
type: rememberMe ? 'refresh' : 'session'
|
|
118
|
+
type: rememberMe ? 'refresh' : 'session',
|
|
119
|
+
metadata: buildSessionMetadataFromContext(ctx)
|
|
115
120
|
});
|
|
116
121
|
const cookieOptions = sessionAuth.buildCookieOptionsWithExpiry(rememberMe ? 'refresh' : 'session', absoluteExpiresAt, ctx.request.secure);
|
|
117
122
|
ctx.cookies.set(sessionAuth.REFRESH_COOKIE_NAME, refreshToken, cookieOptions);
|
|
@@ -145,7 +150,8 @@ var authentication = {
|
|
|
145
150
|
const userId = String(user.id);
|
|
146
151
|
const { deviceId, rememberMe } = sessionAuth.extractDeviceParams(ctx.request.body);
|
|
147
152
|
const { token: refreshToken, absoluteExpiresAt } = await sessionManager('admin').generateRefreshToken(userId, deviceId, {
|
|
148
|
-
type: rememberMe ? 'refresh' : 'session'
|
|
153
|
+
type: rememberMe ? 'refresh' : 'session',
|
|
154
|
+
metadata: buildSessionMetadataFromContext(ctx)
|
|
149
155
|
});
|
|
150
156
|
const cookieOptions = sessionAuth.buildCookieOptionsWithExpiry(rememberMe ? 'refresh' : 'session', absoluteExpiresAt, ctx.request.secure);
|
|
151
157
|
ctx.cookies.set(sessionAuth.REFRESH_COOKIE_NAME, refreshToken, cookieOptions);
|
|
@@ -187,7 +193,8 @@ var authentication = {
|
|
|
187
193
|
// Invalidate all existing sessions before creating a new one
|
|
188
194
|
await sessionManager('admin').invalidateRefreshToken(userId);
|
|
189
195
|
const { token: refreshToken, absoluteExpiresAt } = await sessionManager('admin').generateRefreshToken(userId, deviceId, {
|
|
190
|
-
type: 'session'
|
|
196
|
+
type: 'session',
|
|
197
|
+
metadata: buildSessionMetadataFromContext(ctx)
|
|
191
198
|
});
|
|
192
199
|
// No rememberMe flow here; expire with session by default (session cookie)
|
|
193
200
|
const cookieOptions = sessionAuth.buildCookieOptionsWithExpiry('session', absoluteExpiresAt, ctx.request.secure);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authentication.js","sources":["../../../../../server/src/controllers/authentication.ts"],"sourcesContent":["import type { Context, Next } from 'koa';\nimport passport from 'koa-passport';\nimport compose from 'koa-compose';\nimport '@strapi/types';\nimport { errors } from '@strapi/utils';\nimport { getService } from '../utils';\nimport {\n REFRESH_COOKIE_NAME,\n buildCookieOptionsWithExpiry,\n getSessionManager,\n extractDeviceParams,\n generateDeviceId,\n getRefreshCookieOptions,\n} from '../../../shared/utils/session-auth';\n\nimport {\n validateRegistrationInput,\n validateAdminRegistrationInput,\n validateRegistrationInfoQuery,\n validateForgotPasswordInput,\n validateResetPasswordInput,\n validateLoginSessionInput,\n} from '../validation/authentication';\n\nimport type {\n ForgotPassword,\n Login,\n Register,\n RegisterAdmin,\n RegistrationInfo,\n ResetPassword,\n} from '../../../shared/contracts/authentication';\nimport { AdminUser } from '../../../shared/contracts/shared';\n\nconst { ApplicationError, ValidationError } = errors;\n\nexport default {\n login: compose([\n async (ctx: Context, next: Next) => {\n await validateLoginSessionInput(ctx.request.body ?? {});\n return next();\n },\n (ctx: Context, next: Next) => {\n return passport.authenticate('local', { session: false }, (err, user, info) => {\n if (err) {\n strapi.eventHub.emit('admin.auth.error', { error: err, provider: 'local' });\n // if this is a recognized error, allow it to bubble up to user\n if (err.details?.code === 'LOGIN_NOT_ALLOWED') {\n throw err;\n }\n\n // for all other errors throw a generic error to prevent leaking info\n return ctx.notImplemented();\n }\n\n if (!user) {\n strapi.eventHub.emit('admin.auth.error', {\n error: new Error(info.message),\n provider: 'local',\n });\n throw new ApplicationError(info.message);\n }\n\n const query = ctx.state as Login.Request['query'];\n query.user = user;\n\n const sanitizedUser = getService('user').sanitizeUser(user);\n strapi.eventHub.emit('admin.auth.success', { user: sanitizedUser, provider: 'local' });\n\n return next();\n })(ctx, next);\n },\n async (ctx: Context) => {\n const { user } = ctx.state as { user: AdminUser };\n\n try {\n const sessionManager = getSessionManager();\n if (!sessionManager) {\n return ctx.internalServerError();\n }\n const userId = String(user.id);\n const { deviceId, rememberMe } = extractDeviceParams(ctx.request.body);\n\n const { token: refreshToken, absoluteExpiresAt } = await sessionManager(\n 'admin'\n ).generateRefreshToken(userId, deviceId, {\n type: rememberMe ? 'refresh' : 'session',\n });\n\n const cookieOptions = buildCookieOptionsWithExpiry(\n rememberMe ? 'refresh' : 'session',\n absoluteExpiresAt,\n ctx.request.secure\n );\n ctx.cookies.set(REFRESH_COOKIE_NAME, refreshToken, cookieOptions);\n\n const accessResult = await sessionManager('admin').generateAccessToken(refreshToken);\n if ('error' in accessResult) {\n return ctx.internalServerError();\n }\n\n const { token: accessToken } = accessResult;\n\n ctx.body = {\n data: {\n token: accessToken,\n accessToken,\n user: getService('user').sanitizeUser(ctx.state.user),\n },\n } satisfies Login.Response;\n } catch (error) {\n strapi.log.error('Failed to create admin refresh session', error);\n return ctx.internalServerError();\n }\n },\n ]),\n\n async registrationInfo(ctx: Context) {\n await validateRegistrationInfoQuery(ctx.request.query);\n\n const { registrationToken } = ctx.request.query as RegistrationInfo.Request['query'];\n\n const registrationInfo = await getService('user').findRegistrationInfo(registrationToken);\n\n if (!registrationInfo) {\n throw new ValidationError('Invalid registrationToken');\n }\n\n ctx.body = { data: registrationInfo } satisfies RegistrationInfo.Response;\n },\n\n async register(ctx: Context) {\n const input = ctx.request.body as Register.Request['body'];\n\n await validateRegistrationInput(input);\n\n const user = await getService('user').register(input);\n\n try {\n const sessionManager = getSessionManager();\n if (!sessionManager) {\n return ctx.internalServerError();\n }\n const userId = String(user.id);\n const { deviceId, rememberMe } = extractDeviceParams(ctx.request.body);\n\n const { token: refreshToken, absoluteExpiresAt } = await sessionManager(\n 'admin'\n ).generateRefreshToken(userId, deviceId, { type: rememberMe ? 'refresh' : 'session' });\n\n const cookieOptions = buildCookieOptionsWithExpiry(\n rememberMe ? 'refresh' : 'session',\n absoluteExpiresAt,\n ctx.request.secure\n );\n ctx.cookies.set(REFRESH_COOKIE_NAME, refreshToken, cookieOptions);\n\n const accessResult = await sessionManager('admin').generateAccessToken(refreshToken);\n if ('error' in accessResult) {\n return ctx.internalServerError();\n }\n\n const { token: accessToken } = accessResult;\n\n ctx.body = {\n data: {\n token: accessToken,\n accessToken,\n user: getService('user').sanitizeUser(user),\n },\n } satisfies Register.Response;\n } catch (error) {\n strapi.log.error('Failed to create admin refresh session during register', error);\n return ctx.internalServerError();\n }\n },\n\n async registerAdmin(ctx: Context) {\n const input = ctx.request.body as RegisterAdmin.Request['body'];\n\n await validateAdminRegistrationInput(input);\n\n const user = await getService('user').createFirstAdmin(input);\n\n strapi.telemetry.send('didCreateFirstAdmin');\n\n try {\n const sessionManager = getSessionManager();\n if (!sessionManager) {\n return ctx.internalServerError();\n }\n const userId = String(user.id);\n const { deviceId, rememberMe } = extractDeviceParams(ctx.request.body);\n\n const { token: refreshToken, absoluteExpiresAt } = await sessionManager(\n 'admin'\n ).generateRefreshToken(userId, deviceId, { type: rememberMe ? 'refresh' : 'session' });\n\n const cookieOptions = buildCookieOptionsWithExpiry(\n rememberMe ? 'refresh' : 'session',\n absoluteExpiresAt,\n ctx.request.secure\n );\n ctx.cookies.set(REFRESH_COOKIE_NAME, refreshToken, cookieOptions);\n\n const accessResult = await sessionManager('admin').generateAccessToken(refreshToken);\n if ('error' in accessResult) {\n return ctx.internalServerError();\n }\n\n const { token: accessToken } = accessResult;\n\n ctx.body = {\n data: {\n token: accessToken,\n accessToken,\n user: getService('user').sanitizeUser(user),\n },\n } satisfies RegisterAdmin.Response;\n } catch (error) {\n strapi.log.error('Failed to create admin refresh session during register-admin', error);\n return ctx.internalServerError();\n }\n },\n\n async forgotPassword(ctx: Context) {\n const input = ctx.request.body as ForgotPassword.Request['body'];\n\n await validateForgotPasswordInput(input);\n\n getService('auth').forgotPassword(input);\n\n ctx.status = 204;\n },\n\n async resetPassword(ctx: Context) {\n const input = ctx.request.body as ResetPassword.Request['body'];\n\n await validateResetPasswordInput(input);\n\n const user = await getService('auth').resetPassword(input);\n\n // Issue a new admin refresh session and access token after password reset.\n try {\n const sessionManager = getSessionManager();\n if (!sessionManager) {\n return ctx.internalServerError();\n }\n\n const userId = String(user.id);\n const deviceId = generateDeviceId();\n\n // Invalidate all existing sessions before creating a new one\n await sessionManager('admin').invalidateRefreshToken(userId);\n\n const { token: refreshToken, absoluteExpiresAt } = await sessionManager(\n 'admin'\n ).generateRefreshToken(userId, deviceId, { type: 'session' });\n\n // No rememberMe flow here; expire with session by default (session cookie)\n const cookieOptions = buildCookieOptionsWithExpiry(\n 'session',\n absoluteExpiresAt,\n ctx.request.secure\n );\n ctx.cookies.set(REFRESH_COOKIE_NAME, refreshToken, cookieOptions);\n\n const accessResult = await sessionManager('admin').generateAccessToken(refreshToken);\n if ('error' in accessResult) {\n return ctx.internalServerError();\n }\n\n const { token } = accessResult;\n\n ctx.body = {\n data: {\n token,\n user: getService('user').sanitizeUser(user),\n },\n } satisfies ResetPassword.Response;\n } catch (err) {\n strapi.log.error('Failed to create admin refresh session during reset-password', err as any);\n return ctx.internalServerError();\n }\n },\n\n async accessToken(ctx: Context) {\n const refreshToken = ctx.cookies.get(REFRESH_COOKIE_NAME);\n\n if (!refreshToken) {\n return ctx.unauthorized('Missing refresh token');\n }\n\n try {\n const sessionManager = getSessionManager();\n if (!sessionManager) {\n return ctx.internalServerError();\n }\n\n // Single-use renewal: rotate on access exchange, then create access token\n // from the new refresh token\n const rotation = await sessionManager('admin').rotateRefreshToken(refreshToken);\n if ('error' in rotation) {\n return ctx.unauthorized('Invalid refresh token');\n }\n\n const result = await sessionManager('admin').generateAccessToken(rotation.token);\n if ('error' in result) {\n return ctx.unauthorized('Invalid refresh token');\n }\n\n const { token } = result;\n // Preserve session-vs-remember mode using rotation.type and rotation.absoluteExpiresAt\n const opts = buildCookieOptionsWithExpiry(\n rotation.type,\n rotation.absoluteExpiresAt,\n ctx.request.secure\n );\n\n ctx.cookies.set(REFRESH_COOKIE_NAME, rotation.token, opts);\n ctx.body = { data: { token } };\n } catch (err) {\n strapi.log.error('Failed to generate access token from refresh token', err as any);\n return ctx.internalServerError();\n }\n },\n\n async logout(ctx: Context) {\n const sanitizedUser = getService('user').sanitizeUser(ctx.state.user);\n strapi.eventHub.emit('admin.logout', { user: sanitizedUser });\n\n const bodyDeviceId = ctx.request.body?.deviceId as string | undefined;\n const deviceId = typeof bodyDeviceId === 'string' ? bodyDeviceId : undefined;\n\n // Clear cookie regardless of token validity\n ctx.cookies.set(REFRESH_COOKIE_NAME, '', {\n ...getRefreshCookieOptions(ctx.request.secure),\n expires: new Date(0),\n });\n\n try {\n const sessionManager = getSessionManager();\n if (sessionManager) {\n const userId = String(ctx.state.user.id);\n await sessionManager('admin').invalidateRefreshToken(userId, deviceId);\n }\n } catch (err) {\n strapi.log.error('Failed to revoke admin sessions during logout', err as any);\n }\n\n ctx.body = { data: {} };\n },\n};\n"],"names":["ApplicationError","ValidationError","errors","login","compose","ctx","next","validateLoginSessionInput","request","body","passport","authenticate","session","err","user","info","strapi","eventHub","emit","error","provider","details","code","notImplemented","Error","message","query","state","sanitizedUser","getService","sanitizeUser","sessionManager","getSessionManager","internalServerError","userId","String","id","deviceId","rememberMe","extractDeviceParams","token","refreshToken","absoluteExpiresAt","generateRefreshToken","type","cookieOptions","buildCookieOptionsWithExpiry","secure","cookies","set","REFRESH_COOKIE_NAME","accessResult","generateAccessToken","accessToken","data","log","registrationInfo","validateRegistrationInfoQuery","registrationToken","findRegistrationInfo","register","input","validateRegistrationInput","registerAdmin","validateAdminRegistrationInput","createFirstAdmin","telemetry","send","forgotPassword","validateForgotPasswordInput","status","resetPassword","validateResetPasswordInput","generateDeviceId","invalidateRefreshToken","get","unauthorized","rotation","rotateRefreshToken","result","opts","logout","bodyDeviceId","undefined","getRefreshCookieOptions","expires","Date"],"mappings":";;;;;;;;;;;;;;;;;;AAkCA,MAAM,EAAEA,gBAAgB,EAAEC,eAAe,EAAE,GAAGC,YAAAA;AAE9C,qBAAe;AACbC,IAAAA,KAAAA,EAAOC,wBAAAA,CAAQ;AACb,QAAA,OAAOC,GAAAA,EAAcC,IAAAA,GAAAA;AACnB,YAAA,MAAMC,MAA0BF,GAAAA,CAAIG,OAAO,CAACC,IAAI,IAAI,EAAC,CAAA;YACrD,OAAOH,IAAAA,EAAAA;AACT,QAAA,CAAA;AACA,QAAA,CAACD,GAAAA,EAAcC,IAAAA,GAAAA;YACb,OAAOI,yBAAAA,CAASC,YAAY,CAAC,OAAA,EAAS;gBAAEC,OAAAA,EAAS;aAAM,EAAG,CAACC,KAAKC,IAAAA,EAAMC,IAAAA,GAAAA;AACpE,gBAAA,IAAIF,GAAAA,EAAK;AACPG,oBAAAA,MAAAA,CAAOC,QAAQ,CAACC,IAAI,CAAC,kBAAA,EAAoB;wBAAEC,KAAAA,EAAON,GAAAA;wBAAKO,QAAAA,EAAU;AAAQ,qBAAA,CAAA;;AAEzE,oBAAA,IAAIP,GAAAA,CAAIQ,OAAO,EAAEC,IAAAA,KAAS,mBAAA,EAAqB;wBAC7C,MAAMT,GAAAA;AACR,oBAAA;;AAGA,oBAAA,OAAOR,IAAIkB,cAAc,EAAA;AAC3B,gBAAA;AAEA,gBAAA,IAAI,CAACT,IAAAA,EAAM;AACTE,oBAAAA,MAAAA,CAAOC,QAAQ,CAACC,IAAI,CAAC,kBAAA,EAAoB;wBACvCC,KAAAA,EAAO,IAAIK,KAAAA,CAAMT,IAAAA,CAAKU,OAAO,CAAA;wBAC7BL,QAAAA,EAAU;AACZ,qBAAA,CAAA;oBACA,MAAM,IAAIpB,gBAAAA,CAAiBe,IAAAA,CAAKU,OAAO,CAAA;AACzC,gBAAA;gBAEA,MAAMC,KAAAA,GAAQrB,IAAIsB,KAAK;AACvBD,gBAAAA,KAAAA,CAAMZ,IAAI,GAAGA,IAAAA;AAEb,gBAAA,MAAMc,aAAAA,GAAgBC,gBAAAA,CAAW,MAAA,CAAA,CAAQC,YAAY,CAAChB,IAAAA,CAAAA;AACtDE,gBAAAA,MAAAA,CAAOC,QAAQ,CAACC,IAAI,CAAC,oBAAA,EAAsB;oBAAEJ,IAAAA,EAAMc,aAAAA;oBAAeR,QAAAA,EAAU;AAAQ,iBAAA,CAAA;gBAEpF,OAAOd,IAAAA,EAAAA;AACT,YAAA,CAAA,CAAA,CAAGD,GAAAA,EAAKC,IAAAA,CAAAA;AACV,QAAA,CAAA;QACA,OAAOD,GAAAA,GAAAA;AACL,YAAA,MAAM,EAAES,IAAI,EAAE,GAAGT,IAAIsB,KAAK;YAE1B,IAAI;AACF,gBAAA,MAAMI,cAAAA,GAAiBC,6BAAAA,EAAAA;AACvB,gBAAA,IAAI,CAACD,cAAAA,EAAgB;AACnB,oBAAA,OAAO1B,IAAI4B,mBAAmB,EAAA;AAChC,gBAAA;gBACA,MAAMC,MAAAA,GAASC,MAAAA,CAAOrB,IAAAA,CAAKsB,EAAE,CAAA;gBAC7B,MAAM,EAAEC,QAAQ,EAAEC,UAAU,EAAE,GAAGC,+BAAAA,CAAoBlC,GAAAA,CAAIG,OAAO,CAACC,IAAI,CAAA;AAErE,gBAAA,MAAM,EAAE+B,KAAAA,EAAOC,YAAY,EAAEC,iBAAiB,EAAE,GAAG,MAAMX,cAAAA,CACvD,OAAA,CAAA,CACAY,oBAAoB,CAACT,QAAQG,QAAAA,EAAU;AACvCO,oBAAAA,IAAAA,EAAMN,aAAa,SAAA,GAAY;AACjC,iBAAA,CAAA;gBAEA,MAAMO,aAAAA,GAAgBC,yCACpBR,UAAAA,GAAa,SAAA,GAAY,WACzBI,iBAAAA,EACArC,GAAAA,CAAIG,OAAO,CAACuC,MAAM,CAAA;AAEpB1C,gBAAAA,GAAAA,CAAI2C,OAAO,CAACC,GAAG,CAACC,iCAAqBT,YAAAA,EAAcI,aAAAA,CAAAA;AAEnD,gBAAA,MAAMM,YAAAA,GAAe,MAAMpB,cAAAA,CAAe,OAAA,CAAA,CAASqB,mBAAmB,CAACX,YAAAA,CAAAA;AACvE,gBAAA,IAAI,WAAWU,YAAAA,EAAc;AAC3B,oBAAA,OAAO9C,IAAI4B,mBAAmB,EAAA;AAChC,gBAAA;AAEA,gBAAA,MAAM,EAAEO,KAAAA,EAAOa,WAAW,EAAE,GAAGF,YAAAA;AAE/B9C,gBAAAA,GAAAA,CAAII,IAAI,GAAG;oBACT6C,IAAAA,EAAM;wBACJd,KAAAA,EAAOa,WAAAA;AACPA,wBAAAA,WAAAA;AACAvC,wBAAAA,IAAAA,EAAMe,iBAAW,MAAA,CAAA,CAAQC,YAAY,CAACzB,GAAAA,CAAIsB,KAAK,CAACb,IAAI;AACtD;AACF,iBAAA;AACF,YAAA,CAAA,CAAE,OAAOK,KAAAA,EAAO;AACdH,gBAAAA,MAAAA,CAAOuC,GAAG,CAACpC,KAAK,CAAC,wCAAA,EAA0CA,KAAAA,CAAAA;AAC3D,gBAAA,OAAOd,IAAI4B,mBAAmB,EAAA;AAChC,YAAA;AACF,QAAA;AACD,KAAA,CAAA;AAED,IAAA,MAAMuB,kBAAiBnD,GAAY,EAAA;AACjC,QAAA,MAAMoD,sCAAAA,CAA8BpD,GAAAA,CAAIG,OAAO,CAACkB,KAAK,CAAA;AAErD,QAAA,MAAM,EAAEgC,iBAAiB,EAAE,GAAGrD,GAAAA,CAAIG,OAAO,CAACkB,KAAK;AAE/C,QAAA,MAAM8B,gBAAAA,GAAmB,MAAM3B,gBAAAA,CAAW,MAAA,CAAA,CAAQ8B,oBAAoB,CAACD,iBAAAA,CAAAA;AAEvE,QAAA,IAAI,CAACF,gBAAAA,EAAkB;AACrB,YAAA,MAAM,IAAIvD,eAAAA,CAAgB,2BAAA,CAAA;AAC5B,QAAA;AAEAI,QAAAA,GAAAA,CAAII,IAAI,GAAG;YAAE6C,IAAAA,EAAME;AAAiB,SAAA;AACtC,IAAA,CAAA;AAEA,IAAA,MAAMI,UAASvD,GAAY,EAAA;AACzB,QAAA,MAAMwD,KAAAA,GAAQxD,GAAAA,CAAIG,OAAO,CAACC,IAAI;AAE9B,QAAA,MAAMqD,kCAAAA,CAA0BD,KAAAA,CAAAA;AAEhC,QAAA,MAAM/C,IAAAA,GAAO,MAAMe,gBAAAA,CAAW,MAAA,CAAA,CAAQ+B,QAAQ,CAACC,KAAAA,CAAAA;QAE/C,IAAI;AACF,YAAA,MAAM9B,cAAAA,GAAiBC,6BAAAA,EAAAA;AACvB,YAAA,IAAI,CAACD,cAAAA,EAAgB;AACnB,gBAAA,OAAO1B,IAAI4B,mBAAmB,EAAA;AAChC,YAAA;YACA,MAAMC,MAAAA,GAASC,MAAAA,CAAOrB,IAAAA,CAAKsB,EAAE,CAAA;YAC7B,MAAM,EAAEC,QAAQ,EAAEC,UAAU,EAAE,GAAGC,+BAAAA,CAAoBlC,GAAAA,CAAIG,OAAO,CAACC,IAAI,CAAA;AAErE,YAAA,MAAM,EAAE+B,KAAAA,EAAOC,YAAY,EAAEC,iBAAiB,EAAE,GAAG,MAAMX,cAAAA,CACvD,OAAA,CAAA,CACAY,oBAAoB,CAACT,QAAQG,QAAAA,EAAU;AAAEO,gBAAAA,IAAAA,EAAMN,aAAa,SAAA,GAAY;AAAU,aAAA,CAAA;YAEpF,MAAMO,aAAAA,GAAgBC,yCACpBR,UAAAA,GAAa,SAAA,GAAY,WACzBI,iBAAAA,EACArC,GAAAA,CAAIG,OAAO,CAACuC,MAAM,CAAA;AAEpB1C,YAAAA,GAAAA,CAAI2C,OAAO,CAACC,GAAG,CAACC,iCAAqBT,YAAAA,EAAcI,aAAAA,CAAAA;AAEnD,YAAA,MAAMM,YAAAA,GAAe,MAAMpB,cAAAA,CAAe,OAAA,CAAA,CAASqB,mBAAmB,CAACX,YAAAA,CAAAA;AACvE,YAAA,IAAI,WAAWU,YAAAA,EAAc;AAC3B,gBAAA,OAAO9C,IAAI4B,mBAAmB,EAAA;AAChC,YAAA;AAEA,YAAA,MAAM,EAAEO,KAAAA,EAAOa,WAAW,EAAE,GAAGF,YAAAA;AAE/B9C,YAAAA,GAAAA,CAAII,IAAI,GAAG;gBACT6C,IAAAA,EAAM;oBACJd,KAAAA,EAAOa,WAAAA;AACPA,oBAAAA,WAAAA;oBACAvC,IAAAA,EAAMe,gBAAAA,CAAW,MAAA,CAAA,CAAQC,YAAY,CAAChB,IAAAA;AACxC;AACF,aAAA;AACF,QAAA,CAAA,CAAE,OAAOK,KAAAA,EAAO;AACdH,YAAAA,MAAAA,CAAOuC,GAAG,CAACpC,KAAK,CAAC,wDAAA,EAA0DA,KAAAA,CAAAA;AAC3E,YAAA,OAAOd,IAAI4B,mBAAmB,EAAA;AAChC,QAAA;AACF,IAAA,CAAA;AAEA,IAAA,MAAM8B,eAAc1D,GAAY,EAAA;AAC9B,QAAA,MAAMwD,KAAAA,GAAQxD,GAAAA,CAAIG,OAAO,CAACC,IAAI;AAE9B,QAAA,MAAMuD,uCAAAA,CAA+BH,KAAAA,CAAAA;AAErC,QAAA,MAAM/C,IAAAA,GAAO,MAAMe,gBAAAA,CAAW,MAAA,CAAA,CAAQoC,gBAAgB,CAACJ,KAAAA,CAAAA;QAEvD7C,MAAAA,CAAOkD,SAAS,CAACC,IAAI,CAAC,qBAAA,CAAA;QAEtB,IAAI;AACF,YAAA,MAAMpC,cAAAA,GAAiBC,6BAAAA,EAAAA;AACvB,YAAA,IAAI,CAACD,cAAAA,EAAgB;AACnB,gBAAA,OAAO1B,IAAI4B,mBAAmB,EAAA;AAChC,YAAA;YACA,MAAMC,MAAAA,GAASC,MAAAA,CAAOrB,IAAAA,CAAKsB,EAAE,CAAA;YAC7B,MAAM,EAAEC,QAAQ,EAAEC,UAAU,EAAE,GAAGC,+BAAAA,CAAoBlC,GAAAA,CAAIG,OAAO,CAACC,IAAI,CAAA;AAErE,YAAA,MAAM,EAAE+B,KAAAA,EAAOC,YAAY,EAAEC,iBAAiB,EAAE,GAAG,MAAMX,cAAAA,CACvD,OAAA,CAAA,CACAY,oBAAoB,CAACT,QAAQG,QAAAA,EAAU;AAAEO,gBAAAA,IAAAA,EAAMN,aAAa,SAAA,GAAY;AAAU,aAAA,CAAA;YAEpF,MAAMO,aAAAA,GAAgBC,yCACpBR,UAAAA,GAAa,SAAA,GAAY,WACzBI,iBAAAA,EACArC,GAAAA,CAAIG,OAAO,CAACuC,MAAM,CAAA;AAEpB1C,YAAAA,GAAAA,CAAI2C,OAAO,CAACC,GAAG,CAACC,iCAAqBT,YAAAA,EAAcI,aAAAA,CAAAA;AAEnD,YAAA,MAAMM,YAAAA,GAAe,MAAMpB,cAAAA,CAAe,OAAA,CAAA,CAASqB,mBAAmB,CAACX,YAAAA,CAAAA;AACvE,YAAA,IAAI,WAAWU,YAAAA,EAAc;AAC3B,gBAAA,OAAO9C,IAAI4B,mBAAmB,EAAA;AAChC,YAAA;AAEA,YAAA,MAAM,EAAEO,KAAAA,EAAOa,WAAW,EAAE,GAAGF,YAAAA;AAE/B9C,YAAAA,GAAAA,CAAII,IAAI,GAAG;gBACT6C,IAAAA,EAAM;oBACJd,KAAAA,EAAOa,WAAAA;AACPA,oBAAAA,WAAAA;oBACAvC,IAAAA,EAAMe,gBAAAA,CAAW,MAAA,CAAA,CAAQC,YAAY,CAAChB,IAAAA;AACxC;AACF,aAAA;AACF,QAAA,CAAA,CAAE,OAAOK,KAAAA,EAAO;AACdH,YAAAA,MAAAA,CAAOuC,GAAG,CAACpC,KAAK,CAAC,8DAAA,EAAgEA,KAAAA,CAAAA;AACjF,YAAA,OAAOd,IAAI4B,mBAAmB,EAAA;AAChC,QAAA;AACF,IAAA,CAAA;AAEA,IAAA,MAAMmC,gBAAe/D,GAAY,EAAA;AAC/B,QAAA,MAAMwD,KAAAA,GAAQxD,GAAAA,CAAIG,OAAO,CAACC,IAAI;AAE9B,QAAA,MAAM4D,cAAAA,CAA4BR,KAAAA,CAAAA;QAElChC,gBAAAA,CAAW,MAAA,CAAA,CAAQuC,cAAc,CAACP,KAAAA,CAAAA;AAElCxD,QAAAA,GAAAA,CAAIiE,MAAM,GAAG,GAAA;AACf,IAAA,CAAA;AAEA,IAAA,MAAMC,eAAclE,GAAY,EAAA;AAC9B,QAAA,MAAMwD,KAAAA,GAAQxD,GAAAA,CAAIG,OAAO,CAACC,IAAI;AAE9B,QAAA,MAAM+D,aAAAA,CAA2BX,KAAAA,CAAAA;AAEjC,QAAA,MAAM/C,IAAAA,GAAO,MAAMe,gBAAAA,CAAW,MAAA,CAAA,CAAQ0C,aAAa,CAACV,KAAAA,CAAAA;;QAGpD,IAAI;AACF,YAAA,MAAM9B,cAAAA,GAAiBC,6BAAAA,EAAAA;AACvB,YAAA,IAAI,CAACD,cAAAA,EAAgB;AACnB,gBAAA,OAAO1B,IAAI4B,mBAAmB,EAAA;AAChC,YAAA;YAEA,MAAMC,MAAAA,GAASC,MAAAA,CAAOrB,IAAAA,CAAKsB,EAAE,CAAA;AAC7B,YAAA,MAAMC,QAAAA,GAAWoC,4BAAAA,EAAAA;;YAGjB,MAAM1C,cAAAA,CAAe,OAAA,CAAA,CAAS2C,sBAAsB,CAACxC,MAAAA,CAAAA;AAErD,YAAA,MAAM,EAAEM,KAAAA,EAAOC,YAAY,EAAEC,iBAAiB,EAAE,GAAG,MAAMX,cAAAA,CACvD,OAAA,CAAA,CACAY,oBAAoB,CAACT,QAAQG,QAAAA,EAAU;gBAAEO,IAAAA,EAAM;AAAU,aAAA,CAAA;;AAG3D,YAAA,MAAMC,gBAAgBC,wCAAAA,CACpB,SAAA,EACAJ,mBACArC,GAAAA,CAAIG,OAAO,CAACuC,MAAM,CAAA;AAEpB1C,YAAAA,GAAAA,CAAI2C,OAAO,CAACC,GAAG,CAACC,iCAAqBT,YAAAA,EAAcI,aAAAA,CAAAA;AAEnD,YAAA,MAAMM,YAAAA,GAAe,MAAMpB,cAAAA,CAAe,OAAA,CAAA,CAASqB,mBAAmB,CAACX,YAAAA,CAAAA;AACvE,YAAA,IAAI,WAAWU,YAAAA,EAAc;AAC3B,gBAAA,OAAO9C,IAAI4B,mBAAmB,EAAA;AAChC,YAAA;YAEA,MAAM,EAAEO,KAAK,EAAE,GAAGW,YAAAA;AAElB9C,YAAAA,GAAAA,CAAII,IAAI,GAAG;gBACT6C,IAAAA,EAAM;AACJd,oBAAAA,KAAAA;oBACA1B,IAAAA,EAAMe,gBAAAA,CAAW,MAAA,CAAA,CAAQC,YAAY,CAAChB,IAAAA;AACxC;AACF,aAAA;AACF,QAAA,CAAA,CAAE,OAAOD,GAAAA,EAAK;AACZG,YAAAA,MAAAA,CAAOuC,GAAG,CAACpC,KAAK,CAAC,8DAAA,EAAgEN,GAAAA,CAAAA;AACjF,YAAA,OAAOR,IAAI4B,mBAAmB,EAAA;AAChC,QAAA;AACF,IAAA,CAAA;AAEA,IAAA,MAAMoB,aAAYhD,GAAY,EAAA;AAC5B,QAAA,MAAMoC,YAAAA,GAAepC,GAAAA,CAAI2C,OAAO,CAAC2B,GAAG,CAACzB,+BAAAA,CAAAA;AAErC,QAAA,IAAI,CAACT,YAAAA,EAAc;YACjB,OAAOpC,GAAAA,CAAIuE,YAAY,CAAC,uBAAA,CAAA;AAC1B,QAAA;QAEA,IAAI;AACF,YAAA,MAAM7C,cAAAA,GAAiBC,6BAAAA,EAAAA;AACvB,YAAA,IAAI,CAACD,cAAAA,EAAgB;AACnB,gBAAA,OAAO1B,IAAI4B,mBAAmB,EAAA;AAChC,YAAA;;;AAIA,YAAA,MAAM4C,QAAAA,GAAW,MAAM9C,cAAAA,CAAe,OAAA,CAAA,CAAS+C,kBAAkB,CAACrC,YAAAA,CAAAA;AAClE,YAAA,IAAI,WAAWoC,QAAAA,EAAU;gBACvB,OAAOxE,GAAAA,CAAIuE,YAAY,CAAC,uBAAA,CAAA;AAC1B,YAAA;AAEA,YAAA,MAAMG,SAAS,MAAMhD,cAAAA,CAAe,SAASqB,mBAAmB,CAACyB,SAASrC,KAAK,CAAA;AAC/E,YAAA,IAAI,WAAWuC,MAAAA,EAAQ;gBACrB,OAAO1E,GAAAA,CAAIuE,YAAY,CAAC,uBAAA,CAAA;AAC1B,YAAA;YAEA,MAAM,EAAEpC,KAAK,EAAE,GAAGuC,MAAAA;;YAElB,MAAMC,IAAAA,GAAOlC,wCAAAA,CACX+B,QAAAA,CAASjC,IAAI,EACbiC,QAAAA,CAASnC,iBAAiB,EAC1BrC,GAAAA,CAAIG,OAAO,CAACuC,MAAM,CAAA;AAGpB1C,YAAAA,GAAAA,CAAI2C,OAAO,CAACC,GAAG,CAACC,+BAAAA,EAAqB2B,QAAAA,CAASrC,KAAK,EAAEwC,IAAAA,CAAAA;AACrD3E,YAAAA,GAAAA,CAAII,IAAI,GAAG;gBAAE6C,IAAAA,EAAM;AAAEd,oBAAAA;AAAM;AAAE,aAAA;AAC/B,QAAA,CAAA,CAAE,OAAO3B,GAAAA,EAAK;AACZG,YAAAA,MAAAA,CAAOuC,GAAG,CAACpC,KAAK,CAAC,oDAAA,EAAsDN,GAAAA,CAAAA;AACvE,YAAA,OAAOR,IAAI4B,mBAAmB,EAAA;AAChC,QAAA;AACF,IAAA,CAAA;AAEA,IAAA,MAAMgD,QAAO5E,GAAY,EAAA;QACvB,MAAMuB,aAAAA,GAAgBC,iBAAW,MAAA,CAAA,CAAQC,YAAY,CAACzB,GAAAA,CAAIsB,KAAK,CAACb,IAAI,CAAA;AACpEE,QAAAA,MAAAA,CAAOC,QAAQ,CAACC,IAAI,CAAC,cAAA,EAAgB;YAAEJ,IAAAA,EAAMc;AAAc,SAAA,CAAA;AAE3D,QAAA,MAAMsD,YAAAA,GAAe7E,GAAAA,CAAIG,OAAO,CAACC,IAAI,EAAE4B,QAAAA;AACvC,QAAA,MAAMA,QAAAA,GAAW,OAAO6C,YAAAA,KAAiB,QAAA,GAAWA,YAAAA,GAAeC,SAAAA;;AAGnE9E,QAAAA,GAAAA,CAAI2C,OAAO,CAACC,GAAG,CAACC,iCAAqB,EAAA,EAAI;AACvC,YAAA,GAAGkC,mCAAAA,CAAwB/E,GAAAA,CAAIG,OAAO,CAACuC,MAAM,CAAC;AAC9CsC,YAAAA,OAAAA,EAAS,IAAIC,IAAAA,CAAK,CAAA;AACpB,SAAA,CAAA;QAEA,IAAI;AACF,YAAA,MAAMvD,cAAAA,GAAiBC,6BAAAA,EAAAA;AACvB,YAAA,IAAID,cAAAA,EAAgB;AAClB,gBAAA,MAAMG,SAASC,MAAAA,CAAO9B,GAAAA,CAAIsB,KAAK,CAACb,IAAI,CAACsB,EAAE,CAAA;AACvC,gBAAA,MAAML,cAAAA,CAAe,OAAA,CAAA,CAAS2C,sBAAsB,CAACxC,MAAAA,EAAQG,QAAAA,CAAAA;AAC/D,YAAA;AACF,QAAA,CAAA,CAAE,OAAOxB,GAAAA,EAAK;AACZG,YAAAA,MAAAA,CAAOuC,GAAG,CAACpC,KAAK,CAAC,+CAAA,EAAiDN,GAAAA,CAAAA;AACpE,QAAA;AAEAR,QAAAA,GAAAA,CAAII,IAAI,GAAG;AAAE6C,YAAAA,IAAAA,EAAM;AAAG,SAAA;AACxB,IAAA;AACF,CAAA;;;;"}
|
|
1
|
+
{"version":3,"file":"authentication.js","sources":["../../../../../server/src/controllers/authentication.ts"],"sourcesContent":["import type { Context, Next } from 'koa';\nimport passport from 'koa-passport';\nimport compose from 'koa-compose';\nimport '@strapi/types';\nimport { errors, buildSessionMetadata } from '@strapi/utils';\nimport { getService } from '../utils';\nimport {\n REFRESH_COOKIE_NAME,\n buildCookieOptionsWithExpiry,\n getSessionManager,\n extractDeviceParams,\n generateDeviceId,\n getRefreshCookieOptions,\n} from '../../../shared/utils/session-auth';\n\nimport {\n validateRegistrationInput,\n validateAdminRegistrationInput,\n validateRegistrationInfoQuery,\n validateForgotPasswordInput,\n validateResetPasswordInput,\n validateLoginSessionInput,\n} from '../validation/authentication';\n\nimport type {\n ForgotPassword,\n Login,\n Register,\n RegisterAdmin,\n RegistrationInfo,\n ResetPassword,\n} from '../../../shared/contracts/authentication';\nimport { AdminUser } from '../../../shared/contracts/shared';\n\nconst buildSessionMetadataFromContext = (ctx: Context) =>\n buildSessionMetadata({\n userAgent: ctx.request.headers['user-agent'],\n });\n\nconst { ApplicationError, ValidationError } = errors;\n\nexport default {\n login: compose([\n async (ctx: Context, next: Next) => {\n await validateLoginSessionInput(ctx.request.body ?? {});\n return next();\n },\n (ctx: Context, next: Next) => {\n return passport.authenticate('local', { session: false }, (err, user, info) => {\n if (err) {\n strapi.eventHub.emit('admin.auth.error', { error: err, provider: 'local' });\n // if this is a recognized error, allow it to bubble up to user\n if (err.details?.code === 'LOGIN_NOT_ALLOWED') {\n throw err;\n }\n\n // for all other errors throw a generic error to prevent leaking info\n return ctx.notImplemented();\n }\n\n if (!user) {\n strapi.eventHub.emit('admin.auth.error', {\n error: new Error(info.message),\n provider: 'local',\n });\n throw new ApplicationError(info.message);\n }\n\n const query = ctx.state as Login.Request['query'];\n query.user = user;\n\n const sanitizedUser = getService('user').sanitizeUser(user);\n strapi.eventHub.emit('admin.auth.success', { user: sanitizedUser, provider: 'local' });\n\n return next();\n })(ctx, next);\n },\n async (ctx: Context) => {\n const { user } = ctx.state as { user: AdminUser };\n\n try {\n const sessionManager = getSessionManager();\n if (!sessionManager) {\n return ctx.internalServerError();\n }\n const userId = String(user.id);\n const { deviceId, rememberMe } = extractDeviceParams(ctx.request.body);\n\n const { token: refreshToken, absoluteExpiresAt } = await sessionManager(\n 'admin'\n ).generateRefreshToken(userId, deviceId, {\n type: rememberMe ? 'refresh' : 'session',\n metadata: buildSessionMetadataFromContext(ctx),\n });\n\n const cookieOptions = buildCookieOptionsWithExpiry(\n rememberMe ? 'refresh' : 'session',\n absoluteExpiresAt,\n ctx.request.secure\n );\n ctx.cookies.set(REFRESH_COOKIE_NAME, refreshToken, cookieOptions);\n\n const accessResult = await sessionManager('admin').generateAccessToken(refreshToken);\n if ('error' in accessResult) {\n return ctx.internalServerError();\n }\n\n const { token: accessToken } = accessResult;\n\n ctx.body = {\n data: {\n token: accessToken,\n accessToken,\n user: getService('user').sanitizeUser(ctx.state.user),\n },\n } satisfies Login.Response;\n } catch (error) {\n strapi.log.error('Failed to create admin refresh session', error);\n return ctx.internalServerError();\n }\n },\n ]),\n\n async registrationInfo(ctx: Context) {\n await validateRegistrationInfoQuery(ctx.request.query);\n\n const { registrationToken } = ctx.request.query as RegistrationInfo.Request['query'];\n\n const registrationInfo = await getService('user').findRegistrationInfo(registrationToken);\n\n if (!registrationInfo) {\n throw new ValidationError('Invalid registrationToken');\n }\n\n ctx.body = { data: registrationInfo } satisfies RegistrationInfo.Response;\n },\n\n async register(ctx: Context) {\n const input = ctx.request.body as Register.Request['body'];\n\n await validateRegistrationInput(input);\n\n const user = await getService('user').register(input);\n\n try {\n const sessionManager = getSessionManager();\n if (!sessionManager) {\n return ctx.internalServerError();\n }\n const userId = String(user.id);\n const { deviceId, rememberMe } = extractDeviceParams(ctx.request.body);\n\n const { token: refreshToken, absoluteExpiresAt } = await sessionManager(\n 'admin'\n ).generateRefreshToken(userId, deviceId, {\n type: rememberMe ? 'refresh' : 'session',\n metadata: buildSessionMetadataFromContext(ctx),\n });\n\n const cookieOptions = buildCookieOptionsWithExpiry(\n rememberMe ? 'refresh' : 'session',\n absoluteExpiresAt,\n ctx.request.secure\n );\n ctx.cookies.set(REFRESH_COOKIE_NAME, refreshToken, cookieOptions);\n\n const accessResult = await sessionManager('admin').generateAccessToken(refreshToken);\n if ('error' in accessResult) {\n return ctx.internalServerError();\n }\n\n const { token: accessToken } = accessResult;\n\n ctx.body = {\n data: {\n token: accessToken,\n accessToken,\n user: getService('user').sanitizeUser(user),\n },\n } satisfies Register.Response;\n } catch (error) {\n strapi.log.error('Failed to create admin refresh session during register', error);\n return ctx.internalServerError();\n }\n },\n\n async registerAdmin(ctx: Context) {\n const input = ctx.request.body as RegisterAdmin.Request['body'];\n\n await validateAdminRegistrationInput(input);\n\n const user = await getService('user').createFirstAdmin(input);\n\n strapi.telemetry.send('didCreateFirstAdmin');\n\n try {\n const sessionManager = getSessionManager();\n if (!sessionManager) {\n return ctx.internalServerError();\n }\n const userId = String(user.id);\n const { deviceId, rememberMe } = extractDeviceParams(ctx.request.body);\n\n const { token: refreshToken, absoluteExpiresAt } = await sessionManager(\n 'admin'\n ).generateRefreshToken(userId, deviceId, {\n type: rememberMe ? 'refresh' : 'session',\n metadata: buildSessionMetadataFromContext(ctx),\n });\n\n const cookieOptions = buildCookieOptionsWithExpiry(\n rememberMe ? 'refresh' : 'session',\n absoluteExpiresAt,\n ctx.request.secure\n );\n ctx.cookies.set(REFRESH_COOKIE_NAME, refreshToken, cookieOptions);\n\n const accessResult = await sessionManager('admin').generateAccessToken(refreshToken);\n if ('error' in accessResult) {\n return ctx.internalServerError();\n }\n\n const { token: accessToken } = accessResult;\n\n ctx.body = {\n data: {\n token: accessToken,\n accessToken,\n user: getService('user').sanitizeUser(user),\n },\n } satisfies RegisterAdmin.Response;\n } catch (error) {\n strapi.log.error('Failed to create admin refresh session during register-admin', error);\n return ctx.internalServerError();\n }\n },\n\n async forgotPassword(ctx: Context) {\n const input = ctx.request.body as ForgotPassword.Request['body'];\n\n await validateForgotPasswordInput(input);\n\n getService('auth').forgotPassword(input);\n\n ctx.status = 204;\n },\n\n async resetPassword(ctx: Context) {\n const input = ctx.request.body as ResetPassword.Request['body'];\n\n await validateResetPasswordInput(input);\n\n const user = await getService('auth').resetPassword(input);\n\n // Issue a new admin refresh session and access token after password reset.\n try {\n const sessionManager = getSessionManager();\n if (!sessionManager) {\n return ctx.internalServerError();\n }\n\n const userId = String(user.id);\n const deviceId = generateDeviceId();\n\n // Invalidate all existing sessions before creating a new one\n await sessionManager('admin').invalidateRefreshToken(userId);\n\n const { token: refreshToken, absoluteExpiresAt } = await sessionManager(\n 'admin'\n ).generateRefreshToken(userId, deviceId, {\n type: 'session',\n metadata: buildSessionMetadataFromContext(ctx),\n });\n\n // No rememberMe flow here; expire with session by default (session cookie)\n const cookieOptions = buildCookieOptionsWithExpiry(\n 'session',\n absoluteExpiresAt,\n ctx.request.secure\n );\n ctx.cookies.set(REFRESH_COOKIE_NAME, refreshToken, cookieOptions);\n\n const accessResult = await sessionManager('admin').generateAccessToken(refreshToken);\n if ('error' in accessResult) {\n return ctx.internalServerError();\n }\n\n const { token } = accessResult;\n\n ctx.body = {\n data: {\n token,\n user: getService('user').sanitizeUser(user),\n },\n } satisfies ResetPassword.Response;\n } catch (err) {\n strapi.log.error('Failed to create admin refresh session during reset-password', err as any);\n return ctx.internalServerError();\n }\n },\n\n async accessToken(ctx: Context) {\n const refreshToken = ctx.cookies.get(REFRESH_COOKIE_NAME);\n\n if (!refreshToken) {\n return ctx.unauthorized('Missing refresh token');\n }\n\n try {\n const sessionManager = getSessionManager();\n if (!sessionManager) {\n return ctx.internalServerError();\n }\n\n // Single-use renewal: rotate on access exchange, then create access token\n // from the new refresh token\n const rotation = await sessionManager('admin').rotateRefreshToken(refreshToken);\n if ('error' in rotation) {\n return ctx.unauthorized('Invalid refresh token');\n }\n\n const result = await sessionManager('admin').generateAccessToken(rotation.token);\n if ('error' in result) {\n return ctx.unauthorized('Invalid refresh token');\n }\n\n const { token } = result;\n // Preserve session-vs-remember mode using rotation.type and rotation.absoluteExpiresAt\n const opts = buildCookieOptionsWithExpiry(\n rotation.type,\n rotation.absoluteExpiresAt,\n ctx.request.secure\n );\n\n ctx.cookies.set(REFRESH_COOKIE_NAME, rotation.token, opts);\n ctx.body = { data: { token } };\n } catch (err) {\n strapi.log.error('Failed to generate access token from refresh token', err as any);\n return ctx.internalServerError();\n }\n },\n\n async logout(ctx: Context) {\n const sanitizedUser = getService('user').sanitizeUser(ctx.state.user);\n strapi.eventHub.emit('admin.logout', { user: sanitizedUser });\n\n const bodyDeviceId = ctx.request.body?.deviceId as string | undefined;\n const deviceId = typeof bodyDeviceId === 'string' ? bodyDeviceId : undefined;\n\n // Clear cookie regardless of token validity\n ctx.cookies.set(REFRESH_COOKIE_NAME, '', {\n ...getRefreshCookieOptions(ctx.request.secure),\n expires: new Date(0),\n });\n\n try {\n const sessionManager = getSessionManager();\n if (sessionManager) {\n const userId = String(ctx.state.user.id);\n await sessionManager('admin').invalidateRefreshToken(userId, deviceId);\n }\n } catch (err) {\n strapi.log.error('Failed to revoke admin sessions during logout', err as any);\n }\n\n ctx.body = { data: {} };\n },\n};\n"],"names":["buildSessionMetadataFromContext","ctx","buildSessionMetadata","userAgent","request","headers","ApplicationError","ValidationError","errors","login","compose","next","validateLoginSessionInput","body","passport","authenticate","session","err","user","info","strapi","eventHub","emit","error","provider","details","code","notImplemented","Error","message","query","state","sanitizedUser","getService","sanitizeUser","sessionManager","getSessionManager","internalServerError","userId","String","id","deviceId","rememberMe","extractDeviceParams","token","refreshToken","absoluteExpiresAt","generateRefreshToken","type","metadata","cookieOptions","buildCookieOptionsWithExpiry","secure","cookies","set","REFRESH_COOKIE_NAME","accessResult","generateAccessToken","accessToken","data","log","registrationInfo","validateRegistrationInfoQuery","registrationToken","findRegistrationInfo","register","input","validateRegistrationInput","registerAdmin","validateAdminRegistrationInput","createFirstAdmin","telemetry","send","forgotPassword","validateForgotPasswordInput","status","resetPassword","validateResetPasswordInput","generateDeviceId","invalidateRefreshToken","get","unauthorized","rotation","rotateRefreshToken","result","opts","logout","bodyDeviceId","undefined","getRefreshCookieOptions","expires","Date"],"mappings":";;;;;;;;;;;;;;;;;;AAkCA,MAAMA,+BAAAA,GAAkC,CAACC,GAAAA,GACvCC,0BAAAA,CAAqB;AACnBC,QAAAA,SAAAA,EAAWF,GAAAA,CAAIG,OAAO,CAACC,OAAO,CAAC,YAAA;AACjC,KAAA,CAAA;AAEF,MAAM,EAAEC,gBAAgB,EAAEC,eAAe,EAAE,GAAGC,YAAAA;AAE9C,qBAAe;AACbC,IAAAA,KAAAA,EAAOC,wBAAAA,CAAQ;AACb,QAAA,OAAOT,GAAAA,EAAcU,IAAAA,GAAAA;AACnB,YAAA,MAAMC,MAA0BX,GAAAA,CAAIG,OAAO,CAACS,IAAI,IAAI,EAAC,CAAA;YACrD,OAAOF,IAAAA,EAAAA;AACT,QAAA,CAAA;AACA,QAAA,CAACV,GAAAA,EAAcU,IAAAA,GAAAA;YACb,OAAOG,yBAAAA,CAASC,YAAY,CAAC,OAAA,EAAS;gBAAEC,OAAAA,EAAS;aAAM,EAAG,CAACC,KAAKC,IAAAA,EAAMC,IAAAA,GAAAA;AACpE,gBAAA,IAAIF,GAAAA,EAAK;AACPG,oBAAAA,MAAAA,CAAOC,QAAQ,CAACC,IAAI,CAAC,kBAAA,EAAoB;wBAAEC,KAAAA,EAAON,GAAAA;wBAAKO,QAAAA,EAAU;AAAQ,qBAAA,CAAA;;AAEzE,oBAAA,IAAIP,GAAAA,CAAIQ,OAAO,EAAEC,IAAAA,KAAS,mBAAA,EAAqB;wBAC7C,MAAMT,GAAAA;AACR,oBAAA;;AAGA,oBAAA,OAAOhB,IAAI0B,cAAc,EAAA;AAC3B,gBAAA;AAEA,gBAAA,IAAI,CAACT,IAAAA,EAAM;AACTE,oBAAAA,MAAAA,CAAOC,QAAQ,CAACC,IAAI,CAAC,kBAAA,EAAoB;wBACvCC,KAAAA,EAAO,IAAIK,KAAAA,CAAMT,IAAAA,CAAKU,OAAO,CAAA;wBAC7BL,QAAAA,EAAU;AACZ,qBAAA,CAAA;oBACA,MAAM,IAAIlB,gBAAAA,CAAiBa,IAAAA,CAAKU,OAAO,CAAA;AACzC,gBAAA;gBAEA,MAAMC,KAAAA,GAAQ7B,IAAI8B,KAAK;AACvBD,gBAAAA,KAAAA,CAAMZ,IAAI,GAAGA,IAAAA;AAEb,gBAAA,MAAMc,aAAAA,GAAgBC,gBAAAA,CAAW,MAAA,CAAA,CAAQC,YAAY,CAAChB,IAAAA,CAAAA;AACtDE,gBAAAA,MAAAA,CAAOC,QAAQ,CAACC,IAAI,CAAC,oBAAA,EAAsB;oBAAEJ,IAAAA,EAAMc,aAAAA;oBAAeR,QAAAA,EAAU;AAAQ,iBAAA,CAAA;gBAEpF,OAAOb,IAAAA,EAAAA;AACT,YAAA,CAAA,CAAA,CAAGV,GAAAA,EAAKU,IAAAA,CAAAA;AACV,QAAA,CAAA;QACA,OAAOV,GAAAA,GAAAA;AACL,YAAA,MAAM,EAAEiB,IAAI,EAAE,GAAGjB,IAAI8B,KAAK;YAE1B,IAAI;AACF,gBAAA,MAAMI,cAAAA,GAAiBC,6BAAAA,EAAAA;AACvB,gBAAA,IAAI,CAACD,cAAAA,EAAgB;AACnB,oBAAA,OAAOlC,IAAIoC,mBAAmB,EAAA;AAChC,gBAAA;gBACA,MAAMC,MAAAA,GAASC,MAAAA,CAAOrB,IAAAA,CAAKsB,EAAE,CAAA;gBAC7B,MAAM,EAAEC,QAAQ,EAAEC,UAAU,EAAE,GAAGC,+BAAAA,CAAoB1C,GAAAA,CAAIG,OAAO,CAACS,IAAI,CAAA;AAErE,gBAAA,MAAM,EAAE+B,KAAAA,EAAOC,YAAY,EAAEC,iBAAiB,EAAE,GAAG,MAAMX,cAAAA,CACvD,OAAA,CAAA,CACAY,oBAAoB,CAACT,QAAQG,QAAAA,EAAU;AACvCO,oBAAAA,IAAAA,EAAMN,aAAa,SAAA,GAAY,SAAA;AAC/BO,oBAAAA,QAAAA,EAAUjD,+BAAAA,CAAgCC,GAAAA;AAC5C,iBAAA,CAAA;gBAEA,MAAMiD,aAAAA,GAAgBC,yCACpBT,UAAAA,GAAa,SAAA,GAAY,WACzBI,iBAAAA,EACA7C,GAAAA,CAAIG,OAAO,CAACgD,MAAM,CAAA;AAEpBnD,gBAAAA,GAAAA,CAAIoD,OAAO,CAACC,GAAG,CAACC,iCAAqBV,YAAAA,EAAcK,aAAAA,CAAAA;AAEnD,gBAAA,MAAMM,YAAAA,GAAe,MAAMrB,cAAAA,CAAe,OAAA,CAAA,CAASsB,mBAAmB,CAACZ,YAAAA,CAAAA;AACvE,gBAAA,IAAI,WAAWW,YAAAA,EAAc;AAC3B,oBAAA,OAAOvD,IAAIoC,mBAAmB,EAAA;AAChC,gBAAA;AAEA,gBAAA,MAAM,EAAEO,KAAAA,EAAOc,WAAW,EAAE,GAAGF,YAAAA;AAE/BvD,gBAAAA,GAAAA,CAAIY,IAAI,GAAG;oBACT8C,IAAAA,EAAM;wBACJf,KAAAA,EAAOc,WAAAA;AACPA,wBAAAA,WAAAA;AACAxC,wBAAAA,IAAAA,EAAMe,iBAAW,MAAA,CAAA,CAAQC,YAAY,CAACjC,GAAAA,CAAI8B,KAAK,CAACb,IAAI;AACtD;AACF,iBAAA;AACF,YAAA,CAAA,CAAE,OAAOK,KAAAA,EAAO;AACdH,gBAAAA,MAAAA,CAAOwC,GAAG,CAACrC,KAAK,CAAC,wCAAA,EAA0CA,KAAAA,CAAAA;AAC3D,gBAAA,OAAOtB,IAAIoC,mBAAmB,EAAA;AAChC,YAAA;AACF,QAAA;AACD,KAAA,CAAA;AAED,IAAA,MAAMwB,kBAAiB5D,GAAY,EAAA;AACjC,QAAA,MAAM6D,sCAAAA,CAA8B7D,GAAAA,CAAIG,OAAO,CAAC0B,KAAK,CAAA;AAErD,QAAA,MAAM,EAAEiC,iBAAiB,EAAE,GAAG9D,GAAAA,CAAIG,OAAO,CAAC0B,KAAK;AAE/C,QAAA,MAAM+B,gBAAAA,GAAmB,MAAM5B,gBAAAA,CAAW,MAAA,CAAA,CAAQ+B,oBAAoB,CAACD,iBAAAA,CAAAA;AAEvE,QAAA,IAAI,CAACF,gBAAAA,EAAkB;AACrB,YAAA,MAAM,IAAItD,eAAAA,CAAgB,2BAAA,CAAA;AAC5B,QAAA;AAEAN,QAAAA,GAAAA,CAAIY,IAAI,GAAG;YAAE8C,IAAAA,EAAME;AAAiB,SAAA;AACtC,IAAA,CAAA;AAEA,IAAA,MAAMI,UAAShE,GAAY,EAAA;AACzB,QAAA,MAAMiE,KAAAA,GAAQjE,GAAAA,CAAIG,OAAO,CAACS,IAAI;AAE9B,QAAA,MAAMsD,kCAAAA,CAA0BD,KAAAA,CAAAA;AAEhC,QAAA,MAAMhD,IAAAA,GAAO,MAAMe,gBAAAA,CAAW,MAAA,CAAA,CAAQgC,QAAQ,CAACC,KAAAA,CAAAA;QAE/C,IAAI;AACF,YAAA,MAAM/B,cAAAA,GAAiBC,6BAAAA,EAAAA;AACvB,YAAA,IAAI,CAACD,cAAAA,EAAgB;AACnB,gBAAA,OAAOlC,IAAIoC,mBAAmB,EAAA;AAChC,YAAA;YACA,MAAMC,MAAAA,GAASC,MAAAA,CAAOrB,IAAAA,CAAKsB,EAAE,CAAA;YAC7B,MAAM,EAAEC,QAAQ,EAAEC,UAAU,EAAE,GAAGC,+BAAAA,CAAoB1C,GAAAA,CAAIG,OAAO,CAACS,IAAI,CAAA;AAErE,YAAA,MAAM,EAAE+B,KAAAA,EAAOC,YAAY,EAAEC,iBAAiB,EAAE,GAAG,MAAMX,cAAAA,CACvD,OAAA,CAAA,CACAY,oBAAoB,CAACT,QAAQG,QAAAA,EAAU;AACvCO,gBAAAA,IAAAA,EAAMN,aAAa,SAAA,GAAY,SAAA;AAC/BO,gBAAAA,QAAAA,EAAUjD,+BAAAA,CAAgCC,GAAAA;AAC5C,aAAA,CAAA;YAEA,MAAMiD,aAAAA,GAAgBC,yCACpBT,UAAAA,GAAa,SAAA,GAAY,WACzBI,iBAAAA,EACA7C,GAAAA,CAAIG,OAAO,CAACgD,MAAM,CAAA;AAEpBnD,YAAAA,GAAAA,CAAIoD,OAAO,CAACC,GAAG,CAACC,iCAAqBV,YAAAA,EAAcK,aAAAA,CAAAA;AAEnD,YAAA,MAAMM,YAAAA,GAAe,MAAMrB,cAAAA,CAAe,OAAA,CAAA,CAASsB,mBAAmB,CAACZ,YAAAA,CAAAA;AACvE,YAAA,IAAI,WAAWW,YAAAA,EAAc;AAC3B,gBAAA,OAAOvD,IAAIoC,mBAAmB,EAAA;AAChC,YAAA;AAEA,YAAA,MAAM,EAAEO,KAAAA,EAAOc,WAAW,EAAE,GAAGF,YAAAA;AAE/BvD,YAAAA,GAAAA,CAAIY,IAAI,GAAG;gBACT8C,IAAAA,EAAM;oBACJf,KAAAA,EAAOc,WAAAA;AACPA,oBAAAA,WAAAA;oBACAxC,IAAAA,EAAMe,gBAAAA,CAAW,MAAA,CAAA,CAAQC,YAAY,CAAChB,IAAAA;AACxC;AACF,aAAA;AACF,QAAA,CAAA,CAAE,OAAOK,KAAAA,EAAO;AACdH,YAAAA,MAAAA,CAAOwC,GAAG,CAACrC,KAAK,CAAC,wDAAA,EAA0DA,KAAAA,CAAAA;AAC3E,YAAA,OAAOtB,IAAIoC,mBAAmB,EAAA;AAChC,QAAA;AACF,IAAA,CAAA;AAEA,IAAA,MAAM+B,eAAcnE,GAAY,EAAA;AAC9B,QAAA,MAAMiE,KAAAA,GAAQjE,GAAAA,CAAIG,OAAO,CAACS,IAAI;AAE9B,QAAA,MAAMwD,uCAAAA,CAA+BH,KAAAA,CAAAA;AAErC,QAAA,MAAMhD,IAAAA,GAAO,MAAMe,gBAAAA,CAAW,MAAA,CAAA,CAAQqC,gBAAgB,CAACJ,KAAAA,CAAAA;QAEvD9C,MAAAA,CAAOmD,SAAS,CAACC,IAAI,CAAC,qBAAA,CAAA;QAEtB,IAAI;AACF,YAAA,MAAMrC,cAAAA,GAAiBC,6BAAAA,EAAAA;AACvB,YAAA,IAAI,CAACD,cAAAA,EAAgB;AACnB,gBAAA,OAAOlC,IAAIoC,mBAAmB,EAAA;AAChC,YAAA;YACA,MAAMC,MAAAA,GAASC,MAAAA,CAAOrB,IAAAA,CAAKsB,EAAE,CAAA;YAC7B,MAAM,EAAEC,QAAQ,EAAEC,UAAU,EAAE,GAAGC,+BAAAA,CAAoB1C,GAAAA,CAAIG,OAAO,CAACS,IAAI,CAAA;AAErE,YAAA,MAAM,EAAE+B,KAAAA,EAAOC,YAAY,EAAEC,iBAAiB,EAAE,GAAG,MAAMX,cAAAA,CACvD,OAAA,CAAA,CACAY,oBAAoB,CAACT,QAAQG,QAAAA,EAAU;AACvCO,gBAAAA,IAAAA,EAAMN,aAAa,SAAA,GAAY,SAAA;AAC/BO,gBAAAA,QAAAA,EAAUjD,+BAAAA,CAAgCC,GAAAA;AAC5C,aAAA,CAAA;YAEA,MAAMiD,aAAAA,GAAgBC,yCACpBT,UAAAA,GAAa,SAAA,GAAY,WACzBI,iBAAAA,EACA7C,GAAAA,CAAIG,OAAO,CAACgD,MAAM,CAAA;AAEpBnD,YAAAA,GAAAA,CAAIoD,OAAO,CAACC,GAAG,CAACC,iCAAqBV,YAAAA,EAAcK,aAAAA,CAAAA;AAEnD,YAAA,MAAMM,YAAAA,GAAe,MAAMrB,cAAAA,CAAe,OAAA,CAAA,CAASsB,mBAAmB,CAACZ,YAAAA,CAAAA;AACvE,YAAA,IAAI,WAAWW,YAAAA,EAAc;AAC3B,gBAAA,OAAOvD,IAAIoC,mBAAmB,EAAA;AAChC,YAAA;AAEA,YAAA,MAAM,EAAEO,KAAAA,EAAOc,WAAW,EAAE,GAAGF,YAAAA;AAE/BvD,YAAAA,GAAAA,CAAIY,IAAI,GAAG;gBACT8C,IAAAA,EAAM;oBACJf,KAAAA,EAAOc,WAAAA;AACPA,oBAAAA,WAAAA;oBACAxC,IAAAA,EAAMe,gBAAAA,CAAW,MAAA,CAAA,CAAQC,YAAY,CAAChB,IAAAA;AACxC;AACF,aAAA;AACF,QAAA,CAAA,CAAE,OAAOK,KAAAA,EAAO;AACdH,YAAAA,MAAAA,CAAOwC,GAAG,CAACrC,KAAK,CAAC,8DAAA,EAAgEA,KAAAA,CAAAA;AACjF,YAAA,OAAOtB,IAAIoC,mBAAmB,EAAA;AAChC,QAAA;AACF,IAAA,CAAA;AAEA,IAAA,MAAMoC,gBAAexE,GAAY,EAAA;AAC/B,QAAA,MAAMiE,KAAAA,GAAQjE,GAAAA,CAAIG,OAAO,CAACS,IAAI;AAE9B,QAAA,MAAM6D,cAAAA,CAA4BR,KAAAA,CAAAA;QAElCjC,gBAAAA,CAAW,MAAA,CAAA,CAAQwC,cAAc,CAACP,KAAAA,CAAAA;AAElCjE,QAAAA,GAAAA,CAAI0E,MAAM,GAAG,GAAA;AACf,IAAA,CAAA;AAEA,IAAA,MAAMC,eAAc3E,GAAY,EAAA;AAC9B,QAAA,MAAMiE,KAAAA,GAAQjE,GAAAA,CAAIG,OAAO,CAACS,IAAI;AAE9B,QAAA,MAAMgE,aAAAA,CAA2BX,KAAAA,CAAAA;AAEjC,QAAA,MAAMhD,IAAAA,GAAO,MAAMe,gBAAAA,CAAW,MAAA,CAAA,CAAQ2C,aAAa,CAACV,KAAAA,CAAAA;;QAGpD,IAAI;AACF,YAAA,MAAM/B,cAAAA,GAAiBC,6BAAAA,EAAAA;AACvB,YAAA,IAAI,CAACD,cAAAA,EAAgB;AACnB,gBAAA,OAAOlC,IAAIoC,mBAAmB,EAAA;AAChC,YAAA;YAEA,MAAMC,MAAAA,GAASC,MAAAA,CAAOrB,IAAAA,CAAKsB,EAAE,CAAA;AAC7B,YAAA,MAAMC,QAAAA,GAAWqC,4BAAAA,EAAAA;;YAGjB,MAAM3C,cAAAA,CAAe,OAAA,CAAA,CAAS4C,sBAAsB,CAACzC,MAAAA,CAAAA;AAErD,YAAA,MAAM,EAAEM,KAAAA,EAAOC,YAAY,EAAEC,iBAAiB,EAAE,GAAG,MAAMX,cAAAA,CACvD,OAAA,CAAA,CACAY,oBAAoB,CAACT,QAAQG,QAAAA,EAAU;gBACvCO,IAAAA,EAAM,SAAA;AACNC,gBAAAA,QAAAA,EAAUjD,+BAAAA,CAAgCC,GAAAA;AAC5C,aAAA,CAAA;;AAGA,YAAA,MAAMiD,gBAAgBC,wCAAAA,CACpB,SAAA,EACAL,mBACA7C,GAAAA,CAAIG,OAAO,CAACgD,MAAM,CAAA;AAEpBnD,YAAAA,GAAAA,CAAIoD,OAAO,CAACC,GAAG,CAACC,iCAAqBV,YAAAA,EAAcK,aAAAA,CAAAA;AAEnD,YAAA,MAAMM,YAAAA,GAAe,MAAMrB,cAAAA,CAAe,OAAA,CAAA,CAASsB,mBAAmB,CAACZ,YAAAA,CAAAA;AACvE,YAAA,IAAI,WAAWW,YAAAA,EAAc;AAC3B,gBAAA,OAAOvD,IAAIoC,mBAAmB,EAAA;AAChC,YAAA;YAEA,MAAM,EAAEO,KAAK,EAAE,GAAGY,YAAAA;AAElBvD,YAAAA,GAAAA,CAAIY,IAAI,GAAG;gBACT8C,IAAAA,EAAM;AACJf,oBAAAA,KAAAA;oBACA1B,IAAAA,EAAMe,gBAAAA,CAAW,MAAA,CAAA,CAAQC,YAAY,CAAChB,IAAAA;AACxC;AACF,aAAA;AACF,QAAA,CAAA,CAAE,OAAOD,GAAAA,EAAK;AACZG,YAAAA,MAAAA,CAAOwC,GAAG,CAACrC,KAAK,CAAC,8DAAA,EAAgEN,GAAAA,CAAAA;AACjF,YAAA,OAAOhB,IAAIoC,mBAAmB,EAAA;AAChC,QAAA;AACF,IAAA,CAAA;AAEA,IAAA,MAAMqB,aAAYzD,GAAY,EAAA;AAC5B,QAAA,MAAM4C,YAAAA,GAAe5C,GAAAA,CAAIoD,OAAO,CAAC2B,GAAG,CAACzB,+BAAAA,CAAAA;AAErC,QAAA,IAAI,CAACV,YAAAA,EAAc;YACjB,OAAO5C,GAAAA,CAAIgF,YAAY,CAAC,uBAAA,CAAA;AAC1B,QAAA;QAEA,IAAI;AACF,YAAA,MAAM9C,cAAAA,GAAiBC,6BAAAA,EAAAA;AACvB,YAAA,IAAI,CAACD,cAAAA,EAAgB;AACnB,gBAAA,OAAOlC,IAAIoC,mBAAmB,EAAA;AAChC,YAAA;;;AAIA,YAAA,MAAM6C,QAAAA,GAAW,MAAM/C,cAAAA,CAAe,OAAA,CAAA,CAASgD,kBAAkB,CAACtC,YAAAA,CAAAA;AAClE,YAAA,IAAI,WAAWqC,QAAAA,EAAU;gBACvB,OAAOjF,GAAAA,CAAIgF,YAAY,CAAC,uBAAA,CAAA;AAC1B,YAAA;AAEA,YAAA,MAAMG,SAAS,MAAMjD,cAAAA,CAAe,SAASsB,mBAAmB,CAACyB,SAAStC,KAAK,CAAA;AAC/E,YAAA,IAAI,WAAWwC,MAAAA,EAAQ;gBACrB,OAAOnF,GAAAA,CAAIgF,YAAY,CAAC,uBAAA,CAAA;AAC1B,YAAA;YAEA,MAAM,EAAErC,KAAK,EAAE,GAAGwC,MAAAA;;YAElB,MAAMC,IAAAA,GAAOlC,wCAAAA,CACX+B,QAAAA,CAASlC,IAAI,EACbkC,QAAAA,CAASpC,iBAAiB,EAC1B7C,GAAAA,CAAIG,OAAO,CAACgD,MAAM,CAAA;AAGpBnD,YAAAA,GAAAA,CAAIoD,OAAO,CAACC,GAAG,CAACC,+BAAAA,EAAqB2B,QAAAA,CAAStC,KAAK,EAAEyC,IAAAA,CAAAA;AACrDpF,YAAAA,GAAAA,CAAIY,IAAI,GAAG;gBAAE8C,IAAAA,EAAM;AAAEf,oBAAAA;AAAM;AAAE,aAAA;AAC/B,QAAA,CAAA,CAAE,OAAO3B,GAAAA,EAAK;AACZG,YAAAA,MAAAA,CAAOwC,GAAG,CAACrC,KAAK,CAAC,oDAAA,EAAsDN,GAAAA,CAAAA;AACvE,YAAA,OAAOhB,IAAIoC,mBAAmB,EAAA;AAChC,QAAA;AACF,IAAA,CAAA;AAEA,IAAA,MAAMiD,QAAOrF,GAAY,EAAA;QACvB,MAAM+B,aAAAA,GAAgBC,iBAAW,MAAA,CAAA,CAAQC,YAAY,CAACjC,GAAAA,CAAI8B,KAAK,CAACb,IAAI,CAAA;AACpEE,QAAAA,MAAAA,CAAOC,QAAQ,CAACC,IAAI,CAAC,cAAA,EAAgB;YAAEJ,IAAAA,EAAMc;AAAc,SAAA,CAAA;AAE3D,QAAA,MAAMuD,YAAAA,GAAetF,GAAAA,CAAIG,OAAO,CAACS,IAAI,EAAE4B,QAAAA;AACvC,QAAA,MAAMA,QAAAA,GAAW,OAAO8C,YAAAA,KAAiB,QAAA,GAAWA,YAAAA,GAAeC,SAAAA;;AAGnEvF,QAAAA,GAAAA,CAAIoD,OAAO,CAACC,GAAG,CAACC,iCAAqB,EAAA,EAAI;AACvC,YAAA,GAAGkC,mCAAAA,CAAwBxF,GAAAA,CAAIG,OAAO,CAACgD,MAAM,CAAC;AAC9CsC,YAAAA,OAAAA,EAAS,IAAIC,IAAAA,CAAK,CAAA;AACpB,SAAA,CAAA;QAEA,IAAI;AACF,YAAA,MAAMxD,cAAAA,GAAiBC,6BAAAA,EAAAA;AACvB,YAAA,IAAID,cAAAA,EAAgB;AAClB,gBAAA,MAAMG,SAASC,MAAAA,CAAOtC,GAAAA,CAAI8B,KAAK,CAACb,IAAI,CAACsB,EAAE,CAAA;AACvC,gBAAA,MAAML,cAAAA,CAAe,OAAA,CAAA,CAAS4C,sBAAsB,CAACzC,MAAAA,EAAQG,QAAAA,CAAAA;AAC/D,YAAA;AACF,QAAA,CAAA,CAAE,OAAOxB,GAAAA,EAAK;AACZG,YAAAA,MAAAA,CAAOwC,GAAG,CAACrC,KAAK,CAAC,+CAAA,EAAiDN,GAAAA,CAAAA;AACpE,QAAA;AAEAhB,QAAAA,GAAAA,CAAIY,IAAI,GAAG;AAAE8C,YAAAA,IAAAA,EAAM;AAAG,SAAA;AACxB,IAAA;AACF,CAAA;;;;"}
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import passport from 'koa-passport';
|
|
2
2
|
import compose from 'koa-compose';
|
|
3
3
|
import '@strapi/types';
|
|
4
|
-
import { errors } from '@strapi/utils';
|
|
4
|
+
import { errors, buildSessionMetadata } from '@strapi/utils';
|
|
5
5
|
import { getService } from '../utils/index.mjs';
|
|
6
6
|
import { getSessionManager, extractDeviceParams, buildCookieOptionsWithExpiry, REFRESH_COOKIE_NAME, getRefreshCookieOptions, generateDeviceId } from '../../../shared/utils/session-auth.mjs';
|
|
7
7
|
import { validateAdminRegistrationInput, validateRegistrationInput, validateRegistrationInfoQuery } from '../validation/authentication/register.mjs';
|
|
@@ -9,6 +9,9 @@ import validateForgotPasswordInput from '../validation/authentication/forgot-pas
|
|
|
9
9
|
import validateResetPasswordInput from '../validation/authentication/reset-password.mjs';
|
|
10
10
|
import validateLoginSessionInput from '../validation/authentication/login.mjs';
|
|
11
11
|
|
|
12
|
+
const buildSessionMetadataFromContext = (ctx)=>buildSessionMetadata({
|
|
13
|
+
userAgent: ctx.request.headers['user-agent']
|
|
14
|
+
});
|
|
12
15
|
const { ApplicationError, ValidationError } = errors;
|
|
13
16
|
var authentication = {
|
|
14
17
|
login: compose([
|
|
@@ -59,7 +62,8 @@ var authentication = {
|
|
|
59
62
|
const userId = String(user.id);
|
|
60
63
|
const { deviceId, rememberMe } = extractDeviceParams(ctx.request.body);
|
|
61
64
|
const { token: refreshToken, absoluteExpiresAt } = await sessionManager('admin').generateRefreshToken(userId, deviceId, {
|
|
62
|
-
type: rememberMe ? 'refresh' : 'session'
|
|
65
|
+
type: rememberMe ? 'refresh' : 'session',
|
|
66
|
+
metadata: buildSessionMetadataFromContext(ctx)
|
|
63
67
|
});
|
|
64
68
|
const cookieOptions = buildCookieOptionsWithExpiry(rememberMe ? 'refresh' : 'session', absoluteExpiresAt, ctx.request.secure);
|
|
65
69
|
ctx.cookies.set(REFRESH_COOKIE_NAME, refreshToken, cookieOptions);
|
|
@@ -104,7 +108,8 @@ var authentication = {
|
|
|
104
108
|
const userId = String(user.id);
|
|
105
109
|
const { deviceId, rememberMe } = extractDeviceParams(ctx.request.body);
|
|
106
110
|
const { token: refreshToken, absoluteExpiresAt } = await sessionManager('admin').generateRefreshToken(userId, deviceId, {
|
|
107
|
-
type: rememberMe ? 'refresh' : 'session'
|
|
111
|
+
type: rememberMe ? 'refresh' : 'session',
|
|
112
|
+
metadata: buildSessionMetadataFromContext(ctx)
|
|
108
113
|
});
|
|
109
114
|
const cookieOptions = buildCookieOptionsWithExpiry(rememberMe ? 'refresh' : 'session', absoluteExpiresAt, ctx.request.secure);
|
|
110
115
|
ctx.cookies.set(REFRESH_COOKIE_NAME, refreshToken, cookieOptions);
|
|
@@ -138,7 +143,8 @@ var authentication = {
|
|
|
138
143
|
const userId = String(user.id);
|
|
139
144
|
const { deviceId, rememberMe } = extractDeviceParams(ctx.request.body);
|
|
140
145
|
const { token: refreshToken, absoluteExpiresAt } = await sessionManager('admin').generateRefreshToken(userId, deviceId, {
|
|
141
|
-
type: rememberMe ? 'refresh' : 'session'
|
|
146
|
+
type: rememberMe ? 'refresh' : 'session',
|
|
147
|
+
metadata: buildSessionMetadataFromContext(ctx)
|
|
142
148
|
});
|
|
143
149
|
const cookieOptions = buildCookieOptionsWithExpiry(rememberMe ? 'refresh' : 'session', absoluteExpiresAt, ctx.request.secure);
|
|
144
150
|
ctx.cookies.set(REFRESH_COOKIE_NAME, refreshToken, cookieOptions);
|
|
@@ -180,7 +186,8 @@ var authentication = {
|
|
|
180
186
|
// Invalidate all existing sessions before creating a new one
|
|
181
187
|
await sessionManager('admin').invalidateRefreshToken(userId);
|
|
182
188
|
const { token: refreshToken, absoluteExpiresAt } = await sessionManager('admin').generateRefreshToken(userId, deviceId, {
|
|
183
|
-
type: 'session'
|
|
189
|
+
type: 'session',
|
|
190
|
+
metadata: buildSessionMetadataFromContext(ctx)
|
|
184
191
|
});
|
|
185
192
|
// No rememberMe flow here; expire with session by default (session cookie)
|
|
186
193
|
const cookieOptions = buildCookieOptionsWithExpiry('session', absoluteExpiresAt, ctx.request.secure);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authentication.mjs","sources":["../../../../../server/src/controllers/authentication.ts"],"sourcesContent":["import type { Context, Next } from 'koa';\nimport passport from 'koa-passport';\nimport compose from 'koa-compose';\nimport '@strapi/types';\nimport { errors } from '@strapi/utils';\nimport { getService } from '../utils';\nimport {\n REFRESH_COOKIE_NAME,\n buildCookieOptionsWithExpiry,\n getSessionManager,\n extractDeviceParams,\n generateDeviceId,\n getRefreshCookieOptions,\n} from '../../../shared/utils/session-auth';\n\nimport {\n validateRegistrationInput,\n validateAdminRegistrationInput,\n validateRegistrationInfoQuery,\n validateForgotPasswordInput,\n validateResetPasswordInput,\n validateLoginSessionInput,\n} from '../validation/authentication';\n\nimport type {\n ForgotPassword,\n Login,\n Register,\n RegisterAdmin,\n RegistrationInfo,\n ResetPassword,\n} from '../../../shared/contracts/authentication';\nimport { AdminUser } from '../../../shared/contracts/shared';\n\nconst { ApplicationError, ValidationError } = errors;\n\nexport default {\n login: compose([\n async (ctx: Context, next: Next) => {\n await validateLoginSessionInput(ctx.request.body ?? {});\n return next();\n },\n (ctx: Context, next: Next) => {\n return passport.authenticate('local', { session: false }, (err, user, info) => {\n if (err) {\n strapi.eventHub.emit('admin.auth.error', { error: err, provider: 'local' });\n // if this is a recognized error, allow it to bubble up to user\n if (err.details?.code === 'LOGIN_NOT_ALLOWED') {\n throw err;\n }\n\n // for all other errors throw a generic error to prevent leaking info\n return ctx.notImplemented();\n }\n\n if (!user) {\n strapi.eventHub.emit('admin.auth.error', {\n error: new Error(info.message),\n provider: 'local',\n });\n throw new ApplicationError(info.message);\n }\n\n const query = ctx.state as Login.Request['query'];\n query.user = user;\n\n const sanitizedUser = getService('user').sanitizeUser(user);\n strapi.eventHub.emit('admin.auth.success', { user: sanitizedUser, provider: 'local' });\n\n return next();\n })(ctx, next);\n },\n async (ctx: Context) => {\n const { user } = ctx.state as { user: AdminUser };\n\n try {\n const sessionManager = getSessionManager();\n if (!sessionManager) {\n return ctx.internalServerError();\n }\n const userId = String(user.id);\n const { deviceId, rememberMe } = extractDeviceParams(ctx.request.body);\n\n const { token: refreshToken, absoluteExpiresAt } = await sessionManager(\n 'admin'\n ).generateRefreshToken(userId, deviceId, {\n type: rememberMe ? 'refresh' : 'session',\n });\n\n const cookieOptions = buildCookieOptionsWithExpiry(\n rememberMe ? 'refresh' : 'session',\n absoluteExpiresAt,\n ctx.request.secure\n );\n ctx.cookies.set(REFRESH_COOKIE_NAME, refreshToken, cookieOptions);\n\n const accessResult = await sessionManager('admin').generateAccessToken(refreshToken);\n if ('error' in accessResult) {\n return ctx.internalServerError();\n }\n\n const { token: accessToken } = accessResult;\n\n ctx.body = {\n data: {\n token: accessToken,\n accessToken,\n user: getService('user').sanitizeUser(ctx.state.user),\n },\n } satisfies Login.Response;\n } catch (error) {\n strapi.log.error('Failed to create admin refresh session', error);\n return ctx.internalServerError();\n }\n },\n ]),\n\n async registrationInfo(ctx: Context) {\n await validateRegistrationInfoQuery(ctx.request.query);\n\n const { registrationToken } = ctx.request.query as RegistrationInfo.Request['query'];\n\n const registrationInfo = await getService('user').findRegistrationInfo(registrationToken);\n\n if (!registrationInfo) {\n throw new ValidationError('Invalid registrationToken');\n }\n\n ctx.body = { data: registrationInfo } satisfies RegistrationInfo.Response;\n },\n\n async register(ctx: Context) {\n const input = ctx.request.body as Register.Request['body'];\n\n await validateRegistrationInput(input);\n\n const user = await getService('user').register(input);\n\n try {\n const sessionManager = getSessionManager();\n if (!sessionManager) {\n return ctx.internalServerError();\n }\n const userId = String(user.id);\n const { deviceId, rememberMe } = extractDeviceParams(ctx.request.body);\n\n const { token: refreshToken, absoluteExpiresAt } = await sessionManager(\n 'admin'\n ).generateRefreshToken(userId, deviceId, { type: rememberMe ? 'refresh' : 'session' });\n\n const cookieOptions = buildCookieOptionsWithExpiry(\n rememberMe ? 'refresh' : 'session',\n absoluteExpiresAt,\n ctx.request.secure\n );\n ctx.cookies.set(REFRESH_COOKIE_NAME, refreshToken, cookieOptions);\n\n const accessResult = await sessionManager('admin').generateAccessToken(refreshToken);\n if ('error' in accessResult) {\n return ctx.internalServerError();\n }\n\n const { token: accessToken } = accessResult;\n\n ctx.body = {\n data: {\n token: accessToken,\n accessToken,\n user: getService('user').sanitizeUser(user),\n },\n } satisfies Register.Response;\n } catch (error) {\n strapi.log.error('Failed to create admin refresh session during register', error);\n return ctx.internalServerError();\n }\n },\n\n async registerAdmin(ctx: Context) {\n const input = ctx.request.body as RegisterAdmin.Request['body'];\n\n await validateAdminRegistrationInput(input);\n\n const user = await getService('user').createFirstAdmin(input);\n\n strapi.telemetry.send('didCreateFirstAdmin');\n\n try {\n const sessionManager = getSessionManager();\n if (!sessionManager) {\n return ctx.internalServerError();\n }\n const userId = String(user.id);\n const { deviceId, rememberMe } = extractDeviceParams(ctx.request.body);\n\n const { token: refreshToken, absoluteExpiresAt } = await sessionManager(\n 'admin'\n ).generateRefreshToken(userId, deviceId, { type: rememberMe ? 'refresh' : 'session' });\n\n const cookieOptions = buildCookieOptionsWithExpiry(\n rememberMe ? 'refresh' : 'session',\n absoluteExpiresAt,\n ctx.request.secure\n );\n ctx.cookies.set(REFRESH_COOKIE_NAME, refreshToken, cookieOptions);\n\n const accessResult = await sessionManager('admin').generateAccessToken(refreshToken);\n if ('error' in accessResult) {\n return ctx.internalServerError();\n }\n\n const { token: accessToken } = accessResult;\n\n ctx.body = {\n data: {\n token: accessToken,\n accessToken,\n user: getService('user').sanitizeUser(user),\n },\n } satisfies RegisterAdmin.Response;\n } catch (error) {\n strapi.log.error('Failed to create admin refresh session during register-admin', error);\n return ctx.internalServerError();\n }\n },\n\n async forgotPassword(ctx: Context) {\n const input = ctx.request.body as ForgotPassword.Request['body'];\n\n await validateForgotPasswordInput(input);\n\n getService('auth').forgotPassword(input);\n\n ctx.status = 204;\n },\n\n async resetPassword(ctx: Context) {\n const input = ctx.request.body as ResetPassword.Request['body'];\n\n await validateResetPasswordInput(input);\n\n const user = await getService('auth').resetPassword(input);\n\n // Issue a new admin refresh session and access token after password reset.\n try {\n const sessionManager = getSessionManager();\n if (!sessionManager) {\n return ctx.internalServerError();\n }\n\n const userId = String(user.id);\n const deviceId = generateDeviceId();\n\n // Invalidate all existing sessions before creating a new one\n await sessionManager('admin').invalidateRefreshToken(userId);\n\n const { token: refreshToken, absoluteExpiresAt } = await sessionManager(\n 'admin'\n ).generateRefreshToken(userId, deviceId, { type: 'session' });\n\n // No rememberMe flow here; expire with session by default (session cookie)\n const cookieOptions = buildCookieOptionsWithExpiry(\n 'session',\n absoluteExpiresAt,\n ctx.request.secure\n );\n ctx.cookies.set(REFRESH_COOKIE_NAME, refreshToken, cookieOptions);\n\n const accessResult = await sessionManager('admin').generateAccessToken(refreshToken);\n if ('error' in accessResult) {\n return ctx.internalServerError();\n }\n\n const { token } = accessResult;\n\n ctx.body = {\n data: {\n token,\n user: getService('user').sanitizeUser(user),\n },\n } satisfies ResetPassword.Response;\n } catch (err) {\n strapi.log.error('Failed to create admin refresh session during reset-password', err as any);\n return ctx.internalServerError();\n }\n },\n\n async accessToken(ctx: Context) {\n const refreshToken = ctx.cookies.get(REFRESH_COOKIE_NAME);\n\n if (!refreshToken) {\n return ctx.unauthorized('Missing refresh token');\n }\n\n try {\n const sessionManager = getSessionManager();\n if (!sessionManager) {\n return ctx.internalServerError();\n }\n\n // Single-use renewal: rotate on access exchange, then create access token\n // from the new refresh token\n const rotation = await sessionManager('admin').rotateRefreshToken(refreshToken);\n if ('error' in rotation) {\n return ctx.unauthorized('Invalid refresh token');\n }\n\n const result = await sessionManager('admin').generateAccessToken(rotation.token);\n if ('error' in result) {\n return ctx.unauthorized('Invalid refresh token');\n }\n\n const { token } = result;\n // Preserve session-vs-remember mode using rotation.type and rotation.absoluteExpiresAt\n const opts = buildCookieOptionsWithExpiry(\n rotation.type,\n rotation.absoluteExpiresAt,\n ctx.request.secure\n );\n\n ctx.cookies.set(REFRESH_COOKIE_NAME, rotation.token, opts);\n ctx.body = { data: { token } };\n } catch (err) {\n strapi.log.error('Failed to generate access token from refresh token', err as any);\n return ctx.internalServerError();\n }\n },\n\n async logout(ctx: Context) {\n const sanitizedUser = getService('user').sanitizeUser(ctx.state.user);\n strapi.eventHub.emit('admin.logout', { user: sanitizedUser });\n\n const bodyDeviceId = ctx.request.body?.deviceId as string | undefined;\n const deviceId = typeof bodyDeviceId === 'string' ? bodyDeviceId : undefined;\n\n // Clear cookie regardless of token validity\n ctx.cookies.set(REFRESH_COOKIE_NAME, '', {\n ...getRefreshCookieOptions(ctx.request.secure),\n expires: new Date(0),\n });\n\n try {\n const sessionManager = getSessionManager();\n if (sessionManager) {\n const userId = String(ctx.state.user.id);\n await sessionManager('admin').invalidateRefreshToken(userId, deviceId);\n }\n } catch (err) {\n strapi.log.error('Failed to revoke admin sessions during logout', err as any);\n }\n\n ctx.body = { data: {} };\n },\n};\n"],"names":["ApplicationError","ValidationError","errors","login","compose","ctx","next","validateLoginSessionInput","request","body","passport","authenticate","session","err","user","info","strapi","eventHub","emit","error","provider","details","code","notImplemented","Error","message","query","state","sanitizedUser","getService","sanitizeUser","sessionManager","getSessionManager","internalServerError","userId","String","id","deviceId","rememberMe","extractDeviceParams","token","refreshToken","absoluteExpiresAt","generateRefreshToken","type","cookieOptions","buildCookieOptionsWithExpiry","secure","cookies","set","REFRESH_COOKIE_NAME","accessResult","generateAccessToken","accessToken","data","log","registrationInfo","validateRegistrationInfoQuery","registrationToken","findRegistrationInfo","register","input","validateRegistrationInput","registerAdmin","validateAdminRegistrationInput","createFirstAdmin","telemetry","send","forgotPassword","validateForgotPasswordInput","status","resetPassword","validateResetPasswordInput","generateDeviceId","invalidateRefreshToken","get","unauthorized","rotation","rotateRefreshToken","result","opts","logout","bodyDeviceId","undefined","getRefreshCookieOptions","expires","Date"],"mappings":";;;;;;;;;;;AAkCA,MAAM,EAAEA,gBAAgB,EAAEC,eAAe,EAAE,GAAGC,MAAAA;AAE9C,qBAAe;AACbC,IAAAA,KAAAA,EAAOC,OAAAA,CAAQ;AACb,QAAA,OAAOC,GAAAA,EAAcC,IAAAA,GAAAA;AACnB,YAAA,MAAMC,0BAA0BF,GAAAA,CAAIG,OAAO,CAACC,IAAI,IAAI,EAAC,CAAA;YACrD,OAAOH,IAAAA,EAAAA;AACT,QAAA,CAAA;AACA,QAAA,CAACD,GAAAA,EAAcC,IAAAA,GAAAA;YACb,OAAOI,QAAAA,CAASC,YAAY,CAAC,OAAA,EAAS;gBAAEC,OAAAA,EAAS;aAAM,EAAG,CAACC,KAAKC,IAAAA,EAAMC,IAAAA,GAAAA;AACpE,gBAAA,IAAIF,GAAAA,EAAK;AACPG,oBAAAA,MAAAA,CAAOC,QAAQ,CAACC,IAAI,CAAC,kBAAA,EAAoB;wBAAEC,KAAAA,EAAON,GAAAA;wBAAKO,QAAAA,EAAU;AAAQ,qBAAA,CAAA;;AAEzE,oBAAA,IAAIP,GAAAA,CAAIQ,OAAO,EAAEC,IAAAA,KAAS,mBAAA,EAAqB;wBAC7C,MAAMT,GAAAA;AACR,oBAAA;;AAGA,oBAAA,OAAOR,IAAIkB,cAAc,EAAA;AAC3B,gBAAA;AAEA,gBAAA,IAAI,CAACT,IAAAA,EAAM;AACTE,oBAAAA,MAAAA,CAAOC,QAAQ,CAACC,IAAI,CAAC,kBAAA,EAAoB;wBACvCC,KAAAA,EAAO,IAAIK,KAAAA,CAAMT,IAAAA,CAAKU,OAAO,CAAA;wBAC7BL,QAAAA,EAAU;AACZ,qBAAA,CAAA;oBACA,MAAM,IAAIpB,gBAAAA,CAAiBe,IAAAA,CAAKU,OAAO,CAAA;AACzC,gBAAA;gBAEA,MAAMC,KAAAA,GAAQrB,IAAIsB,KAAK;AACvBD,gBAAAA,KAAAA,CAAMZ,IAAI,GAAGA,IAAAA;AAEb,gBAAA,MAAMc,aAAAA,GAAgBC,UAAAA,CAAW,MAAA,CAAA,CAAQC,YAAY,CAAChB,IAAAA,CAAAA;AACtDE,gBAAAA,MAAAA,CAAOC,QAAQ,CAACC,IAAI,CAAC,oBAAA,EAAsB;oBAAEJ,IAAAA,EAAMc,aAAAA;oBAAeR,QAAAA,EAAU;AAAQ,iBAAA,CAAA;gBAEpF,OAAOd,IAAAA,EAAAA;AACT,YAAA,CAAA,CAAA,CAAGD,GAAAA,EAAKC,IAAAA,CAAAA;AACV,QAAA,CAAA;QACA,OAAOD,GAAAA,GAAAA;AACL,YAAA,MAAM,EAAES,IAAI,EAAE,GAAGT,IAAIsB,KAAK;YAE1B,IAAI;AACF,gBAAA,MAAMI,cAAAA,GAAiBC,iBAAAA,EAAAA;AACvB,gBAAA,IAAI,CAACD,cAAAA,EAAgB;AACnB,oBAAA,OAAO1B,IAAI4B,mBAAmB,EAAA;AAChC,gBAAA;gBACA,MAAMC,MAAAA,GAASC,MAAAA,CAAOrB,IAAAA,CAAKsB,EAAE,CAAA;gBAC7B,MAAM,EAAEC,QAAQ,EAAEC,UAAU,EAAE,GAAGC,mBAAAA,CAAoBlC,GAAAA,CAAIG,OAAO,CAACC,IAAI,CAAA;AAErE,gBAAA,MAAM,EAAE+B,KAAAA,EAAOC,YAAY,EAAEC,iBAAiB,EAAE,GAAG,MAAMX,cAAAA,CACvD,OAAA,CAAA,CACAY,oBAAoB,CAACT,QAAQG,QAAAA,EAAU;AACvCO,oBAAAA,IAAAA,EAAMN,aAAa,SAAA,GAAY;AACjC,iBAAA,CAAA;gBAEA,MAAMO,aAAAA,GAAgBC,6BACpBR,UAAAA,GAAa,SAAA,GAAY,WACzBI,iBAAAA,EACArC,GAAAA,CAAIG,OAAO,CAACuC,MAAM,CAAA;AAEpB1C,gBAAAA,GAAAA,CAAI2C,OAAO,CAACC,GAAG,CAACC,qBAAqBT,YAAAA,EAAcI,aAAAA,CAAAA;AAEnD,gBAAA,MAAMM,YAAAA,GAAe,MAAMpB,cAAAA,CAAe,OAAA,CAAA,CAASqB,mBAAmB,CAACX,YAAAA,CAAAA;AACvE,gBAAA,IAAI,WAAWU,YAAAA,EAAc;AAC3B,oBAAA,OAAO9C,IAAI4B,mBAAmB,EAAA;AAChC,gBAAA;AAEA,gBAAA,MAAM,EAAEO,KAAAA,EAAOa,WAAW,EAAE,GAAGF,YAAAA;AAE/B9C,gBAAAA,GAAAA,CAAII,IAAI,GAAG;oBACT6C,IAAAA,EAAM;wBACJd,KAAAA,EAAOa,WAAAA;AACPA,wBAAAA,WAAAA;AACAvC,wBAAAA,IAAAA,EAAMe,WAAW,MAAA,CAAA,CAAQC,YAAY,CAACzB,GAAAA,CAAIsB,KAAK,CAACb,IAAI;AACtD;AACF,iBAAA;AACF,YAAA,CAAA,CAAE,OAAOK,KAAAA,EAAO;AACdH,gBAAAA,MAAAA,CAAOuC,GAAG,CAACpC,KAAK,CAAC,wCAAA,EAA0CA,KAAAA,CAAAA;AAC3D,gBAAA,OAAOd,IAAI4B,mBAAmB,EAAA;AAChC,YAAA;AACF,QAAA;AACD,KAAA,CAAA;AAED,IAAA,MAAMuB,kBAAiBnD,GAAY,EAAA;AACjC,QAAA,MAAMoD,6BAAAA,CAA8BpD,GAAAA,CAAIG,OAAO,CAACkB,KAAK,CAAA;AAErD,QAAA,MAAM,EAAEgC,iBAAiB,EAAE,GAAGrD,GAAAA,CAAIG,OAAO,CAACkB,KAAK;AAE/C,QAAA,MAAM8B,gBAAAA,GAAmB,MAAM3B,UAAAA,CAAW,MAAA,CAAA,CAAQ8B,oBAAoB,CAACD,iBAAAA,CAAAA;AAEvE,QAAA,IAAI,CAACF,gBAAAA,EAAkB;AACrB,YAAA,MAAM,IAAIvD,eAAAA,CAAgB,2BAAA,CAAA;AAC5B,QAAA;AAEAI,QAAAA,GAAAA,CAAII,IAAI,GAAG;YAAE6C,IAAAA,EAAME;AAAiB,SAAA;AACtC,IAAA,CAAA;AAEA,IAAA,MAAMI,UAASvD,GAAY,EAAA;AACzB,QAAA,MAAMwD,KAAAA,GAAQxD,GAAAA,CAAIG,OAAO,CAACC,IAAI;AAE9B,QAAA,MAAMqD,yBAAAA,CAA0BD,KAAAA,CAAAA;AAEhC,QAAA,MAAM/C,IAAAA,GAAO,MAAMe,UAAAA,CAAW,MAAA,CAAA,CAAQ+B,QAAQ,CAACC,KAAAA,CAAAA;QAE/C,IAAI;AACF,YAAA,MAAM9B,cAAAA,GAAiBC,iBAAAA,EAAAA;AACvB,YAAA,IAAI,CAACD,cAAAA,EAAgB;AACnB,gBAAA,OAAO1B,IAAI4B,mBAAmB,EAAA;AAChC,YAAA;YACA,MAAMC,MAAAA,GAASC,MAAAA,CAAOrB,IAAAA,CAAKsB,EAAE,CAAA;YAC7B,MAAM,EAAEC,QAAQ,EAAEC,UAAU,EAAE,GAAGC,mBAAAA,CAAoBlC,GAAAA,CAAIG,OAAO,CAACC,IAAI,CAAA;AAErE,YAAA,MAAM,EAAE+B,KAAAA,EAAOC,YAAY,EAAEC,iBAAiB,EAAE,GAAG,MAAMX,cAAAA,CACvD,OAAA,CAAA,CACAY,oBAAoB,CAACT,QAAQG,QAAAA,EAAU;AAAEO,gBAAAA,IAAAA,EAAMN,aAAa,SAAA,GAAY;AAAU,aAAA,CAAA;YAEpF,MAAMO,aAAAA,GAAgBC,6BACpBR,UAAAA,GAAa,SAAA,GAAY,WACzBI,iBAAAA,EACArC,GAAAA,CAAIG,OAAO,CAACuC,MAAM,CAAA;AAEpB1C,YAAAA,GAAAA,CAAI2C,OAAO,CAACC,GAAG,CAACC,qBAAqBT,YAAAA,EAAcI,aAAAA,CAAAA;AAEnD,YAAA,MAAMM,YAAAA,GAAe,MAAMpB,cAAAA,CAAe,OAAA,CAAA,CAASqB,mBAAmB,CAACX,YAAAA,CAAAA;AACvE,YAAA,IAAI,WAAWU,YAAAA,EAAc;AAC3B,gBAAA,OAAO9C,IAAI4B,mBAAmB,EAAA;AAChC,YAAA;AAEA,YAAA,MAAM,EAAEO,KAAAA,EAAOa,WAAW,EAAE,GAAGF,YAAAA;AAE/B9C,YAAAA,GAAAA,CAAII,IAAI,GAAG;gBACT6C,IAAAA,EAAM;oBACJd,KAAAA,EAAOa,WAAAA;AACPA,oBAAAA,WAAAA;oBACAvC,IAAAA,EAAMe,UAAAA,CAAW,MAAA,CAAA,CAAQC,YAAY,CAAChB,IAAAA;AACxC;AACF,aAAA;AACF,QAAA,CAAA,CAAE,OAAOK,KAAAA,EAAO;AACdH,YAAAA,MAAAA,CAAOuC,GAAG,CAACpC,KAAK,CAAC,wDAAA,EAA0DA,KAAAA,CAAAA;AAC3E,YAAA,OAAOd,IAAI4B,mBAAmB,EAAA;AAChC,QAAA;AACF,IAAA,CAAA;AAEA,IAAA,MAAM8B,eAAc1D,GAAY,EAAA;AAC9B,QAAA,MAAMwD,KAAAA,GAAQxD,GAAAA,CAAIG,OAAO,CAACC,IAAI;AAE9B,QAAA,MAAMuD,8BAAAA,CAA+BH,KAAAA,CAAAA;AAErC,QAAA,MAAM/C,IAAAA,GAAO,MAAMe,UAAAA,CAAW,MAAA,CAAA,CAAQoC,gBAAgB,CAACJ,KAAAA,CAAAA;QAEvD7C,MAAAA,CAAOkD,SAAS,CAACC,IAAI,CAAC,qBAAA,CAAA;QAEtB,IAAI;AACF,YAAA,MAAMpC,cAAAA,GAAiBC,iBAAAA,EAAAA;AACvB,YAAA,IAAI,CAACD,cAAAA,EAAgB;AACnB,gBAAA,OAAO1B,IAAI4B,mBAAmB,EAAA;AAChC,YAAA;YACA,MAAMC,MAAAA,GAASC,MAAAA,CAAOrB,IAAAA,CAAKsB,EAAE,CAAA;YAC7B,MAAM,EAAEC,QAAQ,EAAEC,UAAU,EAAE,GAAGC,mBAAAA,CAAoBlC,GAAAA,CAAIG,OAAO,CAACC,IAAI,CAAA;AAErE,YAAA,MAAM,EAAE+B,KAAAA,EAAOC,YAAY,EAAEC,iBAAiB,EAAE,GAAG,MAAMX,cAAAA,CACvD,OAAA,CAAA,CACAY,oBAAoB,CAACT,QAAQG,QAAAA,EAAU;AAAEO,gBAAAA,IAAAA,EAAMN,aAAa,SAAA,GAAY;AAAU,aAAA,CAAA;YAEpF,MAAMO,aAAAA,GAAgBC,6BACpBR,UAAAA,GAAa,SAAA,GAAY,WACzBI,iBAAAA,EACArC,GAAAA,CAAIG,OAAO,CAACuC,MAAM,CAAA;AAEpB1C,YAAAA,GAAAA,CAAI2C,OAAO,CAACC,GAAG,CAACC,qBAAqBT,YAAAA,EAAcI,aAAAA,CAAAA;AAEnD,YAAA,MAAMM,YAAAA,GAAe,MAAMpB,cAAAA,CAAe,OAAA,CAAA,CAASqB,mBAAmB,CAACX,YAAAA,CAAAA;AACvE,YAAA,IAAI,WAAWU,YAAAA,EAAc;AAC3B,gBAAA,OAAO9C,IAAI4B,mBAAmB,EAAA;AAChC,YAAA;AAEA,YAAA,MAAM,EAAEO,KAAAA,EAAOa,WAAW,EAAE,GAAGF,YAAAA;AAE/B9C,YAAAA,GAAAA,CAAII,IAAI,GAAG;gBACT6C,IAAAA,EAAM;oBACJd,KAAAA,EAAOa,WAAAA;AACPA,oBAAAA,WAAAA;oBACAvC,IAAAA,EAAMe,UAAAA,CAAW,MAAA,CAAA,CAAQC,YAAY,CAAChB,IAAAA;AACxC;AACF,aAAA;AACF,QAAA,CAAA,CAAE,OAAOK,KAAAA,EAAO;AACdH,YAAAA,MAAAA,CAAOuC,GAAG,CAACpC,KAAK,CAAC,8DAAA,EAAgEA,KAAAA,CAAAA;AACjF,YAAA,OAAOd,IAAI4B,mBAAmB,EAAA;AAChC,QAAA;AACF,IAAA,CAAA;AAEA,IAAA,MAAMmC,gBAAe/D,GAAY,EAAA;AAC/B,QAAA,MAAMwD,KAAAA,GAAQxD,GAAAA,CAAIG,OAAO,CAACC,IAAI;AAE9B,QAAA,MAAM4D,2BAAAA,CAA4BR,KAAAA,CAAAA;QAElChC,UAAAA,CAAW,MAAA,CAAA,CAAQuC,cAAc,CAACP,KAAAA,CAAAA;AAElCxD,QAAAA,GAAAA,CAAIiE,MAAM,GAAG,GAAA;AACf,IAAA,CAAA;AAEA,IAAA,MAAMC,eAAclE,GAAY,EAAA;AAC9B,QAAA,MAAMwD,KAAAA,GAAQxD,GAAAA,CAAIG,OAAO,CAACC,IAAI;AAE9B,QAAA,MAAM+D,0BAAAA,CAA2BX,KAAAA,CAAAA;AAEjC,QAAA,MAAM/C,IAAAA,GAAO,MAAMe,UAAAA,CAAW,MAAA,CAAA,CAAQ0C,aAAa,CAACV,KAAAA,CAAAA;;QAGpD,IAAI;AACF,YAAA,MAAM9B,cAAAA,GAAiBC,iBAAAA,EAAAA;AACvB,YAAA,IAAI,CAACD,cAAAA,EAAgB;AACnB,gBAAA,OAAO1B,IAAI4B,mBAAmB,EAAA;AAChC,YAAA;YAEA,MAAMC,MAAAA,GAASC,MAAAA,CAAOrB,IAAAA,CAAKsB,EAAE,CAAA;AAC7B,YAAA,MAAMC,QAAAA,GAAWoC,gBAAAA,EAAAA;;YAGjB,MAAM1C,cAAAA,CAAe,OAAA,CAAA,CAAS2C,sBAAsB,CAACxC,MAAAA,CAAAA;AAErD,YAAA,MAAM,EAAEM,KAAAA,EAAOC,YAAY,EAAEC,iBAAiB,EAAE,GAAG,MAAMX,cAAAA,CACvD,OAAA,CAAA,CACAY,oBAAoB,CAACT,QAAQG,QAAAA,EAAU;gBAAEO,IAAAA,EAAM;AAAU,aAAA,CAAA;;AAG3D,YAAA,MAAMC,gBAAgBC,4BAAAA,CACpB,SAAA,EACAJ,mBACArC,GAAAA,CAAIG,OAAO,CAACuC,MAAM,CAAA;AAEpB1C,YAAAA,GAAAA,CAAI2C,OAAO,CAACC,GAAG,CAACC,qBAAqBT,YAAAA,EAAcI,aAAAA,CAAAA;AAEnD,YAAA,MAAMM,YAAAA,GAAe,MAAMpB,cAAAA,CAAe,OAAA,CAAA,CAASqB,mBAAmB,CAACX,YAAAA,CAAAA;AACvE,YAAA,IAAI,WAAWU,YAAAA,EAAc;AAC3B,gBAAA,OAAO9C,IAAI4B,mBAAmB,EAAA;AAChC,YAAA;YAEA,MAAM,EAAEO,KAAK,EAAE,GAAGW,YAAAA;AAElB9C,YAAAA,GAAAA,CAAII,IAAI,GAAG;gBACT6C,IAAAA,EAAM;AACJd,oBAAAA,KAAAA;oBACA1B,IAAAA,EAAMe,UAAAA,CAAW,MAAA,CAAA,CAAQC,YAAY,CAAChB,IAAAA;AACxC;AACF,aAAA;AACF,QAAA,CAAA,CAAE,OAAOD,GAAAA,EAAK;AACZG,YAAAA,MAAAA,CAAOuC,GAAG,CAACpC,KAAK,CAAC,8DAAA,EAAgEN,GAAAA,CAAAA;AACjF,YAAA,OAAOR,IAAI4B,mBAAmB,EAAA;AAChC,QAAA;AACF,IAAA,CAAA;AAEA,IAAA,MAAMoB,aAAYhD,GAAY,EAAA;AAC5B,QAAA,MAAMoC,YAAAA,GAAepC,GAAAA,CAAI2C,OAAO,CAAC2B,GAAG,CAACzB,mBAAAA,CAAAA;AAErC,QAAA,IAAI,CAACT,YAAAA,EAAc;YACjB,OAAOpC,GAAAA,CAAIuE,YAAY,CAAC,uBAAA,CAAA;AAC1B,QAAA;QAEA,IAAI;AACF,YAAA,MAAM7C,cAAAA,GAAiBC,iBAAAA,EAAAA;AACvB,YAAA,IAAI,CAACD,cAAAA,EAAgB;AACnB,gBAAA,OAAO1B,IAAI4B,mBAAmB,EAAA;AAChC,YAAA;;;AAIA,YAAA,MAAM4C,QAAAA,GAAW,MAAM9C,cAAAA,CAAe,OAAA,CAAA,CAAS+C,kBAAkB,CAACrC,YAAAA,CAAAA;AAClE,YAAA,IAAI,WAAWoC,QAAAA,EAAU;gBACvB,OAAOxE,GAAAA,CAAIuE,YAAY,CAAC,uBAAA,CAAA;AAC1B,YAAA;AAEA,YAAA,MAAMG,SAAS,MAAMhD,cAAAA,CAAe,SAASqB,mBAAmB,CAACyB,SAASrC,KAAK,CAAA;AAC/E,YAAA,IAAI,WAAWuC,MAAAA,EAAQ;gBACrB,OAAO1E,GAAAA,CAAIuE,YAAY,CAAC,uBAAA,CAAA;AAC1B,YAAA;YAEA,MAAM,EAAEpC,KAAK,EAAE,GAAGuC,MAAAA;;YAElB,MAAMC,IAAAA,GAAOlC,4BAAAA,CACX+B,QAAAA,CAASjC,IAAI,EACbiC,QAAAA,CAASnC,iBAAiB,EAC1BrC,GAAAA,CAAIG,OAAO,CAACuC,MAAM,CAAA;AAGpB1C,YAAAA,GAAAA,CAAI2C,OAAO,CAACC,GAAG,CAACC,mBAAAA,EAAqB2B,QAAAA,CAASrC,KAAK,EAAEwC,IAAAA,CAAAA;AACrD3E,YAAAA,GAAAA,CAAII,IAAI,GAAG;gBAAE6C,IAAAA,EAAM;AAAEd,oBAAAA;AAAM;AAAE,aAAA;AAC/B,QAAA,CAAA,CAAE,OAAO3B,GAAAA,EAAK;AACZG,YAAAA,MAAAA,CAAOuC,GAAG,CAACpC,KAAK,CAAC,oDAAA,EAAsDN,GAAAA,CAAAA;AACvE,YAAA,OAAOR,IAAI4B,mBAAmB,EAAA;AAChC,QAAA;AACF,IAAA,CAAA;AAEA,IAAA,MAAMgD,QAAO5E,GAAY,EAAA;QACvB,MAAMuB,aAAAA,GAAgBC,WAAW,MAAA,CAAA,CAAQC,YAAY,CAACzB,GAAAA,CAAIsB,KAAK,CAACb,IAAI,CAAA;AACpEE,QAAAA,MAAAA,CAAOC,QAAQ,CAACC,IAAI,CAAC,cAAA,EAAgB;YAAEJ,IAAAA,EAAMc;AAAc,SAAA,CAAA;AAE3D,QAAA,MAAMsD,YAAAA,GAAe7E,GAAAA,CAAIG,OAAO,CAACC,IAAI,EAAE4B,QAAAA;AACvC,QAAA,MAAMA,QAAAA,GAAW,OAAO6C,YAAAA,KAAiB,QAAA,GAAWA,YAAAA,GAAeC,SAAAA;;AAGnE9E,QAAAA,GAAAA,CAAI2C,OAAO,CAACC,GAAG,CAACC,qBAAqB,EAAA,EAAI;AACvC,YAAA,GAAGkC,uBAAAA,CAAwB/E,GAAAA,CAAIG,OAAO,CAACuC,MAAM,CAAC;AAC9CsC,YAAAA,OAAAA,EAAS,IAAIC,IAAAA,CAAK,CAAA;AACpB,SAAA,CAAA;QAEA,IAAI;AACF,YAAA,MAAMvD,cAAAA,GAAiBC,iBAAAA,EAAAA;AACvB,YAAA,IAAID,cAAAA,EAAgB;AAClB,gBAAA,MAAMG,SAASC,MAAAA,CAAO9B,GAAAA,CAAIsB,KAAK,CAACb,IAAI,CAACsB,EAAE,CAAA;AACvC,gBAAA,MAAML,cAAAA,CAAe,OAAA,CAAA,CAAS2C,sBAAsB,CAACxC,MAAAA,EAAQG,QAAAA,CAAAA;AAC/D,YAAA;AACF,QAAA,CAAA,CAAE,OAAOxB,GAAAA,EAAK;AACZG,YAAAA,MAAAA,CAAOuC,GAAG,CAACpC,KAAK,CAAC,+CAAA,EAAiDN,GAAAA,CAAAA;AACpE,QAAA;AAEAR,QAAAA,GAAAA,CAAII,IAAI,GAAG;AAAE6C,YAAAA,IAAAA,EAAM;AAAG,SAAA;AACxB,IAAA;AACF,CAAA;;;;"}
|
|
1
|
+
{"version":3,"file":"authentication.mjs","sources":["../../../../../server/src/controllers/authentication.ts"],"sourcesContent":["import type { Context, Next } from 'koa';\nimport passport from 'koa-passport';\nimport compose from 'koa-compose';\nimport '@strapi/types';\nimport { errors, buildSessionMetadata } from '@strapi/utils';\nimport { getService } from '../utils';\nimport {\n REFRESH_COOKIE_NAME,\n buildCookieOptionsWithExpiry,\n getSessionManager,\n extractDeviceParams,\n generateDeviceId,\n getRefreshCookieOptions,\n} from '../../../shared/utils/session-auth';\n\nimport {\n validateRegistrationInput,\n validateAdminRegistrationInput,\n validateRegistrationInfoQuery,\n validateForgotPasswordInput,\n validateResetPasswordInput,\n validateLoginSessionInput,\n} from '../validation/authentication';\n\nimport type {\n ForgotPassword,\n Login,\n Register,\n RegisterAdmin,\n RegistrationInfo,\n ResetPassword,\n} from '../../../shared/contracts/authentication';\nimport { AdminUser } from '../../../shared/contracts/shared';\n\nconst buildSessionMetadataFromContext = (ctx: Context) =>\n buildSessionMetadata({\n userAgent: ctx.request.headers['user-agent'],\n });\n\nconst { ApplicationError, ValidationError } = errors;\n\nexport default {\n login: compose([\n async (ctx: Context, next: Next) => {\n await validateLoginSessionInput(ctx.request.body ?? {});\n return next();\n },\n (ctx: Context, next: Next) => {\n return passport.authenticate('local', { session: false }, (err, user, info) => {\n if (err) {\n strapi.eventHub.emit('admin.auth.error', { error: err, provider: 'local' });\n // if this is a recognized error, allow it to bubble up to user\n if (err.details?.code === 'LOGIN_NOT_ALLOWED') {\n throw err;\n }\n\n // for all other errors throw a generic error to prevent leaking info\n return ctx.notImplemented();\n }\n\n if (!user) {\n strapi.eventHub.emit('admin.auth.error', {\n error: new Error(info.message),\n provider: 'local',\n });\n throw new ApplicationError(info.message);\n }\n\n const query = ctx.state as Login.Request['query'];\n query.user = user;\n\n const sanitizedUser = getService('user').sanitizeUser(user);\n strapi.eventHub.emit('admin.auth.success', { user: sanitizedUser, provider: 'local' });\n\n return next();\n })(ctx, next);\n },\n async (ctx: Context) => {\n const { user } = ctx.state as { user: AdminUser };\n\n try {\n const sessionManager = getSessionManager();\n if (!sessionManager) {\n return ctx.internalServerError();\n }\n const userId = String(user.id);\n const { deviceId, rememberMe } = extractDeviceParams(ctx.request.body);\n\n const { token: refreshToken, absoluteExpiresAt } = await sessionManager(\n 'admin'\n ).generateRefreshToken(userId, deviceId, {\n type: rememberMe ? 'refresh' : 'session',\n metadata: buildSessionMetadataFromContext(ctx),\n });\n\n const cookieOptions = buildCookieOptionsWithExpiry(\n rememberMe ? 'refresh' : 'session',\n absoluteExpiresAt,\n ctx.request.secure\n );\n ctx.cookies.set(REFRESH_COOKIE_NAME, refreshToken, cookieOptions);\n\n const accessResult = await sessionManager('admin').generateAccessToken(refreshToken);\n if ('error' in accessResult) {\n return ctx.internalServerError();\n }\n\n const { token: accessToken } = accessResult;\n\n ctx.body = {\n data: {\n token: accessToken,\n accessToken,\n user: getService('user').sanitizeUser(ctx.state.user),\n },\n } satisfies Login.Response;\n } catch (error) {\n strapi.log.error('Failed to create admin refresh session', error);\n return ctx.internalServerError();\n }\n },\n ]),\n\n async registrationInfo(ctx: Context) {\n await validateRegistrationInfoQuery(ctx.request.query);\n\n const { registrationToken } = ctx.request.query as RegistrationInfo.Request['query'];\n\n const registrationInfo = await getService('user').findRegistrationInfo(registrationToken);\n\n if (!registrationInfo) {\n throw new ValidationError('Invalid registrationToken');\n }\n\n ctx.body = { data: registrationInfo } satisfies RegistrationInfo.Response;\n },\n\n async register(ctx: Context) {\n const input = ctx.request.body as Register.Request['body'];\n\n await validateRegistrationInput(input);\n\n const user = await getService('user').register(input);\n\n try {\n const sessionManager = getSessionManager();\n if (!sessionManager) {\n return ctx.internalServerError();\n }\n const userId = String(user.id);\n const { deviceId, rememberMe } = extractDeviceParams(ctx.request.body);\n\n const { token: refreshToken, absoluteExpiresAt } = await sessionManager(\n 'admin'\n ).generateRefreshToken(userId, deviceId, {\n type: rememberMe ? 'refresh' : 'session',\n metadata: buildSessionMetadataFromContext(ctx),\n });\n\n const cookieOptions = buildCookieOptionsWithExpiry(\n rememberMe ? 'refresh' : 'session',\n absoluteExpiresAt,\n ctx.request.secure\n );\n ctx.cookies.set(REFRESH_COOKIE_NAME, refreshToken, cookieOptions);\n\n const accessResult = await sessionManager('admin').generateAccessToken(refreshToken);\n if ('error' in accessResult) {\n return ctx.internalServerError();\n }\n\n const { token: accessToken } = accessResult;\n\n ctx.body = {\n data: {\n token: accessToken,\n accessToken,\n user: getService('user').sanitizeUser(user),\n },\n } satisfies Register.Response;\n } catch (error) {\n strapi.log.error('Failed to create admin refresh session during register', error);\n return ctx.internalServerError();\n }\n },\n\n async registerAdmin(ctx: Context) {\n const input = ctx.request.body as RegisterAdmin.Request['body'];\n\n await validateAdminRegistrationInput(input);\n\n const user = await getService('user').createFirstAdmin(input);\n\n strapi.telemetry.send('didCreateFirstAdmin');\n\n try {\n const sessionManager = getSessionManager();\n if (!sessionManager) {\n return ctx.internalServerError();\n }\n const userId = String(user.id);\n const { deviceId, rememberMe } = extractDeviceParams(ctx.request.body);\n\n const { token: refreshToken, absoluteExpiresAt } = await sessionManager(\n 'admin'\n ).generateRefreshToken(userId, deviceId, {\n type: rememberMe ? 'refresh' : 'session',\n metadata: buildSessionMetadataFromContext(ctx),\n });\n\n const cookieOptions = buildCookieOptionsWithExpiry(\n rememberMe ? 'refresh' : 'session',\n absoluteExpiresAt,\n ctx.request.secure\n );\n ctx.cookies.set(REFRESH_COOKIE_NAME, refreshToken, cookieOptions);\n\n const accessResult = await sessionManager('admin').generateAccessToken(refreshToken);\n if ('error' in accessResult) {\n return ctx.internalServerError();\n }\n\n const { token: accessToken } = accessResult;\n\n ctx.body = {\n data: {\n token: accessToken,\n accessToken,\n user: getService('user').sanitizeUser(user),\n },\n } satisfies RegisterAdmin.Response;\n } catch (error) {\n strapi.log.error('Failed to create admin refresh session during register-admin', error);\n return ctx.internalServerError();\n }\n },\n\n async forgotPassword(ctx: Context) {\n const input = ctx.request.body as ForgotPassword.Request['body'];\n\n await validateForgotPasswordInput(input);\n\n getService('auth').forgotPassword(input);\n\n ctx.status = 204;\n },\n\n async resetPassword(ctx: Context) {\n const input = ctx.request.body as ResetPassword.Request['body'];\n\n await validateResetPasswordInput(input);\n\n const user = await getService('auth').resetPassword(input);\n\n // Issue a new admin refresh session and access token after password reset.\n try {\n const sessionManager = getSessionManager();\n if (!sessionManager) {\n return ctx.internalServerError();\n }\n\n const userId = String(user.id);\n const deviceId = generateDeviceId();\n\n // Invalidate all existing sessions before creating a new one\n await sessionManager('admin').invalidateRefreshToken(userId);\n\n const { token: refreshToken, absoluteExpiresAt } = await sessionManager(\n 'admin'\n ).generateRefreshToken(userId, deviceId, {\n type: 'session',\n metadata: buildSessionMetadataFromContext(ctx),\n });\n\n // No rememberMe flow here; expire with session by default (session cookie)\n const cookieOptions = buildCookieOptionsWithExpiry(\n 'session',\n absoluteExpiresAt,\n ctx.request.secure\n );\n ctx.cookies.set(REFRESH_COOKIE_NAME, refreshToken, cookieOptions);\n\n const accessResult = await sessionManager('admin').generateAccessToken(refreshToken);\n if ('error' in accessResult) {\n return ctx.internalServerError();\n }\n\n const { token } = accessResult;\n\n ctx.body = {\n data: {\n token,\n user: getService('user').sanitizeUser(user),\n },\n } satisfies ResetPassword.Response;\n } catch (err) {\n strapi.log.error('Failed to create admin refresh session during reset-password', err as any);\n return ctx.internalServerError();\n }\n },\n\n async accessToken(ctx: Context) {\n const refreshToken = ctx.cookies.get(REFRESH_COOKIE_NAME);\n\n if (!refreshToken) {\n return ctx.unauthorized('Missing refresh token');\n }\n\n try {\n const sessionManager = getSessionManager();\n if (!sessionManager) {\n return ctx.internalServerError();\n }\n\n // Single-use renewal: rotate on access exchange, then create access token\n // from the new refresh token\n const rotation = await sessionManager('admin').rotateRefreshToken(refreshToken);\n if ('error' in rotation) {\n return ctx.unauthorized('Invalid refresh token');\n }\n\n const result = await sessionManager('admin').generateAccessToken(rotation.token);\n if ('error' in result) {\n return ctx.unauthorized('Invalid refresh token');\n }\n\n const { token } = result;\n // Preserve session-vs-remember mode using rotation.type and rotation.absoluteExpiresAt\n const opts = buildCookieOptionsWithExpiry(\n rotation.type,\n rotation.absoluteExpiresAt,\n ctx.request.secure\n );\n\n ctx.cookies.set(REFRESH_COOKIE_NAME, rotation.token, opts);\n ctx.body = { data: { token } };\n } catch (err) {\n strapi.log.error('Failed to generate access token from refresh token', err as any);\n return ctx.internalServerError();\n }\n },\n\n async logout(ctx: Context) {\n const sanitizedUser = getService('user').sanitizeUser(ctx.state.user);\n strapi.eventHub.emit('admin.logout', { user: sanitizedUser });\n\n const bodyDeviceId = ctx.request.body?.deviceId as string | undefined;\n const deviceId = typeof bodyDeviceId === 'string' ? bodyDeviceId : undefined;\n\n // Clear cookie regardless of token validity\n ctx.cookies.set(REFRESH_COOKIE_NAME, '', {\n ...getRefreshCookieOptions(ctx.request.secure),\n expires: new Date(0),\n });\n\n try {\n const sessionManager = getSessionManager();\n if (sessionManager) {\n const userId = String(ctx.state.user.id);\n await sessionManager('admin').invalidateRefreshToken(userId, deviceId);\n }\n } catch (err) {\n strapi.log.error('Failed to revoke admin sessions during logout', err as any);\n }\n\n ctx.body = { data: {} };\n },\n};\n"],"names":["buildSessionMetadataFromContext","ctx","buildSessionMetadata","userAgent","request","headers","ApplicationError","ValidationError","errors","login","compose","next","validateLoginSessionInput","body","passport","authenticate","session","err","user","info","strapi","eventHub","emit","error","provider","details","code","notImplemented","Error","message","query","state","sanitizedUser","getService","sanitizeUser","sessionManager","getSessionManager","internalServerError","userId","String","id","deviceId","rememberMe","extractDeviceParams","token","refreshToken","absoluteExpiresAt","generateRefreshToken","type","metadata","cookieOptions","buildCookieOptionsWithExpiry","secure","cookies","set","REFRESH_COOKIE_NAME","accessResult","generateAccessToken","accessToken","data","log","registrationInfo","validateRegistrationInfoQuery","registrationToken","findRegistrationInfo","register","input","validateRegistrationInput","registerAdmin","validateAdminRegistrationInput","createFirstAdmin","telemetry","send","forgotPassword","validateForgotPasswordInput","status","resetPassword","validateResetPasswordInput","generateDeviceId","invalidateRefreshToken","get","unauthorized","rotation","rotateRefreshToken","result","opts","logout","bodyDeviceId","undefined","getRefreshCookieOptions","expires","Date"],"mappings":";;;;;;;;;;;AAkCA,MAAMA,+BAAAA,GAAkC,CAACC,GAAAA,GACvCC,oBAAAA,CAAqB;AACnBC,QAAAA,SAAAA,EAAWF,GAAAA,CAAIG,OAAO,CAACC,OAAO,CAAC,YAAA;AACjC,KAAA,CAAA;AAEF,MAAM,EAAEC,gBAAgB,EAAEC,eAAe,EAAE,GAAGC,MAAAA;AAE9C,qBAAe;AACbC,IAAAA,KAAAA,EAAOC,OAAAA,CAAQ;AACb,QAAA,OAAOT,GAAAA,EAAcU,IAAAA,GAAAA;AACnB,YAAA,MAAMC,0BAA0BX,GAAAA,CAAIG,OAAO,CAACS,IAAI,IAAI,EAAC,CAAA;YACrD,OAAOF,IAAAA,EAAAA;AACT,QAAA,CAAA;AACA,QAAA,CAACV,GAAAA,EAAcU,IAAAA,GAAAA;YACb,OAAOG,QAAAA,CAASC,YAAY,CAAC,OAAA,EAAS;gBAAEC,OAAAA,EAAS;aAAM,EAAG,CAACC,KAAKC,IAAAA,EAAMC,IAAAA,GAAAA;AACpE,gBAAA,IAAIF,GAAAA,EAAK;AACPG,oBAAAA,MAAAA,CAAOC,QAAQ,CAACC,IAAI,CAAC,kBAAA,EAAoB;wBAAEC,KAAAA,EAAON,GAAAA;wBAAKO,QAAAA,EAAU;AAAQ,qBAAA,CAAA;;AAEzE,oBAAA,IAAIP,GAAAA,CAAIQ,OAAO,EAAEC,IAAAA,KAAS,mBAAA,EAAqB;wBAC7C,MAAMT,GAAAA;AACR,oBAAA;;AAGA,oBAAA,OAAOhB,IAAI0B,cAAc,EAAA;AAC3B,gBAAA;AAEA,gBAAA,IAAI,CAACT,IAAAA,EAAM;AACTE,oBAAAA,MAAAA,CAAOC,QAAQ,CAACC,IAAI,CAAC,kBAAA,EAAoB;wBACvCC,KAAAA,EAAO,IAAIK,KAAAA,CAAMT,IAAAA,CAAKU,OAAO,CAAA;wBAC7BL,QAAAA,EAAU;AACZ,qBAAA,CAAA;oBACA,MAAM,IAAIlB,gBAAAA,CAAiBa,IAAAA,CAAKU,OAAO,CAAA;AACzC,gBAAA;gBAEA,MAAMC,KAAAA,GAAQ7B,IAAI8B,KAAK;AACvBD,gBAAAA,KAAAA,CAAMZ,IAAI,GAAGA,IAAAA;AAEb,gBAAA,MAAMc,aAAAA,GAAgBC,UAAAA,CAAW,MAAA,CAAA,CAAQC,YAAY,CAAChB,IAAAA,CAAAA;AACtDE,gBAAAA,MAAAA,CAAOC,QAAQ,CAACC,IAAI,CAAC,oBAAA,EAAsB;oBAAEJ,IAAAA,EAAMc,aAAAA;oBAAeR,QAAAA,EAAU;AAAQ,iBAAA,CAAA;gBAEpF,OAAOb,IAAAA,EAAAA;AACT,YAAA,CAAA,CAAA,CAAGV,GAAAA,EAAKU,IAAAA,CAAAA;AACV,QAAA,CAAA;QACA,OAAOV,GAAAA,GAAAA;AACL,YAAA,MAAM,EAAEiB,IAAI,EAAE,GAAGjB,IAAI8B,KAAK;YAE1B,IAAI;AACF,gBAAA,MAAMI,cAAAA,GAAiBC,iBAAAA,EAAAA;AACvB,gBAAA,IAAI,CAACD,cAAAA,EAAgB;AACnB,oBAAA,OAAOlC,IAAIoC,mBAAmB,EAAA;AAChC,gBAAA;gBACA,MAAMC,MAAAA,GAASC,MAAAA,CAAOrB,IAAAA,CAAKsB,EAAE,CAAA;gBAC7B,MAAM,EAAEC,QAAQ,EAAEC,UAAU,EAAE,GAAGC,mBAAAA,CAAoB1C,GAAAA,CAAIG,OAAO,CAACS,IAAI,CAAA;AAErE,gBAAA,MAAM,EAAE+B,KAAAA,EAAOC,YAAY,EAAEC,iBAAiB,EAAE,GAAG,MAAMX,cAAAA,CACvD,OAAA,CAAA,CACAY,oBAAoB,CAACT,QAAQG,QAAAA,EAAU;AACvCO,oBAAAA,IAAAA,EAAMN,aAAa,SAAA,GAAY,SAAA;AAC/BO,oBAAAA,QAAAA,EAAUjD,+BAAAA,CAAgCC,GAAAA;AAC5C,iBAAA,CAAA;gBAEA,MAAMiD,aAAAA,GAAgBC,6BACpBT,UAAAA,GAAa,SAAA,GAAY,WACzBI,iBAAAA,EACA7C,GAAAA,CAAIG,OAAO,CAACgD,MAAM,CAAA;AAEpBnD,gBAAAA,GAAAA,CAAIoD,OAAO,CAACC,GAAG,CAACC,qBAAqBV,YAAAA,EAAcK,aAAAA,CAAAA;AAEnD,gBAAA,MAAMM,YAAAA,GAAe,MAAMrB,cAAAA,CAAe,OAAA,CAAA,CAASsB,mBAAmB,CAACZ,YAAAA,CAAAA;AACvE,gBAAA,IAAI,WAAWW,YAAAA,EAAc;AAC3B,oBAAA,OAAOvD,IAAIoC,mBAAmB,EAAA;AAChC,gBAAA;AAEA,gBAAA,MAAM,EAAEO,KAAAA,EAAOc,WAAW,EAAE,GAAGF,YAAAA;AAE/BvD,gBAAAA,GAAAA,CAAIY,IAAI,GAAG;oBACT8C,IAAAA,EAAM;wBACJf,KAAAA,EAAOc,WAAAA;AACPA,wBAAAA,WAAAA;AACAxC,wBAAAA,IAAAA,EAAMe,WAAW,MAAA,CAAA,CAAQC,YAAY,CAACjC,GAAAA,CAAI8B,KAAK,CAACb,IAAI;AACtD;AACF,iBAAA;AACF,YAAA,CAAA,CAAE,OAAOK,KAAAA,EAAO;AACdH,gBAAAA,MAAAA,CAAOwC,GAAG,CAACrC,KAAK,CAAC,wCAAA,EAA0CA,KAAAA,CAAAA;AAC3D,gBAAA,OAAOtB,IAAIoC,mBAAmB,EAAA;AAChC,YAAA;AACF,QAAA;AACD,KAAA,CAAA;AAED,IAAA,MAAMwB,kBAAiB5D,GAAY,EAAA;AACjC,QAAA,MAAM6D,6BAAAA,CAA8B7D,GAAAA,CAAIG,OAAO,CAAC0B,KAAK,CAAA;AAErD,QAAA,MAAM,EAAEiC,iBAAiB,EAAE,GAAG9D,GAAAA,CAAIG,OAAO,CAAC0B,KAAK;AAE/C,QAAA,MAAM+B,gBAAAA,GAAmB,MAAM5B,UAAAA,CAAW,MAAA,CAAA,CAAQ+B,oBAAoB,CAACD,iBAAAA,CAAAA;AAEvE,QAAA,IAAI,CAACF,gBAAAA,EAAkB;AACrB,YAAA,MAAM,IAAItD,eAAAA,CAAgB,2BAAA,CAAA;AAC5B,QAAA;AAEAN,QAAAA,GAAAA,CAAIY,IAAI,GAAG;YAAE8C,IAAAA,EAAME;AAAiB,SAAA;AACtC,IAAA,CAAA;AAEA,IAAA,MAAMI,UAAShE,GAAY,EAAA;AACzB,QAAA,MAAMiE,KAAAA,GAAQjE,GAAAA,CAAIG,OAAO,CAACS,IAAI;AAE9B,QAAA,MAAMsD,yBAAAA,CAA0BD,KAAAA,CAAAA;AAEhC,QAAA,MAAMhD,IAAAA,GAAO,MAAMe,UAAAA,CAAW,MAAA,CAAA,CAAQgC,QAAQ,CAACC,KAAAA,CAAAA;QAE/C,IAAI;AACF,YAAA,MAAM/B,cAAAA,GAAiBC,iBAAAA,EAAAA;AACvB,YAAA,IAAI,CAACD,cAAAA,EAAgB;AACnB,gBAAA,OAAOlC,IAAIoC,mBAAmB,EAAA;AAChC,YAAA;YACA,MAAMC,MAAAA,GAASC,MAAAA,CAAOrB,IAAAA,CAAKsB,EAAE,CAAA;YAC7B,MAAM,EAAEC,QAAQ,EAAEC,UAAU,EAAE,GAAGC,mBAAAA,CAAoB1C,GAAAA,CAAIG,OAAO,CAACS,IAAI,CAAA;AAErE,YAAA,MAAM,EAAE+B,KAAAA,EAAOC,YAAY,EAAEC,iBAAiB,EAAE,GAAG,MAAMX,cAAAA,CACvD,OAAA,CAAA,CACAY,oBAAoB,CAACT,QAAQG,QAAAA,EAAU;AACvCO,gBAAAA,IAAAA,EAAMN,aAAa,SAAA,GAAY,SAAA;AAC/BO,gBAAAA,QAAAA,EAAUjD,+BAAAA,CAAgCC,GAAAA;AAC5C,aAAA,CAAA;YAEA,MAAMiD,aAAAA,GAAgBC,6BACpBT,UAAAA,GAAa,SAAA,GAAY,WACzBI,iBAAAA,EACA7C,GAAAA,CAAIG,OAAO,CAACgD,MAAM,CAAA;AAEpBnD,YAAAA,GAAAA,CAAIoD,OAAO,CAACC,GAAG,CAACC,qBAAqBV,YAAAA,EAAcK,aAAAA,CAAAA;AAEnD,YAAA,MAAMM,YAAAA,GAAe,MAAMrB,cAAAA,CAAe,OAAA,CAAA,CAASsB,mBAAmB,CAACZ,YAAAA,CAAAA;AACvE,YAAA,IAAI,WAAWW,YAAAA,EAAc;AAC3B,gBAAA,OAAOvD,IAAIoC,mBAAmB,EAAA;AAChC,YAAA;AAEA,YAAA,MAAM,EAAEO,KAAAA,EAAOc,WAAW,EAAE,GAAGF,YAAAA;AAE/BvD,YAAAA,GAAAA,CAAIY,IAAI,GAAG;gBACT8C,IAAAA,EAAM;oBACJf,KAAAA,EAAOc,WAAAA;AACPA,oBAAAA,WAAAA;oBACAxC,IAAAA,EAAMe,UAAAA,CAAW,MAAA,CAAA,CAAQC,YAAY,CAAChB,IAAAA;AACxC;AACF,aAAA;AACF,QAAA,CAAA,CAAE,OAAOK,KAAAA,EAAO;AACdH,YAAAA,MAAAA,CAAOwC,GAAG,CAACrC,KAAK,CAAC,wDAAA,EAA0DA,KAAAA,CAAAA;AAC3E,YAAA,OAAOtB,IAAIoC,mBAAmB,EAAA;AAChC,QAAA;AACF,IAAA,CAAA;AAEA,IAAA,MAAM+B,eAAcnE,GAAY,EAAA;AAC9B,QAAA,MAAMiE,KAAAA,GAAQjE,GAAAA,CAAIG,OAAO,CAACS,IAAI;AAE9B,QAAA,MAAMwD,8BAAAA,CAA+BH,KAAAA,CAAAA;AAErC,QAAA,MAAMhD,IAAAA,GAAO,MAAMe,UAAAA,CAAW,MAAA,CAAA,CAAQqC,gBAAgB,CAACJ,KAAAA,CAAAA;QAEvD9C,MAAAA,CAAOmD,SAAS,CAACC,IAAI,CAAC,qBAAA,CAAA;QAEtB,IAAI;AACF,YAAA,MAAMrC,cAAAA,GAAiBC,iBAAAA,EAAAA;AACvB,YAAA,IAAI,CAACD,cAAAA,EAAgB;AACnB,gBAAA,OAAOlC,IAAIoC,mBAAmB,EAAA;AAChC,YAAA;YACA,MAAMC,MAAAA,GAASC,MAAAA,CAAOrB,IAAAA,CAAKsB,EAAE,CAAA;YAC7B,MAAM,EAAEC,QAAQ,EAAEC,UAAU,EAAE,GAAGC,mBAAAA,CAAoB1C,GAAAA,CAAIG,OAAO,CAACS,IAAI,CAAA;AAErE,YAAA,MAAM,EAAE+B,KAAAA,EAAOC,YAAY,EAAEC,iBAAiB,EAAE,GAAG,MAAMX,cAAAA,CACvD,OAAA,CAAA,CACAY,oBAAoB,CAACT,QAAQG,QAAAA,EAAU;AACvCO,gBAAAA,IAAAA,EAAMN,aAAa,SAAA,GAAY,SAAA;AAC/BO,gBAAAA,QAAAA,EAAUjD,+BAAAA,CAAgCC,GAAAA;AAC5C,aAAA,CAAA;YAEA,MAAMiD,aAAAA,GAAgBC,6BACpBT,UAAAA,GAAa,SAAA,GAAY,WACzBI,iBAAAA,EACA7C,GAAAA,CAAIG,OAAO,CAACgD,MAAM,CAAA;AAEpBnD,YAAAA,GAAAA,CAAIoD,OAAO,CAACC,GAAG,CAACC,qBAAqBV,YAAAA,EAAcK,aAAAA,CAAAA;AAEnD,YAAA,MAAMM,YAAAA,GAAe,MAAMrB,cAAAA,CAAe,OAAA,CAAA,CAASsB,mBAAmB,CAACZ,YAAAA,CAAAA;AACvE,YAAA,IAAI,WAAWW,YAAAA,EAAc;AAC3B,gBAAA,OAAOvD,IAAIoC,mBAAmB,EAAA;AAChC,YAAA;AAEA,YAAA,MAAM,EAAEO,KAAAA,EAAOc,WAAW,EAAE,GAAGF,YAAAA;AAE/BvD,YAAAA,GAAAA,CAAIY,IAAI,GAAG;gBACT8C,IAAAA,EAAM;oBACJf,KAAAA,EAAOc,WAAAA;AACPA,oBAAAA,WAAAA;oBACAxC,IAAAA,EAAMe,UAAAA,CAAW,MAAA,CAAA,CAAQC,YAAY,CAAChB,IAAAA;AACxC;AACF,aAAA;AACF,QAAA,CAAA,CAAE,OAAOK,KAAAA,EAAO;AACdH,YAAAA,MAAAA,CAAOwC,GAAG,CAACrC,KAAK,CAAC,8DAAA,EAAgEA,KAAAA,CAAAA;AACjF,YAAA,OAAOtB,IAAIoC,mBAAmB,EAAA;AAChC,QAAA;AACF,IAAA,CAAA;AAEA,IAAA,MAAMoC,gBAAexE,GAAY,EAAA;AAC/B,QAAA,MAAMiE,KAAAA,GAAQjE,GAAAA,CAAIG,OAAO,CAACS,IAAI;AAE9B,QAAA,MAAM6D,2BAAAA,CAA4BR,KAAAA,CAAAA;QAElCjC,UAAAA,CAAW,MAAA,CAAA,CAAQwC,cAAc,CAACP,KAAAA,CAAAA;AAElCjE,QAAAA,GAAAA,CAAI0E,MAAM,GAAG,GAAA;AACf,IAAA,CAAA;AAEA,IAAA,MAAMC,eAAc3E,GAAY,EAAA;AAC9B,QAAA,MAAMiE,KAAAA,GAAQjE,GAAAA,CAAIG,OAAO,CAACS,IAAI;AAE9B,QAAA,MAAMgE,0BAAAA,CAA2BX,KAAAA,CAAAA;AAEjC,QAAA,MAAMhD,IAAAA,GAAO,MAAMe,UAAAA,CAAW,MAAA,CAAA,CAAQ2C,aAAa,CAACV,KAAAA,CAAAA;;QAGpD,IAAI;AACF,YAAA,MAAM/B,cAAAA,GAAiBC,iBAAAA,EAAAA;AACvB,YAAA,IAAI,CAACD,cAAAA,EAAgB;AACnB,gBAAA,OAAOlC,IAAIoC,mBAAmB,EAAA;AAChC,YAAA;YAEA,MAAMC,MAAAA,GAASC,MAAAA,CAAOrB,IAAAA,CAAKsB,EAAE,CAAA;AAC7B,YAAA,MAAMC,QAAAA,GAAWqC,gBAAAA,EAAAA;;YAGjB,MAAM3C,cAAAA,CAAe,OAAA,CAAA,CAAS4C,sBAAsB,CAACzC,MAAAA,CAAAA;AAErD,YAAA,MAAM,EAAEM,KAAAA,EAAOC,YAAY,EAAEC,iBAAiB,EAAE,GAAG,MAAMX,cAAAA,CACvD,OAAA,CAAA,CACAY,oBAAoB,CAACT,QAAQG,QAAAA,EAAU;gBACvCO,IAAAA,EAAM,SAAA;AACNC,gBAAAA,QAAAA,EAAUjD,+BAAAA,CAAgCC,GAAAA;AAC5C,aAAA,CAAA;;AAGA,YAAA,MAAMiD,gBAAgBC,4BAAAA,CACpB,SAAA,EACAL,mBACA7C,GAAAA,CAAIG,OAAO,CAACgD,MAAM,CAAA;AAEpBnD,YAAAA,GAAAA,CAAIoD,OAAO,CAACC,GAAG,CAACC,qBAAqBV,YAAAA,EAAcK,aAAAA,CAAAA;AAEnD,YAAA,MAAMM,YAAAA,GAAe,MAAMrB,cAAAA,CAAe,OAAA,CAAA,CAASsB,mBAAmB,CAACZ,YAAAA,CAAAA;AACvE,YAAA,IAAI,WAAWW,YAAAA,EAAc;AAC3B,gBAAA,OAAOvD,IAAIoC,mBAAmB,EAAA;AAChC,YAAA;YAEA,MAAM,EAAEO,KAAK,EAAE,GAAGY,YAAAA;AAElBvD,YAAAA,GAAAA,CAAIY,IAAI,GAAG;gBACT8C,IAAAA,EAAM;AACJf,oBAAAA,KAAAA;oBACA1B,IAAAA,EAAMe,UAAAA,CAAW,MAAA,CAAA,CAAQC,YAAY,CAAChB,IAAAA;AACxC;AACF,aAAA;AACF,QAAA,CAAA,CAAE,OAAOD,GAAAA,EAAK;AACZG,YAAAA,MAAAA,CAAOwC,GAAG,CAACrC,KAAK,CAAC,8DAAA,EAAgEN,GAAAA,CAAAA;AACjF,YAAA,OAAOhB,IAAIoC,mBAAmB,EAAA;AAChC,QAAA;AACF,IAAA,CAAA;AAEA,IAAA,MAAMqB,aAAYzD,GAAY,EAAA;AAC5B,QAAA,MAAM4C,YAAAA,GAAe5C,GAAAA,CAAIoD,OAAO,CAAC2B,GAAG,CAACzB,mBAAAA,CAAAA;AAErC,QAAA,IAAI,CAACV,YAAAA,EAAc;YACjB,OAAO5C,GAAAA,CAAIgF,YAAY,CAAC,uBAAA,CAAA;AAC1B,QAAA;QAEA,IAAI;AACF,YAAA,MAAM9C,cAAAA,GAAiBC,iBAAAA,EAAAA;AACvB,YAAA,IAAI,CAACD,cAAAA,EAAgB;AACnB,gBAAA,OAAOlC,IAAIoC,mBAAmB,EAAA;AAChC,YAAA;;;AAIA,YAAA,MAAM6C,QAAAA,GAAW,MAAM/C,cAAAA,CAAe,OAAA,CAAA,CAASgD,kBAAkB,CAACtC,YAAAA,CAAAA;AAClE,YAAA,IAAI,WAAWqC,QAAAA,EAAU;gBACvB,OAAOjF,GAAAA,CAAIgF,YAAY,CAAC,uBAAA,CAAA;AAC1B,YAAA;AAEA,YAAA,MAAMG,SAAS,MAAMjD,cAAAA,CAAe,SAASsB,mBAAmB,CAACyB,SAAStC,KAAK,CAAA;AAC/E,YAAA,IAAI,WAAWwC,MAAAA,EAAQ;gBACrB,OAAOnF,GAAAA,CAAIgF,YAAY,CAAC,uBAAA,CAAA;AAC1B,YAAA;YAEA,MAAM,EAAErC,KAAK,EAAE,GAAGwC,MAAAA;;YAElB,MAAMC,IAAAA,GAAOlC,4BAAAA,CACX+B,QAAAA,CAASlC,IAAI,EACbkC,QAAAA,CAASpC,iBAAiB,EAC1B7C,GAAAA,CAAIG,OAAO,CAACgD,MAAM,CAAA;AAGpBnD,YAAAA,GAAAA,CAAIoD,OAAO,CAACC,GAAG,CAACC,mBAAAA,EAAqB2B,QAAAA,CAAStC,KAAK,EAAEyC,IAAAA,CAAAA;AACrDpF,YAAAA,GAAAA,CAAIY,IAAI,GAAG;gBAAE8C,IAAAA,EAAM;AAAEf,oBAAAA;AAAM;AAAE,aAAA;AAC/B,QAAA,CAAA,CAAE,OAAO3B,GAAAA,EAAK;AACZG,YAAAA,MAAAA,CAAOwC,GAAG,CAACrC,KAAK,CAAC,oDAAA,EAAsDN,GAAAA,CAAAA;AACvE,YAAA,OAAOhB,IAAIoC,mBAAmB,EAAA;AAChC,QAAA;AACF,IAAA,CAAA;AAEA,IAAA,MAAMiD,QAAOrF,GAAY,EAAA;QACvB,MAAM+B,aAAAA,GAAgBC,WAAW,MAAA,CAAA,CAAQC,YAAY,CAACjC,GAAAA,CAAI8B,KAAK,CAACb,IAAI,CAAA;AACpEE,QAAAA,MAAAA,CAAOC,QAAQ,CAACC,IAAI,CAAC,cAAA,EAAgB;YAAEJ,IAAAA,EAAMc;AAAc,SAAA,CAAA;AAE3D,QAAA,MAAMuD,YAAAA,GAAetF,GAAAA,CAAIG,OAAO,CAACS,IAAI,EAAE4B,QAAAA;AACvC,QAAA,MAAMA,QAAAA,GAAW,OAAO8C,YAAAA,KAAiB,QAAA,GAAWA,YAAAA,GAAeC,SAAAA;;AAGnEvF,QAAAA,GAAAA,CAAIoD,OAAO,CAACC,GAAG,CAACC,qBAAqB,EAAA,EAAI;AACvC,YAAA,GAAGkC,uBAAAA,CAAwBxF,GAAAA,CAAIG,OAAO,CAACgD,MAAM,CAAC;AAC9CsC,YAAAA,OAAAA,EAAS,IAAIC,IAAAA,CAAK,CAAA;AACpB,SAAA,CAAA;QAEA,IAAI;AACF,YAAA,MAAMxD,cAAAA,GAAiBC,iBAAAA,EAAAA;AACvB,YAAA,IAAID,cAAAA,EAAgB;AAClB,gBAAA,MAAMG,SAASC,MAAAA,CAAOtC,GAAAA,CAAI8B,KAAK,CAACb,IAAI,CAACsB,EAAE,CAAA;AACvC,gBAAA,MAAML,cAAAA,CAAe,OAAA,CAAA,CAAS4C,sBAAsB,CAACzC,MAAAA,EAAQG,QAAAA,CAAAA;AAC/D,YAAA;AACF,QAAA,CAAA,CAAE,OAAOxB,GAAAA,EAAK;AACZG,YAAAA,MAAAA,CAAOwC,GAAG,CAACrC,KAAK,CAAC,+CAAA,EAAiDN,GAAAA,CAAAA;AACpE,QAAA;AAEAhB,QAAAA,GAAAA,CAAIY,IAAI,GAAG;AAAE8C,YAAAA,IAAAA,EAAM;AAAG,SAAA;AACxB,IAAA;AACF,CAAA;;;;"}
|
|
@@ -4,6 +4,7 @@ var admin = require('./admin.js');
|
|
|
4
4
|
var apiToken = require('./api-token.js');
|
|
5
5
|
var adminToken = require('./admin-token.js');
|
|
6
6
|
var authenticatedUser = require('./authenticated-user.js');
|
|
7
|
+
var authenticatedSession = require('./authenticated-session.js');
|
|
7
8
|
var authentication = require('./authentication.js');
|
|
8
9
|
var permission = require('./permission.js');
|
|
9
10
|
var role = require('./role.js');
|
|
@@ -19,6 +20,7 @@ var controllers = {
|
|
|
19
20
|
'api-token': apiToken,
|
|
20
21
|
'admin-token': adminToken,
|
|
21
22
|
'authenticated-user': authenticatedUser,
|
|
23
|
+
'authenticated-session': authenticatedSession,
|
|
22
24
|
authentication,
|
|
23
25
|
permission,
|
|
24
26
|
role,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sources":["../../../../../server/src/controllers/index.ts"],"sourcesContent":["import type {} from 'koa-body';\n\nimport admin from './admin';\nimport apiToken from './api-token';\nimport adminToken from './admin-token';\nimport authenticatedUser from './authenticated-user';\nimport authentication from './authentication';\nimport permission from './permission';\nimport role from './role';\nimport transfer from './transfer';\nimport user from './user';\nimport webhooks from './webhooks';\nimport contentApi from './content-api';\nimport homepage from './homepage';\nimport ai from '../ai/controllers/ai';\n\nexport default {\n admin,\n 'api-token': apiToken,\n 'admin-token': adminToken,\n 'authenticated-user': authenticatedUser,\n authentication,\n permission,\n role,\n transfer,\n user,\n webhooks,\n 'content-api': contentApi,\n homepage,\n ai,\n};\n"],"names":["admin","apiToken","adminToken","authenticatedUser","authentication","permission","role","transfer","user","webhooks","contentApi","homepage","ai"],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.js","sources":["../../../../../server/src/controllers/index.ts"],"sourcesContent":["import type {} from 'koa-body';\n\nimport admin from './admin';\nimport apiToken from './api-token';\nimport adminToken from './admin-token';\nimport authenticatedUser from './authenticated-user';\nimport authenticatedSession from './authenticated-session';\nimport authentication from './authentication';\nimport permission from './permission';\nimport role from './role';\nimport transfer from './transfer';\nimport user from './user';\nimport webhooks from './webhooks';\nimport contentApi from './content-api';\nimport homepage from './homepage';\nimport ai from '../ai/controllers/ai';\n\nexport default {\n admin,\n 'api-token': apiToken,\n 'admin-token': adminToken,\n 'authenticated-user': authenticatedUser,\n 'authenticated-session': authenticatedSession,\n authentication,\n permission,\n role,\n transfer,\n user,\n webhooks,\n 'content-api': contentApi,\n homepage,\n ai,\n};\n"],"names":["admin","apiToken","adminToken","authenticatedUser","authenticatedSession","authentication","permission","role","transfer","user","webhooks","contentApi","homepage","ai"],"mappings":";;;;;;;;;;;;;;;;;AAiBA,kBAAe;AACbA,IAAAA,KAAAA;IACA,WAAA,EAAaC,QAAAA;IACb,aAAA,EAAeC,UAAAA;IACf,oBAAA,EAAsBC,iBAAAA;IACtB,uBAAA,EAAyBC,oBAAAA;AACzBC,IAAAA,cAAAA;AACAC,IAAAA,UAAAA;AACAC,IAAAA,IAAAA;AACAC,cAAAA,KAAAA;AACAC,IAAAA,IAAAA;AACAC,IAAAA,QAAAA;IACA,aAAA,EAAeC,UAAAA;AACfC,IAAAA,QAAAA;AACAC,IAAAA;AACF,CAAA;;;;"}
|
|
@@ -2,6 +2,7 @@ import admin from './admin.mjs';
|
|
|
2
2
|
import apiToken from './api-token.mjs';
|
|
3
3
|
import adminToken from './admin-token.mjs';
|
|
4
4
|
import authenticatedUser from './authenticated-user.mjs';
|
|
5
|
+
import authenticatedSession from './authenticated-session.mjs';
|
|
5
6
|
import authentication from './authentication.mjs';
|
|
6
7
|
import permission from './permission.mjs';
|
|
7
8
|
import role from './role.mjs';
|
|
@@ -17,6 +18,7 @@ var controllers = {
|
|
|
17
18
|
'api-token': apiToken,
|
|
18
19
|
'admin-token': adminToken,
|
|
19
20
|
'authenticated-user': authenticatedUser,
|
|
21
|
+
'authenticated-session': authenticatedSession,
|
|
20
22
|
authentication,
|
|
21
23
|
permission,
|
|
22
24
|
role,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.mjs","sources":["../../../../../server/src/controllers/index.ts"],"sourcesContent":["import type {} from 'koa-body';\n\nimport admin from './admin';\nimport apiToken from './api-token';\nimport adminToken from './admin-token';\nimport authenticatedUser from './authenticated-user';\nimport authentication from './authentication';\nimport permission from './permission';\nimport role from './role';\nimport transfer from './transfer';\nimport user from './user';\nimport webhooks from './webhooks';\nimport contentApi from './content-api';\nimport homepage from './homepage';\nimport ai from '../ai/controllers/ai';\n\nexport default {\n admin,\n 'api-token': apiToken,\n 'admin-token': adminToken,\n 'authenticated-user': authenticatedUser,\n authentication,\n permission,\n role,\n transfer,\n user,\n webhooks,\n 'content-api': contentApi,\n homepage,\n ai,\n};\n"],"names":["admin","apiToken","adminToken","authenticatedUser","authentication","permission","role","transfer","user","webhooks","contentApi","homepage","ai"],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.mjs","sources":["../../../../../server/src/controllers/index.ts"],"sourcesContent":["import type {} from 'koa-body';\n\nimport admin from './admin';\nimport apiToken from './api-token';\nimport adminToken from './admin-token';\nimport authenticatedUser from './authenticated-user';\nimport authenticatedSession from './authenticated-session';\nimport authentication from './authentication';\nimport permission from './permission';\nimport role from './role';\nimport transfer from './transfer';\nimport user from './user';\nimport webhooks from './webhooks';\nimport contentApi from './content-api';\nimport homepage from './homepage';\nimport ai from '../ai/controllers/ai';\n\nexport default {\n admin,\n 'api-token': apiToken,\n 'admin-token': adminToken,\n 'authenticated-user': authenticatedUser,\n 'authenticated-session': authenticatedSession,\n authentication,\n permission,\n role,\n transfer,\n user,\n webhooks,\n 'content-api': contentApi,\n homepage,\n ai,\n};\n"],"names":["admin","apiToken","adminToken","authenticatedUser","authenticatedSession","authentication","permission","role","transfer","user","webhooks","contentApi","homepage","ai"],"mappings":";;;;;;;;;;;;;;;AAiBA,kBAAe;AACbA,IAAAA,KAAAA;IACA,WAAA,EAAaC,QAAAA;IACb,aAAA,EAAeC,UAAAA;IACf,oBAAA,EAAsBC,iBAAAA;IACtB,uBAAA,EAAyBC,oBAAAA;AACzBC,IAAAA,cAAAA;AACAC,IAAAA,UAAAA;AACAC,IAAAA,IAAAA;AACAC,IAAAA,QAAAA;AACAC,IAAAA,IAAAA;AACAC,IAAAA,QAAAA;IACA,aAAA,EAAeC,UAAAA;AACfC,IAAAA,QAAAA;AACAC,IAAAA;AACF,CAAA;;;;"}
|
|
@@ -122,10 +122,8 @@ var role = {
|
|
|
122
122
|
throw new ApplicationError("Super admin permissions can't be edited.");
|
|
123
123
|
}
|
|
124
124
|
await permission.validatedUpdatePermissionsInput(input);
|
|
125
|
-
|
|
126
|
-
|
|
127
|
-
}
|
|
128
|
-
const permissions = await roleService.assignPermissions(role.id, input.permissions);
|
|
125
|
+
const normalizedPermissions = await roleService.hooks.willValidateUpdatePermissions.call(input.permissions);
|
|
126
|
+
const permissions = await roleService.assignPermissions(role.id, normalizedPermissions);
|
|
129
127
|
const sanitizedPermissions = permissions.map(permissionService.sanitizePermission);
|
|
130
128
|
ctx.body = {
|
|
131
129
|
data: sanitizedPermissions
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"role.js","sources":["../../../../../server/src/controllers/role.ts"],"sourcesContent":["import type { Context } from 'koa';\nimport { errors } from '@strapi/utils';\nimport {\n validateRoleUpdateInput,\n validateRoleCreateInput,\n validateRoleDeleteInput,\n validateRolesDeleteInput,\n} from '../validation/role';\nimport { validatedUpdatePermissionsInput } from '../validation/permission';\nimport constants from '../services/constants';\nimport { getService } from '../utils';\nimport type {\n Create,\n FindRoles,\n FindRole,\n Update,\n GetPermissions,\n UpdatePermissions,\n Delete,\n BatchDelete,\n} from '../../../shared/contracts/roles';\nimport { AdminRole } from '../../../shared/contracts/shared';\n\nconst { ApplicationError } = errors;\nconst { SUPER_ADMIN_CODE } = constants;\n\nexport default {\n /**\n * Create a new role\n * @param {KoaContext} ctx - koa context\n */\n async create(ctx: Context) {\n const { body } = ctx.request as Create.Request;\n await validateRoleCreateInput(body);\n\n const roleService = getService('role');\n\n const role = await roleService.create(body);\n const sanitizedRole = roleService.sanitizeRole(role) as Omit<AdminRole, 'users' | 'permission'>;\n\n ctx.created({ data: sanitizedRole } satisfies Create.Response);\n },\n\n /**\n * Returns on role by id\n * @param {KoaContext} ctx - koa context\n */\n async findOne(ctx: Context) {\n const { id } = ctx.params as FindRole.Request['params'];\n const role = await getService('role').findOneWithUsersCount({ id });\n\n if (!role) {\n return ctx.notFound('role.notFound');\n }\n\n ctx.body = {\n data: role,\n } satisfies FindRole.Response;\n },\n\n /**\n * Returns every roles\n * @param {KoaContext} ctx - koa context\n */\n async findAll(ctx: Context) {\n const { query } = ctx.request as FindRoles.Request;\n\n const permissionsManager = getService('permission').createPermissionsManager({\n ability: ctx.state.userAbility,\n model: 'admin::role',\n });\n\n await permissionsManager.validateQuery(query);\n const sanitizedQuery = await permissionsManager.sanitizeQuery(query);\n\n const roles = await getService('role').findAllWithUsersCount(sanitizedQuery);\n\n ctx.body = {\n data: roles,\n } satisfies FindRoles.Response;\n },\n\n /**\n * Updates a role by id\n * @param {KoaContext} ctx - koa context\n */\n async update(ctx: Context) {\n const { id } = ctx.params as Update.Request['params'];\n const { body } = ctx.request as Omit<Update.Request, 'params'>;\n\n const roleService = getService('role');\n\n await validateRoleUpdateInput(body);\n\n const role = await roleService.findOne({ id });\n\n if (!role) {\n return ctx.notFound('role.notFound');\n }\n\n if (role.code === SUPER_ADMIN_CODE) {\n throw new ApplicationError(\"Super admin can't be edited.\");\n }\n\n const updatedRole = await roleService.update({ id }, body);\n const sanitizedRole = roleService.sanitizeRole(updatedRole) as Omit<\n AdminRole,\n 'users' | 'permission'\n >;\n\n ctx.body = {\n data: sanitizedRole,\n } satisfies Update.Response;\n },\n\n /**\n * Returns the permissions assigned to a role\n * @param {KoaContext} ctx - koa context\n */\n async getPermissions(ctx: Context) {\n const { id } = ctx.params as GetPermissions.Request['params'];\n\n const roleService = getService('role');\n const permissionService = getService('permission');\n\n const role = await roleService.findOne({ id });\n\n if (!role) {\n return ctx.notFound('role.notFound');\n }\n\n const permissions = await permissionService.findMany({ where: { role: { id: role.id } } });\n\n const sanitizedPermissions = permissions.map(permissionService.sanitizePermission);\n\n ctx.body = {\n // @ts-expect-error - transform response type to sanitized permission\n data: sanitizedPermissions,\n } satisfies GetPermissions.Response;\n },\n\n /**\n * Updates the permissions assigned to a role\n * @param {KoaContext} ctx - koa context\n */\n async updatePermissions(ctx: Context) {\n const { id } = ctx.params as UpdatePermissions.Request['params'];\n const { body: input } = ctx.request as Omit<UpdatePermissions.Request, 'params'>;\n\n const roleService = getService('role');\n const permissionService = getService('permission');\n\n const role = await roleService.findOne({ id });\n\n if (!role) {\n return ctx.notFound('role.notFound');\n }\n\n if (role.code === SUPER_ADMIN_CODE) {\n throw new ApplicationError(\"Super admin permissions can't be edited.\");\n }\n\n await validatedUpdatePermissionsInput(input);\n\n if (!role) {\n return ctx.notFound('role.notFound');\n }\n\n const permissions = await roleService.assignPermissions(role.id, input.permissions);\n\n const sanitizedPermissions = permissions.map(permissionService.sanitizePermission);\n\n ctx.body = {\n data: sanitizedPermissions,\n } satisfies UpdatePermissions.Response;\n },\n\n /**\n * Delete a role\n * @param {KoaContext} ctx - koa context\n */\n async deleteOne(ctx: Context) {\n const { id } = ctx.params as Delete.Request['params'];\n\n await validateRoleDeleteInput(id);\n\n const roleService = getService('role');\n\n const roles = await roleService.deleteByIds([id]);\n\n const sanitizedRole = roles.map((role) => roleService.sanitizeRole(role))[0] || null;\n\n return ctx.deleted({\n data: sanitizedRole,\n } satisfies Delete.Response);\n },\n\n /**\n * delete several roles\n * @param {KoaContext} ctx - koa context\n */\n async deleteMany(ctx: Context) {\n const { body } = ctx.request as BatchDelete.Request;\n\n await validateRolesDeleteInput(body);\n\n const roleService = getService('role');\n\n const roles = await roleService.deleteByIds(body.ids);\n const sanitizedRoles = roles.map(roleService.sanitizeRole);\n\n return ctx.deleted({\n data: sanitizedRoles,\n } satisfies BatchDelete.Response);\n },\n};\n"],"names":["ApplicationError","errors","SUPER_ADMIN_CODE","constants","create","ctx","body","request","validateRoleCreateInput","roleService","getService","role","sanitizedRole","sanitizeRole","created","data","findOne","id","params","findOneWithUsersCount","notFound","findAll","query","permissionsManager","createPermissionsManager","ability","state","userAbility","model","validateQuery","sanitizedQuery","sanitizeQuery","roles","findAllWithUsersCount","update","validateRoleUpdateInput","code","updatedRole","getPermissions","permissionService","permissions","findMany","where","sanitizedPermissions","map","sanitizePermission","updatePermissions","input","validatedUpdatePermissionsInput","assignPermissions","deleteOne","validateRoleDeleteInput","deleteByIds","deleted","deleteMany","validateRolesDeleteInput","ids","sanitizedRoles"],"mappings":";;;;;;;;AAuBA,MAAM,EAAEA,gBAAgB,EAAE,GAAGC,YAAAA;AAC7B,MAAM,EAAEC,gBAAgB,EAAE,GAAGC,SAAAA;AAE7B,WAAe;AACb;;;MAIA,MAAMC,QAAOC,GAAY,EAAA;AACvB,QAAA,MAAM,EAAEC,IAAI,EAAE,GAAGD,IAAIE,OAAO;AAC5B,QAAA,MAAMC,8BAAAA,CAAwBF,IAAAA,CAAAA;AAE9B,QAAA,MAAMG,cAAcC,gBAAAA,CAAW,MAAA,CAAA;AAE/B,QAAA,MAAMC,IAAAA,GAAO,MAAMF,WAAAA,CAAYL,MAAM,CAACE,IAAAA,CAAAA;QACtC,MAAMM,aAAAA,GAAgBH,WAAAA,CAAYI,YAAY,CAACF,IAAAA,CAAAA;AAE/CN,QAAAA,GAAAA,CAAIS,OAAO,CAAC;YAAEC,IAAAA,EAAMH;AAAc,SAAA,CAAA;AACpC,IAAA,CAAA;AAEA;;;MAIA,MAAMI,SAAQX,GAAY,EAAA;AACxB,QAAA,MAAM,EAAEY,EAAE,EAAE,GAAGZ,IAAIa,MAAM;AACzB,QAAA,MAAMP,IAAAA,GAAO,MAAMD,gBAAAA,CAAW,MAAA,CAAA,CAAQS,qBAAqB,CAAC;AAAEF,YAAAA;AAAG,SAAA,CAAA;AAEjE,QAAA,IAAI,CAACN,IAAAA,EAAM;YACT,OAAON,GAAAA,CAAIe,QAAQ,CAAC,eAAA,CAAA;AACtB,QAAA;AAEAf,QAAAA,GAAAA,CAAIC,IAAI,GAAG;YACTS,IAAAA,EAAMJ;AACR,SAAA;AACF,IAAA,CAAA;AAEA;;;MAIA,MAAMU,SAAQhB,GAAY,EAAA;AACxB,QAAA,MAAM,EAAEiB,KAAK,EAAE,GAAGjB,IAAIE,OAAO;AAE7B,QAAA,MAAMgB,kBAAAA,GAAqBb,gBAAAA,CAAW,YAAA,CAAA,CAAcc,wBAAwB,CAAC;YAC3EC,OAAAA,EAASpB,GAAAA,CAAIqB,KAAK,CAACC,WAAW;YAC9BC,KAAAA,EAAO;AACT,SAAA,CAAA;QAEA,MAAML,kBAAAA,CAAmBM,aAAa,CAACP,KAAAA,CAAAA;AACvC,QAAA,MAAMQ,cAAAA,GAAiB,MAAMP,kBAAAA,CAAmBQ,aAAa,CAACT,KAAAA,CAAAA;AAE9D,QAAA,MAAMU,KAAAA,GAAQ,MAAMtB,gBAAAA,CAAW,MAAA,CAAA,CAAQuB,qBAAqB,CAACH,cAAAA,CAAAA;AAE7DzB,QAAAA,GAAAA,CAAIC,IAAI,GAAG;YACTS,IAAAA,EAAMiB;AACR,SAAA;AACF,IAAA,CAAA;AAEA;;;MAIA,MAAME,QAAO7B,GAAY,EAAA;AACvB,QAAA,MAAM,EAAEY,EAAE,EAAE,GAAGZ,IAAIa,MAAM;AACzB,QAAA,MAAM,EAAEZ,IAAI,EAAE,GAAGD,IAAIE,OAAO;AAE5B,QAAA,MAAME,cAAcC,gBAAAA,CAAW,MAAA,CAAA;AAE/B,QAAA,MAAMyB,8BAAAA,CAAwB7B,IAAAA,CAAAA;AAE9B,QAAA,MAAMK,IAAAA,GAAO,MAAMF,WAAAA,CAAYO,OAAO,CAAC;AAAEC,YAAAA;AAAG,SAAA,CAAA;AAE5C,QAAA,IAAI,CAACN,IAAAA,EAAM;YACT,OAAON,GAAAA,CAAIe,QAAQ,CAAC,eAAA,CAAA;AACtB,QAAA;QAEA,IAAIT,IAAAA,CAAKyB,IAAI,KAAKlC,gBAAAA,EAAkB;AAClC,YAAA,MAAM,IAAIF,gBAAAA,CAAiB,8BAAA,CAAA;AAC7B,QAAA;AAEA,QAAA,MAAMqC,WAAAA,GAAc,MAAM5B,WAAAA,CAAYyB,MAAM,CAAC;AAAEjB,YAAAA;SAAG,EAAGX,IAAAA,CAAAA;QACrD,MAAMM,aAAAA,GAAgBH,WAAAA,CAAYI,YAAY,CAACwB,WAAAA,CAAAA;AAK/ChC,QAAAA,GAAAA,CAAIC,IAAI,GAAG;YACTS,IAAAA,EAAMH;AACR,SAAA;AACF,IAAA,CAAA;AAEA;;;MAIA,MAAM0B,gBAAejC,GAAY,EAAA;AAC/B,QAAA,MAAM,EAAEY,EAAE,EAAE,GAAGZ,IAAIa,MAAM;AAEzB,QAAA,MAAMT,cAAcC,gBAAAA,CAAW,MAAA,CAAA;AAC/B,QAAA,MAAM6B,oBAAoB7B,gBAAAA,CAAW,YAAA,CAAA;AAErC,QAAA,MAAMC,IAAAA,GAAO,MAAMF,WAAAA,CAAYO,OAAO,CAAC;AAAEC,YAAAA;AAAG,SAAA,CAAA;AAE5C,QAAA,IAAI,CAACN,IAAAA,EAAM;YACT,OAAON,GAAAA,CAAIe,QAAQ,CAAC,eAAA,CAAA;AACtB,QAAA;AAEA,QAAA,MAAMoB,WAAAA,GAAc,MAAMD,iBAAAA,CAAkBE,QAAQ,CAAC;YAAEC,KAAAA,EAAO;gBAAE/B,IAAAA,EAAM;AAAEM,oBAAAA,EAAAA,EAAIN,KAAKM;AAAG;AAAE;AAAE,SAAA,CAAA;AAExF,QAAA,MAAM0B,oBAAAA,GAAuBH,WAAAA,CAAYI,GAAG,CAACL,kBAAkBM,kBAAkB,CAAA;AAEjFxC,QAAAA,GAAAA,CAAIC,IAAI,GAAG;;YAETS,IAAAA,EAAM4B;AACR,SAAA;AACF,IAAA,CAAA;AAEA;;;MAIA,MAAMG,mBAAkBzC,GAAY,EAAA;AAClC,QAAA,MAAM,EAAEY,EAAE,EAAE,GAAGZ,IAAIa,MAAM;AACzB,QAAA,MAAM,EAAEZ,IAAAA,EAAMyC,KAAK,EAAE,GAAG1C,IAAIE,OAAO;AAEnC,QAAA,MAAME,cAAcC,gBAAAA,CAAW,MAAA,CAAA;AAC/B,QAAA,MAAM6B,oBAAoB7B,gBAAAA,CAAW,YAAA,CAAA;AAErC,QAAA,MAAMC,IAAAA,GAAO,MAAMF,WAAAA,CAAYO,OAAO,CAAC;AAAEC,YAAAA;AAAG,SAAA,CAAA;AAE5C,QAAA,IAAI,CAACN,IAAAA,EAAM;YACT,OAAON,GAAAA,CAAIe,QAAQ,CAAC,eAAA,CAAA;AACtB,QAAA;QAEA,IAAIT,IAAAA,CAAKyB,IAAI,KAAKlC,gBAAAA,EAAkB;AAClC,YAAA,MAAM,IAAIF,gBAAAA,CAAiB,0CAAA,CAAA;AAC7B,QAAA;AAEA,QAAA,MAAMgD,0CAAAA,CAAgCD,KAAAA,CAAAA;AAEtC,QAAA,IAAI,CAACpC,IAAAA,EAAM;YACT,OAAON,GAAAA,CAAIe,QAAQ,CAAC,eAAA,CAAA;AACtB,QAAA;QAEA,MAAMoB,WAAAA,GAAc,MAAM/B,WAAAA,CAAYwC,iBAAiB,CAACtC,IAAAA,CAAKM,EAAE,EAAE8B,KAAAA,CAAMP,WAAW,CAAA;AAElF,QAAA,MAAMG,oBAAAA,GAAuBH,WAAAA,CAAYI,GAAG,CAACL,kBAAkBM,kBAAkB,CAAA;AAEjFxC,QAAAA,GAAAA,CAAIC,IAAI,GAAG;YACTS,IAAAA,EAAM4B;AACR,SAAA;AACF,IAAA,CAAA;AAEA;;;MAIA,MAAMO,WAAU7C,GAAY,EAAA;AAC1B,QAAA,MAAM,EAAEY,EAAE,EAAE,GAAGZ,IAAIa,MAAM;AAEzB,QAAA,MAAMiC,8BAAAA,CAAwBlC,EAAAA,CAAAA;AAE9B,QAAA,MAAMR,cAAcC,gBAAAA,CAAW,MAAA,CAAA;AAE/B,QAAA,MAAMsB,KAAAA,GAAQ,MAAMvB,WAAAA,CAAY2C,WAAW,CAAC;AAACnC,YAAAA;AAAG,SAAA,CAAA;AAEhD,QAAA,MAAML,aAAAA,GAAgBoB,KAAAA,CAAMY,GAAG,CAAC,CAACjC,IAAAA,GAASF,WAAAA,CAAYI,YAAY,CAACF,IAAAA,CAAAA,CAAM,CAAC,CAAA,CAAE,IAAI,IAAA;QAEhF,OAAON,GAAAA,CAAIgD,OAAO,CAAC;YACjBtC,IAAAA,EAAMH;AACR,SAAA,CAAA;AACF,IAAA,CAAA;AAEA;;;MAIA,MAAM0C,YAAWjD,GAAY,EAAA;AAC3B,QAAA,MAAM,EAAEC,IAAI,EAAE,GAAGD,IAAIE,OAAO;AAE5B,QAAA,MAAMgD,+BAAAA,CAAyBjD,IAAAA,CAAAA;AAE/B,QAAA,MAAMG,cAAcC,gBAAAA,CAAW,MAAA,CAAA;AAE/B,QAAA,MAAMsB,QAAQ,MAAMvB,WAAAA,CAAY2C,WAAW,CAAC9C,KAAKkD,GAAG,CAAA;AACpD,QAAA,MAAMC,cAAAA,GAAiBzB,KAAAA,CAAMY,GAAG,CAACnC,YAAYI,YAAY,CAAA;QAEzD,OAAOR,GAAAA,CAAIgD,OAAO,CAAC;YACjBtC,IAAAA,EAAM0C;AACR,SAAA,CAAA;AACF,IAAA;AACF,CAAA;;;;"}
|
|
1
|
+
{"version":3,"file":"role.js","sources":["../../../../../server/src/controllers/role.ts"],"sourcesContent":["import type { Context } from 'koa';\nimport { errors } from '@strapi/utils';\nimport {\n validateRoleUpdateInput,\n validateRoleCreateInput,\n validateRoleDeleteInput,\n validateRolesDeleteInput,\n} from '../validation/role';\nimport { validatedUpdatePermissionsInput } from '../validation/permission';\nimport constants from '../services/constants';\nimport { getService } from '../utils';\nimport type {\n Create,\n FindRoles,\n FindRole,\n Update,\n GetPermissions,\n UpdatePermissions,\n Delete,\n BatchDelete,\n} from '../../../shared/contracts/roles';\nimport { AdminRole } from '../../../shared/contracts/shared';\n\nconst { ApplicationError } = errors;\nconst { SUPER_ADMIN_CODE } = constants;\n\nexport default {\n /**\n * Create a new role\n * @param {KoaContext} ctx - koa context\n */\n async create(ctx: Context) {\n const { body } = ctx.request as Create.Request;\n await validateRoleCreateInput(body);\n\n const roleService = getService('role');\n\n const role = await roleService.create(body);\n const sanitizedRole = roleService.sanitizeRole(role) as Omit<AdminRole, 'users' | 'permission'>;\n\n ctx.created({ data: sanitizedRole } satisfies Create.Response);\n },\n\n /**\n * Returns on role by id\n * @param {KoaContext} ctx - koa context\n */\n async findOne(ctx: Context) {\n const { id } = ctx.params as FindRole.Request['params'];\n const role = await getService('role').findOneWithUsersCount({ id });\n\n if (!role) {\n return ctx.notFound('role.notFound');\n }\n\n ctx.body = {\n data: role,\n } satisfies FindRole.Response;\n },\n\n /**\n * Returns every roles\n * @param {KoaContext} ctx - koa context\n */\n async findAll(ctx: Context) {\n const { query } = ctx.request as FindRoles.Request;\n\n const permissionsManager = getService('permission').createPermissionsManager({\n ability: ctx.state.userAbility,\n model: 'admin::role',\n });\n\n await permissionsManager.validateQuery(query);\n const sanitizedQuery = await permissionsManager.sanitizeQuery(query);\n\n const roles = await getService('role').findAllWithUsersCount(sanitizedQuery);\n\n ctx.body = {\n data: roles,\n } satisfies FindRoles.Response;\n },\n\n /**\n * Updates a role by id\n * @param {KoaContext} ctx - koa context\n */\n async update(ctx: Context) {\n const { id } = ctx.params as Update.Request['params'];\n const { body } = ctx.request as Omit<Update.Request, 'params'>;\n\n const roleService = getService('role');\n\n await validateRoleUpdateInput(body);\n\n const role = await roleService.findOne({ id });\n\n if (!role) {\n return ctx.notFound('role.notFound');\n }\n\n if (role.code === SUPER_ADMIN_CODE) {\n throw new ApplicationError(\"Super admin can't be edited.\");\n }\n\n const updatedRole = await roleService.update({ id }, body);\n const sanitizedRole = roleService.sanitizeRole(updatedRole) as Omit<\n AdminRole,\n 'users' | 'permission'\n >;\n\n ctx.body = {\n data: sanitizedRole,\n } satisfies Update.Response;\n },\n\n /**\n * Returns the permissions assigned to a role\n * @param {KoaContext} ctx - koa context\n */\n async getPermissions(ctx: Context) {\n const { id } = ctx.params as GetPermissions.Request['params'];\n\n const roleService = getService('role');\n const permissionService = getService('permission');\n\n const role = await roleService.findOne({ id });\n\n if (!role) {\n return ctx.notFound('role.notFound');\n }\n\n const permissions = await permissionService.findMany({ where: { role: { id: role.id } } });\n\n const sanitizedPermissions = permissions.map(permissionService.sanitizePermission);\n\n ctx.body = {\n // @ts-expect-error - transform response type to sanitized permission\n data: sanitizedPermissions,\n } satisfies GetPermissions.Response;\n },\n\n /**\n * Updates the permissions assigned to a role\n * @param {KoaContext} ctx - koa context\n */\n async updatePermissions(ctx: Context) {\n const { id } = ctx.params as UpdatePermissions.Request['params'];\n const { body: input } = ctx.request as Omit<UpdatePermissions.Request, 'params'>;\n\n const roleService = getService('role');\n const permissionService = getService('permission');\n\n const role = await roleService.findOne({ id });\n\n if (!role) {\n return ctx.notFound('role.notFound');\n }\n\n if (role.code === SUPER_ADMIN_CODE) {\n throw new ApplicationError(\"Super admin permissions can't be edited.\");\n }\n\n await validatedUpdatePermissionsInput(input);\n\n const normalizedPermissions = (await roleService.hooks.willValidateUpdatePermissions.call(\n input.permissions\n )) as typeof input.permissions;\n\n const permissions = await roleService.assignPermissions(role.id, normalizedPermissions);\n\n const sanitizedPermissions = permissions.map(permissionService.sanitizePermission);\n\n ctx.body = {\n data: sanitizedPermissions,\n } satisfies UpdatePermissions.Response;\n },\n\n /**\n * Delete a role\n * @param {KoaContext} ctx - koa context\n */\n async deleteOne(ctx: Context) {\n const { id } = ctx.params as Delete.Request['params'];\n\n await validateRoleDeleteInput(id);\n\n const roleService = getService('role');\n\n const roles = await roleService.deleteByIds([id]);\n\n const sanitizedRole = roles.map((role) => roleService.sanitizeRole(role))[0] || null;\n\n return ctx.deleted({\n data: sanitizedRole,\n } satisfies Delete.Response);\n },\n\n /**\n * delete several roles\n * @param {KoaContext} ctx - koa context\n */\n async deleteMany(ctx: Context) {\n const { body } = ctx.request as BatchDelete.Request;\n\n await validateRolesDeleteInput(body);\n\n const roleService = getService('role');\n\n const roles = await roleService.deleteByIds(body.ids);\n const sanitizedRoles = roles.map(roleService.sanitizeRole);\n\n return ctx.deleted({\n data: sanitizedRoles,\n } satisfies BatchDelete.Response);\n },\n};\n"],"names":["ApplicationError","errors","SUPER_ADMIN_CODE","constants","create","ctx","body","request","validateRoleCreateInput","roleService","getService","role","sanitizedRole","sanitizeRole","created","data","findOne","id","params","findOneWithUsersCount","notFound","findAll","query","permissionsManager","createPermissionsManager","ability","state","userAbility","model","validateQuery","sanitizedQuery","sanitizeQuery","roles","findAllWithUsersCount","update","validateRoleUpdateInput","code","updatedRole","getPermissions","permissionService","permissions","findMany","where","sanitizedPermissions","map","sanitizePermission","updatePermissions","input","validatedUpdatePermissionsInput","normalizedPermissions","hooks","willValidateUpdatePermissions","call","assignPermissions","deleteOne","validateRoleDeleteInput","deleteByIds","deleted","deleteMany","validateRolesDeleteInput","ids","sanitizedRoles"],"mappings":";;;;;;;;AAuBA,MAAM,EAAEA,gBAAgB,EAAE,GAAGC,YAAAA;AAC7B,MAAM,EAAEC,gBAAgB,EAAE,GAAGC,SAAAA;AAE7B,WAAe;AACb;;;MAIA,MAAMC,QAAOC,GAAY,EAAA;AACvB,QAAA,MAAM,EAAEC,IAAI,EAAE,GAAGD,IAAIE,OAAO;AAC5B,QAAA,MAAMC,8BAAAA,CAAwBF,IAAAA,CAAAA;AAE9B,QAAA,MAAMG,cAAcC,gBAAAA,CAAW,MAAA,CAAA;AAE/B,QAAA,MAAMC,IAAAA,GAAO,MAAMF,WAAAA,CAAYL,MAAM,CAACE,IAAAA,CAAAA;QACtC,MAAMM,aAAAA,GAAgBH,WAAAA,CAAYI,YAAY,CAACF,IAAAA,CAAAA;AAE/CN,QAAAA,GAAAA,CAAIS,OAAO,CAAC;YAAEC,IAAAA,EAAMH;AAAc,SAAA,CAAA;AACpC,IAAA,CAAA;AAEA;;;MAIA,MAAMI,SAAQX,GAAY,EAAA;AACxB,QAAA,MAAM,EAAEY,EAAE,EAAE,GAAGZ,IAAIa,MAAM;AACzB,QAAA,MAAMP,IAAAA,GAAO,MAAMD,gBAAAA,CAAW,MAAA,CAAA,CAAQS,qBAAqB,CAAC;AAAEF,YAAAA;AAAG,SAAA,CAAA;AAEjE,QAAA,IAAI,CAACN,IAAAA,EAAM;YACT,OAAON,GAAAA,CAAIe,QAAQ,CAAC,eAAA,CAAA;AACtB,QAAA;AAEAf,QAAAA,GAAAA,CAAIC,IAAI,GAAG;YACTS,IAAAA,EAAMJ;AACR,SAAA;AACF,IAAA,CAAA;AAEA;;;MAIA,MAAMU,SAAQhB,GAAY,EAAA;AACxB,QAAA,MAAM,EAAEiB,KAAK,EAAE,GAAGjB,IAAIE,OAAO;AAE7B,QAAA,MAAMgB,kBAAAA,GAAqBb,gBAAAA,CAAW,YAAA,CAAA,CAAcc,wBAAwB,CAAC;YAC3EC,OAAAA,EAASpB,GAAAA,CAAIqB,KAAK,CAACC,WAAW;YAC9BC,KAAAA,EAAO;AACT,SAAA,CAAA;QAEA,MAAML,kBAAAA,CAAmBM,aAAa,CAACP,KAAAA,CAAAA;AACvC,QAAA,MAAMQ,cAAAA,GAAiB,MAAMP,kBAAAA,CAAmBQ,aAAa,CAACT,KAAAA,CAAAA;AAE9D,QAAA,MAAMU,KAAAA,GAAQ,MAAMtB,gBAAAA,CAAW,MAAA,CAAA,CAAQuB,qBAAqB,CAACH,cAAAA,CAAAA;AAE7DzB,QAAAA,GAAAA,CAAIC,IAAI,GAAG;YACTS,IAAAA,EAAMiB;AACR,SAAA;AACF,IAAA,CAAA;AAEA;;;MAIA,MAAME,QAAO7B,GAAY,EAAA;AACvB,QAAA,MAAM,EAAEY,EAAE,EAAE,GAAGZ,IAAIa,MAAM;AACzB,QAAA,MAAM,EAAEZ,IAAI,EAAE,GAAGD,IAAIE,OAAO;AAE5B,QAAA,MAAME,cAAcC,gBAAAA,CAAW,MAAA,CAAA;AAE/B,QAAA,MAAMyB,8BAAAA,CAAwB7B,IAAAA,CAAAA;AAE9B,QAAA,MAAMK,IAAAA,GAAO,MAAMF,WAAAA,CAAYO,OAAO,CAAC;AAAEC,YAAAA;AAAG,SAAA,CAAA;AAE5C,QAAA,IAAI,CAACN,IAAAA,EAAM;YACT,OAAON,GAAAA,CAAIe,QAAQ,CAAC,eAAA,CAAA;AACtB,QAAA;QAEA,IAAIT,IAAAA,CAAKyB,IAAI,KAAKlC,gBAAAA,EAAkB;AAClC,YAAA,MAAM,IAAIF,gBAAAA,CAAiB,8BAAA,CAAA;AAC7B,QAAA;AAEA,QAAA,MAAMqC,WAAAA,GAAc,MAAM5B,WAAAA,CAAYyB,MAAM,CAAC;AAAEjB,YAAAA;SAAG,EAAGX,IAAAA,CAAAA;QACrD,MAAMM,aAAAA,GAAgBH,WAAAA,CAAYI,YAAY,CAACwB,WAAAA,CAAAA;AAK/ChC,QAAAA,GAAAA,CAAIC,IAAI,GAAG;YACTS,IAAAA,EAAMH;AACR,SAAA;AACF,IAAA,CAAA;AAEA;;;MAIA,MAAM0B,gBAAejC,GAAY,EAAA;AAC/B,QAAA,MAAM,EAAEY,EAAE,EAAE,GAAGZ,IAAIa,MAAM;AAEzB,QAAA,MAAMT,cAAcC,gBAAAA,CAAW,MAAA,CAAA;AAC/B,QAAA,MAAM6B,oBAAoB7B,gBAAAA,CAAW,YAAA,CAAA;AAErC,QAAA,MAAMC,IAAAA,GAAO,MAAMF,WAAAA,CAAYO,OAAO,CAAC;AAAEC,YAAAA;AAAG,SAAA,CAAA;AAE5C,QAAA,IAAI,CAACN,IAAAA,EAAM;YACT,OAAON,GAAAA,CAAIe,QAAQ,CAAC,eAAA,CAAA;AACtB,QAAA;AAEA,QAAA,MAAMoB,WAAAA,GAAc,MAAMD,iBAAAA,CAAkBE,QAAQ,CAAC;YAAEC,KAAAA,EAAO;gBAAE/B,IAAAA,EAAM;AAAEM,oBAAAA,EAAAA,EAAIN,KAAKM;AAAG;AAAE;AAAE,SAAA,CAAA;AAExF,QAAA,MAAM0B,oBAAAA,GAAuBH,WAAAA,CAAYI,GAAG,CAACL,kBAAkBM,kBAAkB,CAAA;AAEjFxC,QAAAA,GAAAA,CAAIC,IAAI,GAAG;;YAETS,IAAAA,EAAM4B;AACR,SAAA;AACF,IAAA,CAAA;AAEA;;;MAIA,MAAMG,mBAAkBzC,GAAY,EAAA;AAClC,QAAA,MAAM,EAAEY,EAAE,EAAE,GAAGZ,IAAIa,MAAM;AACzB,QAAA,MAAM,EAAEZ,IAAAA,EAAMyC,KAAK,EAAE,GAAG1C,IAAIE,OAAO;AAEnC,QAAA,MAAME,cAAcC,gBAAAA,CAAW,MAAA,CAAA;AAC/B,QAAA,MAAM6B,oBAAoB7B,gBAAAA,CAAW,YAAA,CAAA;AAErC,QAAA,MAAMC,IAAAA,GAAO,MAAMF,WAAAA,CAAYO,OAAO,CAAC;AAAEC,YAAAA;AAAG,SAAA,CAAA;AAE5C,QAAA,IAAI,CAACN,IAAAA,EAAM;YACT,OAAON,GAAAA,CAAIe,QAAQ,CAAC,eAAA,CAAA;AACtB,QAAA;QAEA,IAAIT,IAAAA,CAAKyB,IAAI,KAAKlC,gBAAAA,EAAkB;AAClC,YAAA,MAAM,IAAIF,gBAAAA,CAAiB,0CAAA,CAAA;AAC7B,QAAA;AAEA,QAAA,MAAMgD,0CAAAA,CAAgCD,KAAAA,CAAAA;QAEtC,MAAME,qBAAAA,GAAyB,MAAMxC,WAAAA,CAAYyC,KAAK,CAACC,6BAA6B,CAACC,IAAI,CACvFL,KAAAA,CAAMP,WAAW,CAAA;AAGnB,QAAA,MAAMA,cAAc,MAAM/B,WAAAA,CAAY4C,iBAAiB,CAAC1C,IAAAA,CAAKM,EAAE,EAAEgC,qBAAAA,CAAAA;AAEjE,QAAA,MAAMN,oBAAAA,GAAuBH,WAAAA,CAAYI,GAAG,CAACL,kBAAkBM,kBAAkB,CAAA;AAEjFxC,QAAAA,GAAAA,CAAIC,IAAI,GAAG;YACTS,IAAAA,EAAM4B;AACR,SAAA;AACF,IAAA,CAAA;AAEA;;;MAIA,MAAMW,WAAUjD,GAAY,EAAA;AAC1B,QAAA,MAAM,EAAEY,EAAE,EAAE,GAAGZ,IAAIa,MAAM;AAEzB,QAAA,MAAMqC,8BAAAA,CAAwBtC,EAAAA,CAAAA;AAE9B,QAAA,MAAMR,cAAcC,gBAAAA,CAAW,MAAA,CAAA;AAE/B,QAAA,MAAMsB,KAAAA,GAAQ,MAAMvB,WAAAA,CAAY+C,WAAW,CAAC;AAACvC,YAAAA;AAAG,SAAA,CAAA;AAEhD,QAAA,MAAML,aAAAA,GAAgBoB,KAAAA,CAAMY,GAAG,CAAC,CAACjC,IAAAA,GAASF,WAAAA,CAAYI,YAAY,CAACF,IAAAA,CAAAA,CAAM,CAAC,CAAA,CAAE,IAAI,IAAA;QAEhF,OAAON,GAAAA,CAAIoD,OAAO,CAAC;YACjB1C,IAAAA,EAAMH;AACR,SAAA,CAAA;AACF,IAAA,CAAA;AAEA;;;MAIA,MAAM8C,YAAWrD,GAAY,EAAA;AAC3B,QAAA,MAAM,EAAEC,IAAI,EAAE,GAAGD,IAAIE,OAAO;AAE5B,QAAA,MAAMoD,+BAAAA,CAAyBrD,IAAAA,CAAAA;AAE/B,QAAA,MAAMG,cAAcC,gBAAAA,CAAW,MAAA,CAAA;AAE/B,QAAA,MAAMsB,QAAQ,MAAMvB,WAAAA,CAAY+C,WAAW,CAAClD,KAAKsD,GAAG,CAAA;AACpD,QAAA,MAAMC,cAAAA,GAAiB7B,KAAAA,CAAMY,GAAG,CAACnC,YAAYI,YAAY,CAAA;QAEzD,OAAOR,GAAAA,CAAIoD,OAAO,CAAC;YACjB1C,IAAAA,EAAM8C;AACR,SAAA,CAAA;AACF,IAAA;AACF,CAAA;;;;"}
|
|
@@ -120,10 +120,8 @@ var role = {
|
|
|
120
120
|
throw new ApplicationError("Super admin permissions can't be edited.");
|
|
121
121
|
}
|
|
122
122
|
await validatedUpdatePermissionsInput(input);
|
|
123
|
-
|
|
124
|
-
|
|
125
|
-
}
|
|
126
|
-
const permissions = await roleService.assignPermissions(role.id, input.permissions);
|
|
123
|
+
const normalizedPermissions = await roleService.hooks.willValidateUpdatePermissions.call(input.permissions);
|
|
124
|
+
const permissions = await roleService.assignPermissions(role.id, normalizedPermissions);
|
|
127
125
|
const sanitizedPermissions = permissions.map(permissionService.sanitizePermission);
|
|
128
126
|
ctx.body = {
|
|
129
127
|
data: sanitizedPermissions
|