@strapi/plugin-users-permissions 0.0.0-next.c8d6478ec519888ce0cd754886474c3189efc733 → 0.0.0-next.ce51df0e18404afc8a1aa7f504c1006a7a221459

package/server/middlewares/rateLimit.js

@@ -1,27 +1,47 @@
 'use strict';
 
+const path = require('path');
+const utils = require('@strapi/utils');
+const { isString, has, toLower } = require('lodash/fp');
+
+const { RateLimitError } = utils.errors;
+
 module.exports =
   (config, { strapi }) =>
   async (ctx, next) => {
-    const ratelimit = require('koa2-ratelimit').RateLimit;
-
-    const message = [
-      {
-        messages: [
-          {
-            id: 'Auth.form.error.ratelimit',
-            message: 'Too many attempts, please try again in a minute.',
-          },
-        ],
-      },
-    ];
-
-    return ratelimit.middleware({
-      interval: 1 * 60 * 1000,
-      max: 5,
-      prefixKey: `${ctx.request.path}:${ctx.request.ip}`,
-      message,
-      ...strapi.config.get('plugin.users-permissions.ratelimit'),
-      ...config,
-    })(ctx, next);
+    let rateLimitConfig = strapi.config.get('plugin.users-permissions.ratelimit');
+
+    if (!rateLimitConfig) {
+      rateLimitConfig = {
+        enabled: true,
+      };
+    }
+
+    if (!has('enabled', rateLimitConfig)) {
+      rateLimitConfig.enabled = true;
+    }
+
+    if (rateLimitConfig.enabled === true) {
+      const rateLimit = require('koa2-ratelimit').RateLimit;
+
+      const userIdentifier = toLower(ctx.request.body.email) || 'unknownIdentifier';
+      const requestPath = isString(ctx.request.path)
+        ? toLower(path.normalize(ctx.request.path))
+        : 'invalidPath';
+
+      const loadConfig = {
+        interval: { min: 5 },
+        max: 5,
+        prefixKey: `${userIdentifier}:${requestPath}:${ctx.request.ip}`,
+        handler() {
+          throw new RateLimitError();
+        },
+        ...rateLimitConfig,
+        ...config,
+      };
+
+      return rateLimit.middleware(loadConfig)(ctx, next);
+    }
+
+    return next();
   };

package/admin/src/hooks/index.js

@@ -1,5 +0,0 @@
-// eslint-disable-next-line import/prefer-default-export
-export { default as useForm } from './useForm';
-export { default as useRolesList } from './useRolesList';
-export * from './usePlugins';
-export { default as useFetchRole } from './useFetchRole';

package/admin/src/hooks/useFetchRole/index.js

@@ -1,67 +0,0 @@
-import { useCallback, useEffect, useReducer, useRef } from 'react';
-
-import { useFetchClient, useNotification } from '@strapi/helper-plugin';
-
-import pluginId from '../../pluginId';
-
-import reducer, { initialState } from './reducer';
-
-const useFetchRole = (id) => {
-  const [state, dispatch] = useReducer(reducer, initialState);
-  const toggleNotification = useNotification();
-  const isMounted = useRef(null);
-  const { get } = useFetchClient();
-
-  useEffect(() => {
-    isMounted.current = true;
-
-    if (id) {
-      fetchRole(id);
-    } else {
-      dispatch({
-        type: 'GET_DATA_SUCCEEDED',
-        role: {},
-      });
-    }
-
-    return () => (isMounted.current = false);
-    // eslint-disable-next-line react-hooks/exhaustive-deps
-  }, [id]);
-
-  const fetchRole = async (roleId) => {
-    try {
-      const {
-        data: { role },
-      } = await get(`/${pluginId}/roles/${roleId}`);
-
-      // Prevent updating state on an unmounted component
-      if (isMounted.current) {
-        dispatch({
-          type: 'GET_DATA_SUCCEEDED',
-          role,
-        });
-      }
-    } catch (err) {
-      console.error(err);
-
-      dispatch({
-        type: 'GET_DATA_ERROR',
-      });
-      toggleNotification({
-        type: 'warning',
-        message: { id: 'notification.error' },
-      });
-    }
-  };
-
-  const handleSubmitSucceeded = useCallback((data) => {
-    dispatch({
-      type: 'ON_SUBMIT_SUCCEEDED',
-      ...data,
-    });
-  }, []);
-
-  return { ...state, onSubmitSucceeded: handleSubmitSucceeded };
-};
-
-export default useFetchRole;

package/admin/src/hooks/useFetchRole/reducer.js

@@ -1,31 +0,0 @@
-/* eslint-disable consistent-return */
-import produce from 'immer';
-
-export const initialState = {
-  role: {},
-  isLoading: true,
-};
-
-const reducer = (state, action) =>
-  produce(state, (draftState) => {
-    switch (action.type) {
-      case 'GET_DATA_SUCCEEDED': {
-        draftState.role = action.role;
-        draftState.isLoading = false;
-        break;
-      }
-      case 'GET_DATA_ERROR': {
-        draftState.isLoading = false;
-        break;
-      }
-      case 'ON_SUBMIT_SUCCEEDED': {
-        draftState.role.name = action.name;
-        draftState.role.description = action.description;
-        break;
-      }
-      default:
-        return draftState;
-    }
-  });
-
-export default reducer;

package/admin/src/hooks/useForm/index.js

@@ -1,70 +0,0 @@
-import { useCallback, useEffect, useReducer, useRef } from 'react';
-
-import { useFetchClient, useNotification, useRBAC } from '@strapi/helper-plugin';
-
-import { getRequestURL } from '../../utils';
-
-import reducer, { initialState } from './reducer';
-
-const useUserForm = (endPoint, permissions) => {
-  const { isLoading: isLoadingForPermissions, allowedActions } = useRBAC(permissions);
-  const [{ isLoading, modifiedData }, dispatch] = useReducer(reducer, initialState);
-  const toggleNotification = useNotification();
-  const isMounted = useRef(true);
-
-  const { get } = useFetchClient();
-
-  useEffect(() => {
-    const getData = async () => {
-      try {
-        dispatch({
-          type: 'GET_DATA',
-        });
-
-        const { data } = await get(getRequestURL(endPoint));
-
-        dispatch({
-          type: 'GET_DATA_SUCCEEDED',
-          data,
-        });
-      } catch (err) {
-        // The user aborted the request
-        if (isMounted.current) {
-          dispatch({
-            type: 'GET_DATA_ERROR',
-          });
-          console.error(err);
-          toggleNotification({
-            type: 'warning',
-            message: { id: 'notification.error' },
-          });
-        }
-      }
-    };
-
-    if (!isLoadingForPermissions) {
-      getData();
-    }
-
-    return () => {
-      isMounted.current = false;
-    };
-  }, [isLoadingForPermissions, endPoint, get, toggleNotification]);
-
-  const dispatchSubmitSucceeded = useCallback((data) => {
-    dispatch({
-      type: 'ON_SUBMIT_SUCCEEDED',
-      data,
-    });
-  }, []);
-
-  return {
-    allowedActions,
-    dispatchSubmitSucceeded,
-    isLoading,
-    isLoadingForPermissions,
-    modifiedData,
-  };
-};
-
-export default useUserForm;

package/admin/src/hooks/useForm/reducer.js

@@ -1,40 +0,0 @@
-import produce from 'immer';
-
-const initialState = {
-  isLoading: true,
-  modifiedData: {},
-};
-
-const reducer = (state, action) =>
-  // eslint-disable-next-line consistent-return
-  produce(state, (draftState) => {
-    switch (action.type) {
-      case 'GET_DATA': {
-        draftState.isLoading = true;
-        draftState.modifiedData = {};
-
-        break;
-      }
-      case 'GET_DATA_SUCCEEDED': {
-        draftState.isLoading = false;
-        draftState.modifiedData = action.data;
-
-        break;
-      }
-      case 'GET_DATA_ERROR': {
-        draftState.isLoading = true;
-        break;
-      }
-      case 'ON_SUBMIT_SUCCEEDED': {
-        draftState.modifiedData = action.data;
-
-        break;
-      }
-      default: {
-        return draftState;
-      }
-    }
-  });
-
-export default reducer;
-export { initialState };

package/admin/src/hooks/useRolesList/index.js

@@ -1,65 +0,0 @@
-import { useCallback, useEffect, useReducer, useRef } from 'react';
-
-import { useFetchClient, useNotification } from '@strapi/helper-plugin';
-import get from 'lodash/get';
-
-import pluginId from '../../pluginId';
-
-import init from './init';
-import reducer, { initialState } from './reducer';
-
-const useRolesList = (shouldFetchData = true) => {
-  const [{ roles, isLoading }, dispatch] = useReducer(reducer, initialState, () =>
-    init(initialState, shouldFetchData)
-  );
-  const toggleNotification = useNotification();
-
-  const isMounted = useRef(true);
-  const fetchClient = useFetchClient();
-
-  const fetchRolesList = useCallback(async () => {
-    try {
-      dispatch({
-        type: 'GET_DATA',
-      });
-
-      const {
-        data: { roles },
-      } = await fetchClient.get(`/${pluginId}/roles`);
-
-      dispatch({
-        type: 'GET_DATA_SUCCEEDED',
-        data: roles,
-      });
-    } catch (err) {
-      const message = get(err, ['response', 'payload', 'message'], 'An error occured');
-
-      if (isMounted.current) {
-        dispatch({
-          type: 'GET_DATA_ERROR',
-        });
-
-        if (message !== 'Forbidden') {
-          toggleNotification({
-            type: 'warning',
-            message,
-          });
-        }
-      }
-    }
-  }, [fetchClient, toggleNotification]);
-
-  useEffect(() => {
-    if (shouldFetchData) {
-      fetchRolesList();
-    }
-
-    return () => {
-      isMounted.current = false;
-    };
-  }, [shouldFetchData, fetchRolesList]);
-
-  return { roles, isLoading, getData: fetchRolesList };
-};
-
-export default useRolesList;

package/admin/src/hooks/useRolesList/init.js

@@ -1,5 +0,0 @@
-const init = (initialState, shouldFetchData) => {
-  return { ...initialState, isLoading: shouldFetchData };
-};
-
-export default init;

package/admin/src/hooks/useRolesList/reducer.js

@@ -1,31 +0,0 @@
-/* eslint-disable consistent-return */
-import produce from 'immer';
-
-export const initialState = {
-  roles: [],
-  isLoading: true,
-};
-
-const reducer = (state, action) =>
-  produce(state, (draftState) => {
-    switch (action.type) {
-      case 'GET_DATA': {
-        draftState.isLoading = true;
-        draftState.roles = [];
-        break;
-      }
-      case 'GET_DATA_SUCCEEDED': {
-        draftState.roles = action.data;
-        draftState.isLoading = false;
-        break;
-      }
-      case 'GET_DATA_ERROR': {
-        draftState.isLoading = false;
-        break;
-      }
-      default:
-        return draftState;
-    }
-  });
-
-export default reducer;

package/admin/src/pages/AdvancedSettings/utils/api.js

@@ -1,18 +0,0 @@
-import { getFetchClient } from '@strapi/helper-plugin';
-
-import { getRequestURL } from '../../../utils';
-
-const fetchData = async () => {
-  const { get } = getFetchClient();
-  const { data } = await get(getRequestURL('advanced'));
-
-  return data;
-};
-
-const putAdvancedSettings = (body) => {
-  const { put } = getFetchClient();
-
-  return put(getRequestURL('advanced'), body);
-};
-
-export { fetchData, putAdvancedSettings };

package/admin/src/pages/EmailTemplates/utils/api.js

@@ -1,18 +0,0 @@
-import { getFetchClient } from '@strapi/helper-plugin';
-
-import { getRequestURL } from '../../../utils';
-
-const fetchData = async () => {
-  const { get } = getFetchClient();
-  const { data } = await get(getRequestURL('email-templates'));
-
-  return data;
-};
-
-const putEmailTemplate = (body) => {
-  const { put } = getFetchClient();
-
-  return put(getRequestURL('email-templates'), body);
-};
-
-export { fetchData, putEmailTemplate };

package/admin/src/pages/Providers/reducer.js

@@ -1,54 +0,0 @@
-import produce from 'immer';
-import set from 'lodash/set';
-
-const initialState = {
-  formErrors: {},
-  isLoading: true,
-  initialData: {},
-  modifiedData: {},
-};
-
-const reducer = (state, action) =>
-  // eslint-disable-next-line consistent-return
-  produce(state, (draftState) => {
-    switch (action.type) {
-      case 'GET_DATA': {
-        draftState.isLoading = true;
-        draftState.initialData = {};
-        draftState.modifiedData = {};
-
-        break;
-      }
-
-      case 'GET_DATA_SUCCEEDED': {
-        draftState.isLoading = false;
-        draftState.initialData = action.data;
-        draftState.modifiedData = action.data;
-
-        break;
-      }
-      case 'GET_DATA_ERROR': {
-        draftState.isLoading = true;
-        break;
-      }
-      case 'ON_CHANGE': {
-        set(draftState, ['modifiedData', ...action.keys.split('.')], action.value);
-        break;
-      }
-      case 'RESET_FORM': {
-        draftState.modifiedData = state.initialData;
-        draftState.formErrors = {};
-        break;
-      }
-      case 'SET_ERRORS': {
-        draftState.formErrors = action.errors;
-        break;
-      }
-      default: {
-        return draftState;
-      }
-    }
-  });
-
-export default reducer;
-export { initialState };

package/admin/src/pages/Providers/utils/api.js

@@ -1,26 +0,0 @@
-import { getFetchClient } from '@strapi/helper-plugin';
-
-import { getRequestURL } from '../../../utils';
-
-// eslint-disable-next-line import/prefer-default-export
-export const fetchData = async (toggleNotification) => {
-  try {
-    const { get } = getFetchClient();
-    const { data } = await get(getRequestURL('providers'));
-
-    return data;
-  } catch (err) {
-    toggleNotification({
-      type: 'warning',
-      message: { id: 'notification.error' },
-    });
-
-    throw new Error('error');
-  }
-};
-
-export const putProvider = (body) => {
-  const { put } = getFetchClient();
-
-  return put(getRequestURL('providers'), body);
-};

package/admin/src/pages/Providers/utils/createProvidersArray.js

@@ -1,21 +0,0 @@
-import sortBy from 'lodash/sortBy';
-
-const createProvidersArray = (data) => {
-  return sortBy(
-    Object.keys(data).reduce((acc, current) => {
-      const { icon: iconName, enabled, subdomain } = data[current];
-      const icon = iconName === 'envelope' ? ['fas', 'envelope'] : ['fab', iconName];
-
-      if (subdomain !== undefined) {
-        acc.push({ name: current, icon, enabled, subdomain });
-      } else {
-        acc.push({ name: current, icon, enabled });
-      }
-
-      return acc;
-    }, []),
-    'name'
-  );
-};
-
-export default createProvidersArray;