@strapi/plugin-users-permissions 0.0.0-next.e21fe90bf2ab9906267ea6e6ca620bdcc729906c → 0.0.0-next.e326c69a49373b420f6566c30aca26f4b6274c6a
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/admin/src/pages/Providers/index.jsx +74 -76
- package/admin/src/pages/Roles/pages/CreatePage.jsx +3 -12
- package/admin/src/pages/Roles/pages/EditPage.jsx +3 -12
- package/admin/src/pages/Roles/pages/ListPage/index.jsx +91 -93
- package/admin/src/utils/formatPluginName.js +1 -1
- package/dist/admin/pages/Providers/index.js +84 -88
- package/dist/admin/pages/Providers/index.js.map +1 -1
- package/dist/admin/pages/Providers/index.mjs +84 -88
- package/dist/admin/pages/Providers/index.mjs.map +1 -1
- package/dist/admin/pages/Roles/pages/CreatePage.js +1 -1
- package/dist/admin/pages/Roles/pages/CreatePage.js.map +1 -1
- package/dist/admin/pages/Roles/pages/CreatePage.mjs +2 -2
- package/dist/admin/pages/Roles/pages/CreatePage.mjs.map +1 -1
- package/dist/admin/pages/Roles/pages/EditPage.js +1 -1
- package/dist/admin/pages/Roles/pages/EditPage.js.map +1 -1
- package/dist/admin/pages/Roles/pages/EditPage.mjs +2 -2
- package/dist/admin/pages/Roles/pages/EditPage.mjs.map +1 -1
- package/dist/admin/pages/Roles/pages/ListPage/index.js +95 -99
- package/dist/admin/pages/Roles/pages/ListPage/index.js.map +1 -1
- package/dist/admin/pages/Roles/pages/ListPage/index.mjs +95 -99
- package/dist/admin/pages/Roles/pages/ListPage/index.mjs.map +1 -1
- package/dist/admin/utils/formatPluginName.js +1 -1
- package/dist/admin/utils/formatPluginName.js.map +1 -1
- package/dist/admin/utils/formatPluginName.mjs +1 -1
- package/dist/admin/utils/formatPluginName.mjs.map +1 -1
- package/dist/server/bootstrap/index.js +28 -7
- package/dist/server/bootstrap/index.js.map +1 -1
- package/dist/server/bootstrap/index.mjs +28 -7
- package/dist/server/bootstrap/index.mjs.map +1 -1
- package/dist/server/config.js +16 -0
- package/dist/server/config.js.map +1 -1
- package/dist/server/config.mjs +16 -0
- package/dist/server/config.mjs.map +1 -1
- package/dist/server/controllers/auth.js +198 -3
- package/dist/server/controllers/auth.js.map +1 -1
- package/dist/server/controllers/auth.mjs +198 -3
- package/dist/server/controllers/auth.mjs.map +1 -1
- package/dist/server/controllers/content-manager-user.js +3 -3
- package/dist/server/controllers/content-manager-user.js.map +1 -1
- package/dist/server/controllers/content-manager-user.mjs +3 -3
- package/dist/server/controllers/content-manager-user.mjs.map +1 -1
- package/dist/server/controllers/validation/user.js +6 -1
- package/dist/server/controllers/validation/user.js.map +1 -1
- package/dist/server/controllers/validation/user.mjs +6 -1
- package/dist/server/controllers/validation/user.mjs.map +1 -1
- package/dist/server/routes/content-api/auth.js +155 -91
- package/dist/server/routes/content-api/auth.js.map +1 -1
- package/dist/server/routes/content-api/auth.mjs +155 -91
- package/dist/server/routes/content-api/auth.mjs.map +1 -1
- package/dist/server/routes/content-api/index.js +11 -9
- package/dist/server/routes/content-api/index.js.map +1 -1
- package/dist/server/routes/content-api/index.mjs +11 -9
- package/dist/server/routes/content-api/index.mjs.map +1 -1
- package/dist/server/routes/content-api/permissions.js +14 -7
- package/dist/server/routes/content-api/permissions.js.map +1 -1
- package/dist/server/routes/content-api/permissions.mjs +14 -7
- package/dist/server/routes/content-api/permissions.mjs.map +1 -1
- package/dist/server/routes/content-api/role.js +61 -27
- package/dist/server/routes/content-api/role.js.map +1 -1
- package/dist/server/routes/content-api/role.mjs +61 -27
- package/dist/server/routes/content-api/role.mjs.map +1 -1
- package/dist/server/routes/content-api/user.js +119 -57
- package/dist/server/routes/content-api/user.js.map +1 -1
- package/dist/server/routes/content-api/user.mjs +119 -57
- package/dist/server/routes/content-api/user.mjs.map +1 -1
- package/dist/server/routes/content-api/validation.js +217 -0
- package/dist/server/routes/content-api/validation.js.map +1 -0
- package/dist/server/routes/content-api/validation.mjs +215 -0
- package/dist/server/routes/content-api/validation.mjs.map +1 -0
- package/dist/server/services/constants.js +19 -0
- package/dist/server/services/constants.js.map +1 -0
- package/dist/server/services/constants.mjs +17 -0
- package/dist/server/services/constants.mjs.map +1 -0
- package/dist/server/services/jwt.js +45 -2
- package/dist/server/services/jwt.js.map +1 -1
- package/dist/server/services/jwt.mjs +45 -2
- package/dist/server/services/jwt.mjs.map +1 -1
- package/dist/server/services/user.js +29 -20
- package/dist/server/services/user.js.map +1 -1
- package/dist/server/services/user.mjs +29 -20
- package/dist/server/services/user.mjs.map +1 -1
- package/dist/server/services/users-permissions.js +4 -3
- package/dist/server/services/users-permissions.js.map +1 -1
- package/dist/server/services/users-permissions.mjs +4 -3
- package/dist/server/services/users-permissions.mjs.map +1 -1
- package/package.json +8 -7
- package/server/bootstrap/index.js +31 -0
- package/server/config.js +22 -0
- package/server/controllers/auth.js +232 -8
- package/server/controllers/content-manager-user.js +3 -4
- package/server/controllers/validation/user.js +12 -1
- package/server/routes/content-api/auth.js +119 -71
- package/server/routes/content-api/index.js +11 -4
- package/server/routes/content-api/permissions.js +14 -7
- package/server/routes/content-api/role.js +57 -27
- package/server/routes/content-api/user.js +108 -51
- package/server/routes/content-api/validation.js +250 -0
- package/server/services/constants.js +9 -0
- package/server/services/jwt.js +50 -2
- package/server/services/user.js +11 -0
- package/server/services/users-permissions.js +4 -2
|
@@ -0,0 +1,215 @@
|
|
|
1
|
+
import require$$1 from '@strapi/utils';
|
|
2
|
+
import require$$1$1 from 'zod/v4';
|
|
3
|
+
|
|
4
|
+
var validation;
|
|
5
|
+
var hasRequiredValidation;
|
|
6
|
+
function requireValidation() {
|
|
7
|
+
if (hasRequiredValidation) return validation;
|
|
8
|
+
hasRequiredValidation = 1;
|
|
9
|
+
const { AbstractRouteValidator } = require$$1;
|
|
10
|
+
const z = require$$1$1;
|
|
11
|
+
class UsersPermissionsRouteValidator extends AbstractRouteValidator {
|
|
12
|
+
get userSchema() {
|
|
13
|
+
return z.object({
|
|
14
|
+
id: z.number(),
|
|
15
|
+
documentId: z.string(),
|
|
16
|
+
username: z.string(),
|
|
17
|
+
email: z.string(),
|
|
18
|
+
provider: z.string(),
|
|
19
|
+
confirmed: z.boolean(),
|
|
20
|
+
blocked: z.boolean(),
|
|
21
|
+
role: z.union([
|
|
22
|
+
z.number(),
|
|
23
|
+
z.object({
|
|
24
|
+
id: z.number(),
|
|
25
|
+
name: z.string(),
|
|
26
|
+
description: z.string().nullable(),
|
|
27
|
+
type: z.string(),
|
|
28
|
+
createdAt: z.string(),
|
|
29
|
+
updatedAt: z.string()
|
|
30
|
+
})
|
|
31
|
+
]).optional(),
|
|
32
|
+
createdAt: z.string(),
|
|
33
|
+
updatedAt: z.string(),
|
|
34
|
+
publishedAt: z.string()
|
|
35
|
+
});
|
|
36
|
+
}
|
|
37
|
+
get roleSchema() {
|
|
38
|
+
return z.object({
|
|
39
|
+
id: z.number(),
|
|
40
|
+
documentId: z.string(),
|
|
41
|
+
name: z.string(),
|
|
42
|
+
description: z.string().nullable(),
|
|
43
|
+
type: z.string(),
|
|
44
|
+
createdAt: z.string(),
|
|
45
|
+
updatedAt: z.string(),
|
|
46
|
+
publishedAt: z.string(),
|
|
47
|
+
nb_users: z.number().optional(),
|
|
48
|
+
permissions: z.record(z.string(), z.object({
|
|
49
|
+
controllers: z.record(z.string(), z.record(z.string(), z.object({
|
|
50
|
+
enabled: z.boolean(),
|
|
51
|
+
policy: z.string()
|
|
52
|
+
})))
|
|
53
|
+
})).optional(),
|
|
54
|
+
users: z.array(z.unknown()).optional()
|
|
55
|
+
});
|
|
56
|
+
}
|
|
57
|
+
get permissionSchema() {
|
|
58
|
+
return z.object({
|
|
59
|
+
id: z.number(),
|
|
60
|
+
action: z.string(),
|
|
61
|
+
role: z.object({
|
|
62
|
+
id: z.number(),
|
|
63
|
+
name: z.string(),
|
|
64
|
+
description: z.string().nullable(),
|
|
65
|
+
type: z.string()
|
|
66
|
+
}),
|
|
67
|
+
createdAt: z.string(),
|
|
68
|
+
updatedAt: z.string()
|
|
69
|
+
});
|
|
70
|
+
}
|
|
71
|
+
get authResponseSchema() {
|
|
72
|
+
return z.object({
|
|
73
|
+
jwt: z.string(),
|
|
74
|
+
refreshToken: z.string().optional(),
|
|
75
|
+
user: this.userSchema
|
|
76
|
+
});
|
|
77
|
+
}
|
|
78
|
+
get authResponseWithoutJwtSchema() {
|
|
79
|
+
return z.object({
|
|
80
|
+
user: this.userSchema
|
|
81
|
+
});
|
|
82
|
+
}
|
|
83
|
+
get authRegisterResponseSchema() {
|
|
84
|
+
return z.union([
|
|
85
|
+
this.authResponseSchema,
|
|
86
|
+
this.authResponseWithoutJwtSchema
|
|
87
|
+
]);
|
|
88
|
+
}
|
|
89
|
+
get forgotPasswordResponseSchema() {
|
|
90
|
+
return z.object({
|
|
91
|
+
ok: z.boolean()
|
|
92
|
+
});
|
|
93
|
+
}
|
|
94
|
+
get sendEmailConfirmationResponseSchema() {
|
|
95
|
+
return z.object({
|
|
96
|
+
email: z.string(),
|
|
97
|
+
sent: z.boolean()
|
|
98
|
+
});
|
|
99
|
+
}
|
|
100
|
+
get rolesResponseSchema() {
|
|
101
|
+
return z.object({
|
|
102
|
+
roles: z.array(this.roleSchema)
|
|
103
|
+
});
|
|
104
|
+
}
|
|
105
|
+
get roleResponseSchema() {
|
|
106
|
+
return z.object({
|
|
107
|
+
role: this.roleSchema
|
|
108
|
+
});
|
|
109
|
+
}
|
|
110
|
+
get roleSuccessResponseSchema() {
|
|
111
|
+
return z.object({
|
|
112
|
+
ok: z.boolean()
|
|
113
|
+
});
|
|
114
|
+
}
|
|
115
|
+
get permissionsResponseSchema() {
|
|
116
|
+
return z.object({
|
|
117
|
+
permissions: z.record(z.string(), z.object({
|
|
118
|
+
controllers: z.record(z.string(), z.record(z.string(), z.object({
|
|
119
|
+
enabled: z.boolean(),
|
|
120
|
+
policy: z.string()
|
|
121
|
+
})))
|
|
122
|
+
}))
|
|
123
|
+
});
|
|
124
|
+
}
|
|
125
|
+
get loginBodySchema() {
|
|
126
|
+
return z.object({
|
|
127
|
+
identifier: z.string(),
|
|
128
|
+
password: z.string()
|
|
129
|
+
});
|
|
130
|
+
}
|
|
131
|
+
get registerBodySchema() {
|
|
132
|
+
return z.object({
|
|
133
|
+
username: z.string(),
|
|
134
|
+
email: z.email(),
|
|
135
|
+
password: z.string()
|
|
136
|
+
});
|
|
137
|
+
}
|
|
138
|
+
get forgotPasswordBodySchema() {
|
|
139
|
+
return z.object({
|
|
140
|
+
email: z.email()
|
|
141
|
+
});
|
|
142
|
+
}
|
|
143
|
+
get resetPasswordBodySchema() {
|
|
144
|
+
return z.object({
|
|
145
|
+
code: z.string(),
|
|
146
|
+
password: z.string(),
|
|
147
|
+
passwordConfirmation: z.string()
|
|
148
|
+
});
|
|
149
|
+
}
|
|
150
|
+
get changePasswordBodySchema() {
|
|
151
|
+
return z.object({
|
|
152
|
+
currentPassword: z.string(),
|
|
153
|
+
password: z.string(),
|
|
154
|
+
passwordConfirmation: z.string()
|
|
155
|
+
});
|
|
156
|
+
}
|
|
157
|
+
get sendEmailConfirmationBodySchema() {
|
|
158
|
+
return z.object({
|
|
159
|
+
email: z.email()
|
|
160
|
+
});
|
|
161
|
+
}
|
|
162
|
+
get createUserBodySchema() {
|
|
163
|
+
return z.object({
|
|
164
|
+
username: z.string(),
|
|
165
|
+
email: z.email(),
|
|
166
|
+
password: z.string(),
|
|
167
|
+
role: z.number().optional()
|
|
168
|
+
});
|
|
169
|
+
}
|
|
170
|
+
get updateUserBodySchema() {
|
|
171
|
+
return z.object({
|
|
172
|
+
username: z.string().optional(),
|
|
173
|
+
email: z.email().optional(),
|
|
174
|
+
password: z.string().optional(),
|
|
175
|
+
role: z.number().optional()
|
|
176
|
+
});
|
|
177
|
+
}
|
|
178
|
+
get createRoleBodySchema() {
|
|
179
|
+
return z.object({
|
|
180
|
+
name: z.string(),
|
|
181
|
+
description: z.string().optional(),
|
|
182
|
+
type: z.string(),
|
|
183
|
+
permissions: z.record(z.string(), z.unknown()).optional()
|
|
184
|
+
});
|
|
185
|
+
}
|
|
186
|
+
get updateRoleBodySchema() {
|
|
187
|
+
return z.object({
|
|
188
|
+
name: z.string().optional(),
|
|
189
|
+
description: z.string().optional(),
|
|
190
|
+
type: z.string().optional(),
|
|
191
|
+
permissions: z.record(z.string(), z.unknown()).optional()
|
|
192
|
+
});
|
|
193
|
+
}
|
|
194
|
+
get userIdParam() {
|
|
195
|
+
return z.string();
|
|
196
|
+
}
|
|
197
|
+
get roleIdParam() {
|
|
198
|
+
return z.string();
|
|
199
|
+
}
|
|
200
|
+
get providerParam() {
|
|
201
|
+
return z.string();
|
|
202
|
+
}
|
|
203
|
+
constructor(strapi){
|
|
204
|
+
super();
|
|
205
|
+
this._strapi = strapi;
|
|
206
|
+
}
|
|
207
|
+
}
|
|
208
|
+
validation = {
|
|
209
|
+
UsersPermissionsRouteValidator
|
|
210
|
+
};
|
|
211
|
+
return validation;
|
|
212
|
+
}
|
|
213
|
+
|
|
214
|
+
export { requireValidation as __require };
|
|
215
|
+
//# sourceMappingURL=validation.mjs.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"validation.mjs","sources":["../../../../server/routes/content-api/validation.js"],"sourcesContent":["'use strict';\n\nconst { AbstractRouteValidator } = require('@strapi/utils');\nconst z = require('zod/v4');\n\nclass UsersPermissionsRouteValidator extends AbstractRouteValidator {\n constructor(strapi) {\n super();\n this._strapi = strapi;\n }\n\n get userSchema() {\n return z.object({\n id: z.number(),\n documentId: z.string(),\n username: z.string(),\n email: z.string(),\n provider: z.string(),\n confirmed: z.boolean(),\n blocked: z.boolean(),\n role: z\n .union([\n z.number(),\n z.object({\n id: z.number(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n createdAt: z.string(),\n updatedAt: z.string(),\n }),\n ])\n .optional(),\n createdAt: z.string(),\n updatedAt: z.string(),\n publishedAt: z.string(),\n });\n }\n\n get roleSchema() {\n return z.object({\n id: z.number(),\n documentId: z.string(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n createdAt: z.string(),\n updatedAt: z.string(),\n publishedAt: z.string(),\n nb_users: z.number().optional(),\n permissions: z\n .record(\n z.string(), // plugin name\n z.object({\n controllers: z.record(\n z.string(), // controller name\n z.record(\n z.string(), // action name\n z.object({\n enabled: z.boolean(),\n policy: z.string(),\n })\n )\n ),\n })\n )\n .optional(),\n users: z.array(z.unknown()).optional(),\n });\n }\n\n get permissionSchema() {\n return z.object({\n id: z.number(),\n action: z.string(),\n role: z.object({\n id: z.number(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n }),\n createdAt: z.string(),\n updatedAt: z.string(),\n });\n }\n\n get authResponseSchema() {\n return z.object({\n jwt: z.string(),\n refreshToken: z.string().optional(),\n user: this.userSchema,\n });\n }\n\n get authResponseWithoutJwtSchema() {\n return z.object({\n user: this.userSchema,\n });\n }\n\n get authRegisterResponseSchema() {\n return z.union([this.authResponseSchema, this.authResponseWithoutJwtSchema]);\n }\n\n get forgotPasswordResponseSchema() {\n return z.object({\n ok: z.boolean(),\n });\n }\n\n get sendEmailConfirmationResponseSchema() {\n return z.object({\n email: z.string(),\n sent: z.boolean(),\n });\n }\n\n get rolesResponseSchema() {\n return z.object({\n roles: z.array(this.roleSchema),\n });\n }\n\n get roleResponseSchema() {\n return z.object({\n role: this.roleSchema,\n });\n }\n\n get roleSuccessResponseSchema() {\n return z.object({\n ok: z.boolean(),\n });\n }\n\n get permissionsResponseSchema() {\n return z.object({\n permissions: z.record(\n z.string(), // plugin name\n z.object({\n controllers: z.record(\n z.string(), // controller name\n z.record(\n z.string(), // action name\n z.object({\n enabled: z.boolean(),\n policy: z.string(),\n })\n )\n ),\n })\n ),\n });\n }\n\n get loginBodySchema() {\n return z.object({\n identifier: z.string(),\n password: z.string(),\n });\n }\n\n get registerBodySchema() {\n return z.object({\n username: z.string(),\n email: z.email(),\n password: z.string(),\n });\n }\n\n get forgotPasswordBodySchema() {\n return z.object({\n email: z.email(),\n });\n }\n\n get resetPasswordBodySchema() {\n return z.object({\n code: z.string(),\n password: z.string(),\n passwordConfirmation: z.string(),\n });\n }\n\n get changePasswordBodySchema() {\n return z.object({\n currentPassword: z.string(),\n password: z.string(),\n passwordConfirmation: z.string(),\n });\n }\n\n get sendEmailConfirmationBodySchema() {\n return z.object({\n email: z.email(),\n });\n }\n\n get createUserBodySchema() {\n return z.object({\n username: z.string(),\n email: z.email(),\n password: z.string(),\n role: z.number().optional(),\n });\n }\n\n get updateUserBodySchema() {\n return z.object({\n username: z.string().optional(),\n email: z.email().optional(),\n password: z.string().optional(),\n role: z.number().optional(),\n });\n }\n\n get createRoleBodySchema() {\n return z.object({\n name: z.string(),\n description: z.string().optional(),\n type: z.string(),\n permissions: z.record(z.string(), z.unknown()).optional(),\n });\n }\n\n get updateRoleBodySchema() {\n return z.object({\n name: z.string().optional(),\n description: z.string().optional(),\n type: z.string().optional(),\n permissions: z.record(z.string(), z.unknown()).optional(),\n });\n }\n\n get userIdParam() {\n return z.string();\n }\n\n get roleIdParam() {\n return z.string();\n }\n\n get providerParam() {\n return z.string();\n }\n}\n\nmodule.exports = {\n UsersPermissionsRouteValidator,\n};\n"],"names":["AbstractRouteValidator","require$$0","z","require$$1","UsersPermissionsRouteValidator","userSchema","object","id","number","documentId","string","username","email","provider","confirmed","boolean","blocked","role","union","name","description","nullable","type","createdAt","updatedAt","optional","publishedAt","roleSchema","nb_users","permissions","record","controllers","enabled","policy","users","array","unknown","permissionSchema","action","authResponseSchema","jwt","refreshToken","user","authResponseWithoutJwtSchema","authRegisterResponseSchema","forgotPasswordResponseSchema","ok","sendEmailConfirmationResponseSchema","sent","rolesResponseSchema","roles","roleResponseSchema","roleSuccessResponseSchema","permissionsResponseSchema","loginBodySchema","identifier","password","registerBodySchema","forgotPasswordBodySchema","resetPasswordBodySchema","code","passwordConfirmation","changePasswordBodySchema","currentPassword","sendEmailConfirmationBodySchema","createUserBodySchema","updateUserBodySchema","createRoleBodySchema","updateRoleBodySchema","userIdParam","roleIdParam","providerParam","constructor","strapi","_strapi","validation"],"mappings":";;;;;;;;IAEA,MAAM,EAAEA,sBAAsB,EAAE,GAAGC,UAAAA;AACnC,IAAA,MAAMC,CAAIC,GAAAA,YAAAA;AAEV,IAAA,MAAMC,8BAAuCJ,SAAAA,sBAAAA,CAAAA;AAM3C,QAAA,IAAIK,UAAa,GAAA;YACf,OAAOH,CAAAA,CAAEI,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIL,EAAEM,MAAM,EAAA;AACZC,gBAAAA,UAAAA,EAAYP,EAAEQ,MAAM,EAAA;AACpBC,gBAAAA,QAAAA,EAAUT,EAAEQ,MAAM,EAAA;AAClBE,gBAAAA,KAAAA,EAAOV,EAAEQ,MAAM,EAAA;AACfG,gBAAAA,QAAAA,EAAUX,EAAEQ,MAAM,EAAA;AAClBI,gBAAAA,SAAAA,EAAWZ,EAAEa,OAAO,EAAA;AACpBC,gBAAAA,OAAAA,EAASd,EAAEa,OAAO,EAAA;gBAClBE,IAAMf,EAAAA,CAAAA,CACHgB,KAAK,CAAC;AACLhB,oBAAAA,CAAAA,CAAEM,MAAM,EAAA;AACRN,oBAAAA,CAAAA,CAAEI,MAAM,CAAC;AACPC,wBAAAA,EAAAA,EAAIL,EAAEM,MAAM,EAAA;AACZW,wBAAAA,IAAAA,EAAMjB,EAAEQ,MAAM,EAAA;wBACdU,WAAalB,EAAAA,CAAAA,CAAEQ,MAAM,EAAA,CAAGW,QAAQ,EAAA;AAChCC,wBAAAA,IAAAA,EAAMpB,EAAEQ,MAAM,EAAA;AACda,wBAAAA,SAAAA,EAAWrB,EAAEQ,MAAM,EAAA;AACnBc,wBAAAA,SAAAA,EAAWtB,EAAEQ,MAAM;AAC/B,qBAAA;AACS,iBAAA,CAAA,CACAe,QAAQ,EAAA;AACXF,gBAAAA,SAAAA,EAAWrB,EAAEQ,MAAM,EAAA;AACnBc,gBAAAA,SAAAA,EAAWtB,EAAEQ,MAAM,EAAA;AACnBgB,gBAAAA,WAAAA,EAAaxB,EAAEQ,MAAM;AAC3B,aAAA,CAAA;AACG;AAED,QAAA,IAAIiB,UAAa,GAAA;YACf,OAAOzB,CAAAA,CAAEI,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIL,EAAEM,MAAM,EAAA;AACZC,gBAAAA,UAAAA,EAAYP,EAAEQ,MAAM,EAAA;AACpBS,gBAAAA,IAAAA,EAAMjB,EAAEQ,MAAM,EAAA;gBACdU,WAAalB,EAAAA,CAAAA,CAAEQ,MAAM,EAAA,CAAGW,QAAQ,EAAA;AAChCC,gBAAAA,IAAAA,EAAMpB,EAAEQ,MAAM,EAAA;AACda,gBAAAA,SAAAA,EAAWrB,EAAEQ,MAAM,EAAA;AACnBc,gBAAAA,SAAAA,EAAWtB,EAAEQ,MAAM,EAAA;AACnBgB,gBAAAA,WAAAA,EAAaxB,EAAEQ,MAAM,EAAA;gBACrBkB,QAAU1B,EAAAA,CAAAA,CAAEM,MAAM,EAAA,CAAGiB,QAAQ,EAAA;gBAC7BI,WAAa3B,EAAAA,CAAAA,CACV4B,MAAM,CACL5B,CAAAA,CAAEQ,MAAM,EACRR,EAAAA,CAAAA,CAAEI,MAAM,CAAC;AACPyB,oBAAAA,WAAAA,EAAa7B,CAAE4B,CAAAA,MAAM,CACnB5B,CAAAA,CAAEQ,MAAM,EACRR,EAAAA,CAAAA,CAAE4B,MAAM,CACN5B,CAAEQ,CAAAA,MAAM,EACRR,EAAAA,CAAAA,CAAEI,MAAM,CAAC;AACP0B,wBAAAA,OAAAA,EAAS9B,EAAEa,OAAO,EAAA;AAClBkB,wBAAAA,MAAAA,EAAQ/B,EAAEQ,MAAM;AAClC,qBAAA,CAAA,CAAA;AAGA,iBAAA,CAAA,CAAA,CAESe,QAAQ,EAAA;AACXS,gBAAAA,KAAAA,EAAOhC,EAAEiC,KAAK,CAACjC,CAAEkC,CAAAA,OAAO,IAAIX,QAAQ;AAC1C,aAAA,CAAA;AACG;AAED,QAAA,IAAIY,gBAAmB,GAAA;YACrB,OAAOnC,CAAAA,CAAEI,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIL,EAAEM,MAAM,EAAA;AACZ8B,gBAAAA,MAAAA,EAAQpC,EAAEQ,MAAM,EAAA;gBAChBO,IAAMf,EAAAA,CAAAA,CAAEI,MAAM,CAAC;AACbC,oBAAAA,EAAAA,EAAIL,EAAEM,MAAM,EAAA;AACZW,oBAAAA,IAAAA,EAAMjB,EAAEQ,MAAM,EAAA;oBACdU,WAAalB,EAAAA,CAAAA,CAAEQ,MAAM,EAAA,CAAGW,QAAQ,EAAA;AAChCC,oBAAAA,IAAAA,EAAMpB,EAAEQ,MAAM;AACtB,iBAAA,CAAA;AACMa,gBAAAA,SAAAA,EAAWrB,EAAEQ,MAAM,EAAA;AACnBc,gBAAAA,SAAAA,EAAWtB,EAAEQ,MAAM;AACzB,aAAA,CAAA;AACG;AAED,QAAA,IAAI6B,kBAAqB,GAAA;YACvB,OAAOrC,CAAAA,CAAEI,MAAM,CAAC;AACdkC,gBAAAA,GAAAA,EAAKtC,EAAEQ,MAAM,EAAA;gBACb+B,YAAcvC,EAAAA,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBACjCiB,IAAM,EAAA,IAAI,CAACrC;AACjB,aAAA,CAAA;AACG;AAED,QAAA,IAAIsC,4BAA+B,GAAA;YACjC,OAAOzC,CAAAA,CAAEI,MAAM,CAAC;gBACdoC,IAAM,EAAA,IAAI,CAACrC;AACjB,aAAA,CAAA;AACG;AAED,QAAA,IAAIuC,0BAA6B,GAAA;YAC/B,OAAO1C,CAAAA,CAAEgB,KAAK,CAAC;AAAC,gBAAA,IAAI,CAACqB,kBAAkB;AAAE,gBAAA,IAAI,CAACI;AAA6B,aAAA,CAAA;AAC5E;AAED,QAAA,IAAIE,4BAA+B,GAAA;YACjC,OAAO3C,CAAAA,CAAEI,MAAM,CAAC;AACdwC,gBAAAA,EAAAA,EAAI5C,EAAEa,OAAO;AACnB,aAAA,CAAA;AACG;AAED,QAAA,IAAIgC,mCAAsC,GAAA;YACxC,OAAO7C,CAAAA,CAAEI,MAAM,CAAC;AACdM,gBAAAA,KAAAA,EAAOV,EAAEQ,MAAM,EAAA;AACfsC,gBAAAA,IAAAA,EAAM9C,EAAEa,OAAO;AACrB,aAAA,CAAA;AACG;AAED,QAAA,IAAIkC,mBAAsB,GAAA;YACxB,OAAO/C,CAAAA,CAAEI,MAAM,CAAC;AACd4C,gBAAAA,KAAAA,EAAOhD,CAAEiC,CAAAA,KAAK,CAAC,IAAI,CAACR,UAAU;AACpC,aAAA,CAAA;AACG;AAED,QAAA,IAAIwB,kBAAqB,GAAA;YACvB,OAAOjD,CAAAA,CAAEI,MAAM,CAAC;gBACdW,IAAM,EAAA,IAAI,CAACU;AACjB,aAAA,CAAA;AACG;AAED,QAAA,IAAIyB,yBAA4B,GAAA;YAC9B,OAAOlD,CAAAA,CAAEI,MAAM,CAAC;AACdwC,gBAAAA,EAAAA,EAAI5C,EAAEa,OAAO;AACnB,aAAA,CAAA;AACG;AAED,QAAA,IAAIsC,yBAA4B,GAAA;YAC9B,OAAOnD,CAAAA,CAAEI,MAAM,CAAC;gBACduB,WAAa3B,EAAAA,CAAAA,CAAE4B,MAAM,CACnB5B,CAAAA,CAAEQ,MAAM,EACRR,EAAAA,CAAAA,CAAEI,MAAM,CAAC;AACPyB,oBAAAA,WAAAA,EAAa7B,CAAE4B,CAAAA,MAAM,CACnB5B,CAAAA,CAAEQ,MAAM,EACRR,EAAAA,CAAAA,CAAE4B,MAAM,CACN5B,CAAEQ,CAAAA,MAAM,EACRR,EAAAA,CAAAA,CAAEI,MAAM,CAAC;AACP0B,wBAAAA,OAAAA,EAAS9B,EAAEa,OAAO,EAAA;AAClBkB,wBAAAA,MAAAA,EAAQ/B,EAAEQ,MAAM;AAChC,qBAAA,CAAA,CAAA;AAGA,iBAAA,CAAA;AAEA,aAAA,CAAA;AACG;AAED,QAAA,IAAI4C,eAAkB,GAAA;YACpB,OAAOpD,CAAAA,CAAEI,MAAM,CAAC;AACdiD,gBAAAA,UAAAA,EAAYrD,EAAEQ,MAAM,EAAA;AACpB8C,gBAAAA,QAAAA,EAAUtD,EAAEQ,MAAM;AACxB,aAAA,CAAA;AACG;AAED,QAAA,IAAI+C,kBAAqB,GAAA;YACvB,OAAOvD,CAAAA,CAAEI,MAAM,CAAC;AACdK,gBAAAA,QAAAA,EAAUT,EAAEQ,MAAM,EAAA;AAClBE,gBAAAA,KAAAA,EAAOV,EAAEU,KAAK,EAAA;AACd4C,gBAAAA,QAAAA,EAAUtD,EAAEQ,MAAM;AACxB,aAAA,CAAA;AACG;AAED,QAAA,IAAIgD,wBAA2B,GAAA;YAC7B,OAAOxD,CAAAA,CAAEI,MAAM,CAAC;AACdM,gBAAAA,KAAAA,EAAOV,EAAEU,KAAK;AACpB,aAAA,CAAA;AACG;AAED,QAAA,IAAI+C,uBAA0B,GAAA;YAC5B,OAAOzD,CAAAA,CAAEI,MAAM,CAAC;AACdsD,gBAAAA,IAAAA,EAAM1D,EAAEQ,MAAM,EAAA;AACd8C,gBAAAA,QAAAA,EAAUtD,EAAEQ,MAAM,EAAA;AAClBmD,gBAAAA,oBAAAA,EAAsB3D,EAAEQ,MAAM;AACpC,aAAA,CAAA;AACG;AAED,QAAA,IAAIoD,wBAA2B,GAAA;YAC7B,OAAO5D,CAAAA,CAAEI,MAAM,CAAC;AACdyD,gBAAAA,eAAAA,EAAiB7D,EAAEQ,MAAM,EAAA;AACzB8C,gBAAAA,QAAAA,EAAUtD,EAAEQ,MAAM,EAAA;AAClBmD,gBAAAA,oBAAAA,EAAsB3D,EAAEQ,MAAM;AACpC,aAAA,CAAA;AACG;AAED,QAAA,IAAIsD,+BAAkC,GAAA;YACpC,OAAO9D,CAAAA,CAAEI,MAAM,CAAC;AACdM,gBAAAA,KAAAA,EAAOV,EAAEU,KAAK;AACpB,aAAA,CAAA;AACG;AAED,QAAA,IAAIqD,oBAAuB,GAAA;YACzB,OAAO/D,CAAAA,CAAEI,MAAM,CAAC;AACdK,gBAAAA,QAAAA,EAAUT,EAAEQ,MAAM,EAAA;AAClBE,gBAAAA,KAAAA,EAAOV,EAAEU,KAAK,EAAA;AACd4C,gBAAAA,QAAAA,EAAUtD,EAAEQ,MAAM,EAAA;gBAClBO,IAAMf,EAAAA,CAAAA,CAAEM,MAAM,EAAA,CAAGiB,QAAQ;AAC/B,aAAA,CAAA;AACG;AAED,QAAA,IAAIyC,oBAAuB,GAAA;YACzB,OAAOhE,CAAAA,CAAEI,MAAM,CAAC;gBACdK,QAAUT,EAAAA,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBAC7Bb,KAAOV,EAAAA,CAAAA,CAAEU,KAAK,EAAA,CAAGa,QAAQ,EAAA;gBACzB+B,QAAUtD,EAAAA,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBAC7BR,IAAMf,EAAAA,CAAAA,CAAEM,MAAM,EAAA,CAAGiB,QAAQ;AAC/B,aAAA,CAAA;AACG;AAED,QAAA,IAAI0C,oBAAuB,GAAA;YACzB,OAAOjE,CAAAA,CAAEI,MAAM,CAAC;AACda,gBAAAA,IAAAA,EAAMjB,EAAEQ,MAAM,EAAA;gBACdU,WAAalB,EAAAA,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;AAChCH,gBAAAA,IAAAA,EAAMpB,EAAEQ,MAAM,EAAA;gBACdmB,WAAa3B,EAAAA,CAAAA,CAAE4B,MAAM,CAAC5B,CAAAA,CAAEQ,MAAM,EAAIR,EAAAA,CAAAA,CAAEkC,OAAO,EAAA,CAAA,CAAIX,QAAQ;AAC7D,aAAA,CAAA;AACG;AAED,QAAA,IAAI2C,oBAAuB,GAAA;YACzB,OAAOlE,CAAAA,CAAEI,MAAM,CAAC;gBACda,IAAMjB,EAAAA,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBACzBL,WAAalB,EAAAA,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBAChCH,IAAMpB,EAAAA,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBACzBI,WAAa3B,EAAAA,CAAAA,CAAE4B,MAAM,CAAC5B,CAAAA,CAAEQ,MAAM,EAAIR,EAAAA,CAAAA,CAAEkC,OAAO,EAAA,CAAA,CAAIX,QAAQ;AAC7D,aAAA,CAAA;AACG;AAED,QAAA,IAAI4C,WAAc,GAAA;AAChB,YAAA,OAAOnE,EAAEQ,MAAM,EAAA;AAChB;AAED,QAAA,IAAI4D,WAAc,GAAA;AAChB,YAAA,OAAOpE,EAAEQ,MAAM,EAAA;AAChB;AAED,QAAA,IAAI6D,aAAgB,GAAA;AAClB,YAAA,OAAOrE,EAAEQ,MAAM,EAAA;AAChB;AA9OD8D,QAAAA,WAAAA,CAAYC,MAAM,CAAE;YAClB,KAAK,EAAA;YACL,IAAI,CAACC,OAAO,GAAGD,MAAAA;AAChB;AA4OH;IAEAE,UAAiB,GAAA;AACfvE,QAAAA;AACF,KAAA;;;;;;"}
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
var constants;
|
|
4
|
+
var hasRequiredConstants;
|
|
5
|
+
function requireConstants() {
|
|
6
|
+
if (hasRequiredConstants) return constants;
|
|
7
|
+
hasRequiredConstants = 1;
|
|
8
|
+
constants = {
|
|
9
|
+
DEFAULT_ACCESS_TOKEN_LIFESPAN: 10 * 60,
|
|
10
|
+
DEFAULT_MAX_REFRESH_TOKEN_LIFESPAN: 30 * 24 * 60 * 60,
|
|
11
|
+
DEFAULT_IDLE_REFRESH_TOKEN_LIFESPAN: 14 * 24 * 60 * 60,
|
|
12
|
+
DEFAULT_MAX_SESSION_LIFESPAN: 1 * 24 * 60 * 60,
|
|
13
|
+
DEFAULT_IDLE_SESSION_LIFESPAN: 2 * 60 * 60
|
|
14
|
+
};
|
|
15
|
+
return constants;
|
|
16
|
+
}
|
|
17
|
+
|
|
18
|
+
exports.__require = requireConstants;
|
|
19
|
+
//# sourceMappingURL=constants.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"constants.js","sources":["../../../server/services/constants.js"],"sourcesContent":["'use strict';\n\nmodule.exports = {\n DEFAULT_ACCESS_TOKEN_LIFESPAN: 10 * 60, // 10 minutes\n DEFAULT_MAX_REFRESH_TOKEN_LIFESPAN: 30 * 24 * 60 * 60, // 30 days\n DEFAULT_IDLE_REFRESH_TOKEN_LIFESPAN: 14 * 24 * 60 * 60, // 14 days\n DEFAULT_MAX_SESSION_LIFESPAN: 1 * 24 * 60 * 60, // 1 day\n DEFAULT_IDLE_SESSION_LIFESPAN: 2 * 60 * 60, // 2 hours\n};\n"],"names":["constants","DEFAULT_ACCESS_TOKEN_LIFESPAN","DEFAULT_MAX_REFRESH_TOKEN_LIFESPAN","DEFAULT_IDLE_REFRESH_TOKEN_LIFESPAN","DEFAULT_MAX_SESSION_LIFESPAN","DEFAULT_IDLE_SESSION_LIFESPAN"],"mappings":";;;;;;;IAEAA,SAAiB,GAAA;AACfC,QAAAA,6BAAAA,EAA+B,EAAK,GAAA,EAAA;QACpCC,kCAAoC,EAAA,EAAA,GAAK,KAAK,EAAK,GAAA,EAAA;QACnDC,mCAAqC,EAAA,EAAA,GAAK,KAAK,EAAK,GAAA,EAAA;QACpDC,4BAA8B,EAAA,CAAA,GAAI,KAAK,EAAK,GAAA,EAAA;AAC5CC,QAAAA,6BAAAA,EAA+B,IAAI,EAAK,GAAA;AAC1C,KAAA;;;;;;"}
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
var constants;
|
|
2
|
+
var hasRequiredConstants;
|
|
3
|
+
function requireConstants() {
|
|
4
|
+
if (hasRequiredConstants) return constants;
|
|
5
|
+
hasRequiredConstants = 1;
|
|
6
|
+
constants = {
|
|
7
|
+
DEFAULT_ACCESS_TOKEN_LIFESPAN: 10 * 60,
|
|
8
|
+
DEFAULT_MAX_REFRESH_TOKEN_LIFESPAN: 30 * 24 * 60 * 60,
|
|
9
|
+
DEFAULT_IDLE_REFRESH_TOKEN_LIFESPAN: 14 * 24 * 60 * 60,
|
|
10
|
+
DEFAULT_MAX_SESSION_LIFESPAN: 1 * 24 * 60 * 60,
|
|
11
|
+
DEFAULT_IDLE_SESSION_LIFESPAN: 2 * 60 * 60
|
|
12
|
+
};
|
|
13
|
+
return constants;
|
|
14
|
+
}
|
|
15
|
+
|
|
16
|
+
export { requireConstants as __require };
|
|
17
|
+
//# sourceMappingURL=constants.mjs.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"constants.mjs","sources":["../../../server/services/constants.js"],"sourcesContent":["'use strict';\n\nmodule.exports = {\n DEFAULT_ACCESS_TOKEN_LIFESPAN: 10 * 60, // 10 minutes\n DEFAULT_MAX_REFRESH_TOKEN_LIFESPAN: 30 * 24 * 60 * 60, // 30 days\n DEFAULT_IDLE_REFRESH_TOKEN_LIFESPAN: 14 * 24 * 60 * 60, // 14 days\n DEFAULT_MAX_SESSION_LIFESPAN: 1 * 24 * 60 * 60, // 1 day\n DEFAULT_IDLE_SESSION_LIFESPAN: 2 * 60 * 60, // 2 hours\n};\n"],"names":["constants","DEFAULT_ACCESS_TOKEN_LIFESPAN","DEFAULT_MAX_REFRESH_TOKEN_LIFESPAN","DEFAULT_IDLE_REFRESH_TOKEN_LIFESPAN","DEFAULT_MAX_SESSION_LIFESPAN","DEFAULT_IDLE_SESSION_LIFESPAN"],"mappings":";;;;;IAEAA,SAAiB,GAAA;AACfC,QAAAA,6BAAAA,EAA+B,EAAK,GAAA,EAAA;QACpCC,kCAAoC,EAAA,EAAA,GAAK,KAAK,EAAK,GAAA,EAAA;QACnDC,mCAAqC,EAAA,EAAA,GAAK,KAAK,EAAK,GAAA,EAAA;QACpDC,4BAA8B,EAAA,CAAA,GAAI,KAAK,EAAK,GAAA,EAAA;AAC5CC,QAAAA,6BAAAA,EAA+B,IAAI,EAAK,GAAA;AAC1C,KAAA;;;;;;"}
|
|
@@ -29,12 +29,55 @@ function requireJwt() {
|
|
|
29
29
|
return this.verify(token);
|
|
30
30
|
},
|
|
31
31
|
issue (payload, jwtOptions = {}) {
|
|
32
|
+
const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');
|
|
33
|
+
if (mode === 'refresh') {
|
|
34
|
+
const userId = String(payload.id ?? payload.userId ?? '');
|
|
35
|
+
if (!userId) {
|
|
36
|
+
throw new Error('Cannot issue token: missing user id');
|
|
37
|
+
}
|
|
38
|
+
const issueRefreshToken = async ()=>{
|
|
39
|
+
const refresh = await strapi.sessionManager('users-permissions').generateRefreshToken(userId, undefined, {
|
|
40
|
+
type: 'refresh'
|
|
41
|
+
});
|
|
42
|
+
const access = await strapi.sessionManager('users-permissions').generateAccessToken(refresh.token);
|
|
43
|
+
if ('error' in access) {
|
|
44
|
+
throw new Error('Failed to generate access token');
|
|
45
|
+
}
|
|
46
|
+
return access.token;
|
|
47
|
+
};
|
|
48
|
+
return issueRefreshToken();
|
|
49
|
+
}
|
|
32
50
|
_.defaults(jwtOptions, strapi.config.get('plugin::users-permissions.jwt'));
|
|
33
51
|
return jwt.sign(_.clone(payload.toJSON ? payload.toJSON() : payload), strapi.config.get('plugin::users-permissions.jwtSecret'), jwtOptions);
|
|
34
52
|
},
|
|
35
|
-
verify (token) {
|
|
53
|
+
async verify (token) {
|
|
54
|
+
const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');
|
|
55
|
+
if (mode === 'refresh') {
|
|
56
|
+
// Accept only access tokens minted by the SessionManager for UP
|
|
57
|
+
const result = strapi.sessionManager('users-permissions').validateAccessToken(token);
|
|
58
|
+
if (!result.isValid || result.payload.type !== 'access') {
|
|
59
|
+
throw new Error('Invalid token.');
|
|
60
|
+
}
|
|
61
|
+
const user = await strapi.db.query('plugin::users-permissions.user').findOne({
|
|
62
|
+
where: {
|
|
63
|
+
id: Number(result.payload.userId) || result.payload.userId
|
|
64
|
+
}
|
|
65
|
+
});
|
|
66
|
+
if (!user) {
|
|
67
|
+
throw new Error('Invalid token.');
|
|
68
|
+
}
|
|
69
|
+
return {
|
|
70
|
+
id: user.id
|
|
71
|
+
};
|
|
72
|
+
}
|
|
36
73
|
return new Promise((resolve, reject)=>{
|
|
37
|
-
|
|
74
|
+
const jwtConfig = strapi.config.get('plugin::users-permissions.jwt', {});
|
|
75
|
+
const algorithms = jwtConfig && jwtConfig.algorithm ? [
|
|
76
|
+
jwtConfig.algorithm
|
|
77
|
+
] : undefined;
|
|
78
|
+
jwt.verify(token, strapi.config.get('plugin::users-permissions.jwtSecret'), algorithms ? {
|
|
79
|
+
algorithms
|
|
80
|
+
} : {}, (err, tokenPayload = {})=>{
|
|
38
81
|
if (err) {
|
|
39
82
|
return reject(new Error('Invalid token.'));
|
|
40
83
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwt.js","sources":["../../../server/services/jwt.js"],"sourcesContent":["'use strict';\n\n/**\n * Jwt.js service\n *\n * @description: A set of functions similar to controller's actions to avoid code duplication.\n */\n\nconst _ = require('lodash');\nconst jwt = require('jsonwebtoken');\n\nmodule.exports = ({ strapi }) => ({\n getToken(ctx) {\n let token;\n\n if (ctx.request && ctx.request.header && ctx.request.header.authorization) {\n const parts = ctx.request.header.authorization.split(/\\s+/);\n\n if (parts[0].toLowerCase() !== 'bearer' || parts.length !== 2) {\n return null;\n }\n\n token = parts[1];\n } else {\n return null;\n }\n\n return this.verify(token);\n },\n\n issue(payload, jwtOptions = {}) {\n _.defaults(jwtOptions, strapi.config.get('plugin::users-permissions.jwt'));\n return jwt.sign(\n _.clone(payload.toJSON ? payload.toJSON() : payload),\n strapi.config.get('plugin::users-permissions.jwtSecret'),\n jwtOptions\n );\n },\n\n verify(token) {\n return new Promise((resolve, reject) => {\n jwt.verify(\n token,\n strapi.config.get('plugin::users-permissions.jwtSecret'),\n {},\n (err, tokenPayload = {}) => {\n if (err) {\n return reject(new Error('Invalid token.'));\n }\n resolve(tokenPayload);\n }\n );\n });\n },\n});\n"],"names":["_","require$$0","jwt","require$$1","jwt_1","strapi","getToken","ctx","token","request","header","authorization","parts","split","toLowerCase","length","verify","issue","payload","jwtOptions","
|
|
1
|
+
{"version":3,"file":"jwt.js","sources":["../../../server/services/jwt.js"],"sourcesContent":["'use strict';\n\n/**\n * Jwt.js service\n *\n * @description: A set of functions similar to controller's actions to avoid code duplication.\n */\n\nconst _ = require('lodash');\nconst jwt = require('jsonwebtoken');\n\nmodule.exports = ({ strapi }) => ({\n getToken(ctx) {\n let token;\n\n if (ctx.request && ctx.request.header && ctx.request.header.authorization) {\n const parts = ctx.request.header.authorization.split(/\\s+/);\n\n if (parts[0].toLowerCase() !== 'bearer' || parts.length !== 2) {\n return null;\n }\n\n token = parts[1];\n } else {\n return null;\n }\n\n return this.verify(token);\n },\n\n issue(payload, jwtOptions = {}) {\n const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');\n\n if (mode === 'refresh') {\n const userId = String(payload.id ?? payload.userId ?? '');\n if (!userId) {\n throw new Error('Cannot issue token: missing user id');\n }\n\n const issueRefreshToken = async () => {\n const refresh = await strapi\n .sessionManager('users-permissions')\n .generateRefreshToken(userId, undefined, { type: 'refresh' });\n\n const access = await strapi\n .sessionManager('users-permissions')\n .generateAccessToken(refresh.token);\n if ('error' in access) {\n throw new Error('Failed to generate access token');\n }\n\n return access.token;\n };\n\n return issueRefreshToken();\n }\n\n _.defaults(jwtOptions, strapi.config.get('plugin::users-permissions.jwt'));\n return jwt.sign(\n _.clone(payload.toJSON ? payload.toJSON() : payload),\n strapi.config.get('plugin::users-permissions.jwtSecret'),\n jwtOptions\n );\n },\n\n async verify(token) {\n const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');\n\n if (mode === 'refresh') {\n // Accept only access tokens minted by the SessionManager for UP\n const result = strapi.sessionManager('users-permissions').validateAccessToken(token);\n if (!result.isValid || result.payload.type !== 'access') {\n throw new Error('Invalid token.');\n }\n\n const user = await strapi.db\n .query('plugin::users-permissions.user')\n .findOne({ where: { id: Number(result.payload.userId) || result.payload.userId } });\n if (!user) {\n throw new Error('Invalid token.');\n }\n\n return { id: user.id };\n }\n\n return new Promise((resolve, reject) => {\n const jwtConfig = strapi.config.get('plugin::users-permissions.jwt', {});\n const algorithms = jwtConfig && jwtConfig.algorithm ? [jwtConfig.algorithm] : undefined;\n\n jwt.verify(\n token,\n strapi.config.get('plugin::users-permissions.jwtSecret'),\n algorithms ? { algorithms } : {},\n (err, tokenPayload = {}) => {\n if (err) {\n return reject(new Error('Invalid token.'));\n }\n resolve(tokenPayload);\n }\n );\n });\n },\n});\n"],"names":["_","require$$0","jwt","require$$1","jwt_1","strapi","getToken","ctx","token","request","header","authorization","parts","split","toLowerCase","length","verify","issue","payload","jwtOptions","mode","config","get","userId","String","id","Error","issueRefreshToken","refresh","sessionManager","generateRefreshToken","undefined","type","access","generateAccessToken","defaults","sign","clone","toJSON","result","validateAccessToken","isValid","user","db","query","findOne","where","Number","Promise","resolve","reject","jwtConfig","algorithms","algorithm","err","tokenPayload"],"mappings":";;;;;;;;;;AAEA;;;;AAIA,KAEA,MAAMA,CAAIC,GAAAA,UAAAA;AACV,IAAA,MAAMC,GAAMC,GAAAA,UAAAA;AAEZC,IAAAA,KAAAA,GAAiB,CAAC,EAAEC,MAAM,EAAE,IAAM;AAChCC,YAAAA,QAAAA,CAAAA,CAASC,GAAG,EAAA;gBACV,IAAIC,KAAAA;AAEJ,gBAAA,IAAID,GAAIE,CAAAA,OAAO,IAAIF,GAAAA,CAAIE,OAAO,CAACC,MAAM,IAAIH,GAAAA,CAAIE,OAAO,CAACC,MAAM,CAACC,aAAa,EAAE;oBACzE,MAAMC,KAAAA,GAAQL,IAAIE,OAAO,CAACC,MAAM,CAACC,aAAa,CAACE,KAAK,CAAC,KAAA,CAAA;oBAErD,IAAID,KAAK,CAAC,CAAA,CAAE,CAACE,WAAW,OAAO,QAAYF,IAAAA,KAAAA,CAAMG,MAAM,KAAK,CAAG,EAAA;wBAC7D,OAAO,IAAA;AACR;oBAEDP,KAAQI,GAAAA,KAAK,CAAC,CAAE,CAAA;iBACX,MAAA;oBACL,OAAO,IAAA;AACR;gBAED,OAAO,IAAI,CAACI,MAAM,CAACR,KAAAA,CAAAA;AACpB,aAAA;AAEDS,YAAAA,KAAAA,CAAAA,CAAMC,OAAO,EAAEC,UAAa,GAAA,EAAE,EAAA;AAC5B,gBAAA,MAAMC,OAAOf,MAAOgB,CAAAA,MAAM,CAACC,GAAG,CAAC,yCAA2C,EAAA,gBAAA,CAAA;AAE1E,gBAAA,IAAIF,SAAS,SAAW,EAAA;AACtB,oBAAA,MAAMG,SAASC,MAAON,CAAAA,OAAAA,CAAQO,EAAE,IAAIP,OAAAA,CAAQK,MAAM,IAAI,EAAA,CAAA;AACtD,oBAAA,IAAI,CAACA,MAAQ,EAAA;AACX,wBAAA,MAAM,IAAIG,KAAM,CAAA,qCAAA,CAAA;AACjB;AAED,oBAAA,MAAMC,iBAAoB,GAAA,UAAA;wBACxB,MAAMC,OAAAA,GAAU,MAAMvB,MACnBwB,CAAAA,cAAc,CAAC,mBACfC,CAAAA,CAAAA,oBAAoB,CAACP,MAAAA,EAAQQ,SAAW,EAAA;4BAAEC,IAAM,EAAA;AAAW,yBAAA,CAAA;wBAE9D,MAAMC,MAAAA,GAAS,MAAM5B,MAClBwB,CAAAA,cAAc,CAAC,mBACfK,CAAAA,CAAAA,mBAAmB,CAACN,OAAAA,CAAQpB,KAAK,CAAA;AACpC,wBAAA,IAAI,WAAWyB,MAAQ,EAAA;AACrB,4BAAA,MAAM,IAAIP,KAAM,CAAA,iCAAA,CAAA;AACjB;AAED,wBAAA,OAAOO,OAAOzB,KAAK;AAC3B,qBAAA;oBAEM,OAAOmB,iBAAAA,EAAAA;AACR;AAED3B,gBAAAA,CAAAA,CAAEmC,QAAQ,CAAChB,UAAAA,EAAYd,OAAOgB,MAAM,CAACC,GAAG,CAAC,+BAAA,CAAA,CAAA;AACzC,gBAAA,OAAOpB,IAAIkC,IAAI,CACbpC,EAAEqC,KAAK,CAACnB,QAAQoB,MAAM,GAAGpB,OAAQoB,CAAAA,MAAM,KAAKpB,OAC5Cb,CAAAA,EAAAA,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,qCAClBH,CAAAA,EAAAA,UAAAA,CAAAA;AAEH,aAAA;AAED,YAAA,MAAMH,QAAOR,KAAK,EAAA;AAChB,gBAAA,MAAMY,OAAOf,MAAOgB,CAAAA,MAAM,CAACC,GAAG,CAAC,yCAA2C,EAAA,gBAAA,CAAA;AAE1E,gBAAA,IAAIF,SAAS,SAAW,EAAA;;AAEtB,oBAAA,MAAMmB,SAASlC,MAAOwB,CAAAA,cAAc,CAAC,mBAAA,CAAA,CAAqBW,mBAAmB,CAAChC,KAAAA,CAAAA;oBAC9E,IAAI,CAAC+B,OAAOE,OAAO,IAAIF,OAAOrB,OAAO,CAACc,IAAI,KAAK,QAAU,EAAA;AACvD,wBAAA,MAAM,IAAIN,KAAM,CAAA,gBAAA,CAAA;AACjB;oBAED,MAAMgB,IAAAA,GAAO,MAAMrC,MAAOsC,CAAAA,EAAE,CACzBC,KAAK,CAAC,gCACNC,CAAAA,CAAAA,OAAO,CAAC;wBAAEC,KAAO,EAAA;4BAAErB,EAAIsB,EAAAA,MAAAA,CAAOR,OAAOrB,OAAO,CAACK,MAAM,CAAKgB,IAAAA,MAAAA,CAAOrB,OAAO,CAACK;AAAM;AAAI,qBAAA,CAAA;AACpF,oBAAA,IAAI,CAACmB,IAAM,EAAA;AACT,wBAAA,MAAM,IAAIhB,KAAM,CAAA,gBAAA,CAAA;AACjB;oBAED,OAAO;AAAED,wBAAAA,EAAAA,EAAIiB,KAAKjB;;AACnB;gBAED,OAAO,IAAIuB,OAAQ,CAAA,CAACC,OAASC,EAAAA,MAAAA,GAAAA;AAC3B,oBAAA,MAAMC,YAAY9C,MAAOgB,CAAAA,MAAM,CAACC,GAAG,CAAC,iCAAiC,EAAA,CAAA;AACrE,oBAAA,MAAM8B,UAAaD,GAAAA,SAAAA,IAAaA,SAAUE,CAAAA,SAAS,GAAG;AAACF,wBAAAA,SAAAA,CAAUE;qBAAU,GAAGtB,SAAAA;oBAE9E7B,GAAIc,CAAAA,MAAM,CACRR,KACAH,EAAAA,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,qCAAA,CAAA,EAClB8B,UAAa,GAAA;AAAEA,wBAAAA;AAAU,qBAAA,GAAK,EAC9B,EAAA,CAACE,GAAKC,EAAAA,YAAAA,GAAe,EAAE,GAAA;AACrB,wBAAA,IAAID,GAAK,EAAA;4BACP,OAAOJ,MAAAA,CAAO,IAAIxB,KAAM,CAAA,gBAAA,CAAA,CAAA;AACzB;wBACDuB,OAAQM,CAAAA,YAAAA,CAAAA;AACT,qBAAA,CAAA;AAET,iBAAA,CAAA;AACG;SACH,CAAA;;;;;;"}
|
|
@@ -27,12 +27,55 @@ function requireJwt() {
|
|
|
27
27
|
return this.verify(token);
|
|
28
28
|
},
|
|
29
29
|
issue (payload, jwtOptions = {}) {
|
|
30
|
+
const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');
|
|
31
|
+
if (mode === 'refresh') {
|
|
32
|
+
const userId = String(payload.id ?? payload.userId ?? '');
|
|
33
|
+
if (!userId) {
|
|
34
|
+
throw new Error('Cannot issue token: missing user id');
|
|
35
|
+
}
|
|
36
|
+
const issueRefreshToken = async ()=>{
|
|
37
|
+
const refresh = await strapi.sessionManager('users-permissions').generateRefreshToken(userId, undefined, {
|
|
38
|
+
type: 'refresh'
|
|
39
|
+
});
|
|
40
|
+
const access = await strapi.sessionManager('users-permissions').generateAccessToken(refresh.token);
|
|
41
|
+
if ('error' in access) {
|
|
42
|
+
throw new Error('Failed to generate access token');
|
|
43
|
+
}
|
|
44
|
+
return access.token;
|
|
45
|
+
};
|
|
46
|
+
return issueRefreshToken();
|
|
47
|
+
}
|
|
30
48
|
_.defaults(jwtOptions, strapi.config.get('plugin::users-permissions.jwt'));
|
|
31
49
|
return jwt.sign(_.clone(payload.toJSON ? payload.toJSON() : payload), strapi.config.get('plugin::users-permissions.jwtSecret'), jwtOptions);
|
|
32
50
|
},
|
|
33
|
-
verify (token) {
|
|
51
|
+
async verify (token) {
|
|
52
|
+
const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');
|
|
53
|
+
if (mode === 'refresh') {
|
|
54
|
+
// Accept only access tokens minted by the SessionManager for UP
|
|
55
|
+
const result = strapi.sessionManager('users-permissions').validateAccessToken(token);
|
|
56
|
+
if (!result.isValid || result.payload.type !== 'access') {
|
|
57
|
+
throw new Error('Invalid token.');
|
|
58
|
+
}
|
|
59
|
+
const user = await strapi.db.query('plugin::users-permissions.user').findOne({
|
|
60
|
+
where: {
|
|
61
|
+
id: Number(result.payload.userId) || result.payload.userId
|
|
62
|
+
}
|
|
63
|
+
});
|
|
64
|
+
if (!user) {
|
|
65
|
+
throw new Error('Invalid token.');
|
|
66
|
+
}
|
|
67
|
+
return {
|
|
68
|
+
id: user.id
|
|
69
|
+
};
|
|
70
|
+
}
|
|
34
71
|
return new Promise((resolve, reject)=>{
|
|
35
|
-
|
|
72
|
+
const jwtConfig = strapi.config.get('plugin::users-permissions.jwt', {});
|
|
73
|
+
const algorithms = jwtConfig && jwtConfig.algorithm ? [
|
|
74
|
+
jwtConfig.algorithm
|
|
75
|
+
] : undefined;
|
|
76
|
+
jwt.verify(token, strapi.config.get('plugin::users-permissions.jwtSecret'), algorithms ? {
|
|
77
|
+
algorithms
|
|
78
|
+
} : {}, (err, tokenPayload = {})=>{
|
|
36
79
|
if (err) {
|
|
37
80
|
return reject(new Error('Invalid token.'));
|
|
38
81
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwt.mjs","sources":["../../../server/services/jwt.js"],"sourcesContent":["'use strict';\n\n/**\n * Jwt.js service\n *\n * @description: A set of functions similar to controller's actions to avoid code duplication.\n */\n\nconst _ = require('lodash');\nconst jwt = require('jsonwebtoken');\n\nmodule.exports = ({ strapi }) => ({\n getToken(ctx) {\n let token;\n\n if (ctx.request && ctx.request.header && ctx.request.header.authorization) {\n const parts = ctx.request.header.authorization.split(/\\s+/);\n\n if (parts[0].toLowerCase() !== 'bearer' || parts.length !== 2) {\n return null;\n }\n\n token = parts[1];\n } else {\n return null;\n }\n\n return this.verify(token);\n },\n\n issue(payload, jwtOptions = {}) {\n _.defaults(jwtOptions, strapi.config.get('plugin::users-permissions.jwt'));\n return jwt.sign(\n _.clone(payload.toJSON ? payload.toJSON() : payload),\n strapi.config.get('plugin::users-permissions.jwtSecret'),\n jwtOptions\n );\n },\n\n verify(token) {\n return new Promise((resolve, reject) => {\n jwt.verify(\n token,\n strapi.config.get('plugin::users-permissions.jwtSecret'),\n {},\n (err, tokenPayload = {}) => {\n if (err) {\n return reject(new Error('Invalid token.'));\n }\n resolve(tokenPayload);\n }\n );\n });\n },\n});\n"],"names":["_","require$$0","jwt","require$$1","jwt_1","strapi","getToken","ctx","token","request","header","authorization","parts","split","toLowerCase","length","verify","issue","payload","jwtOptions","
|
|
1
|
+
{"version":3,"file":"jwt.mjs","sources":["../../../server/services/jwt.js"],"sourcesContent":["'use strict';\n\n/**\n * Jwt.js service\n *\n * @description: A set of functions similar to controller's actions to avoid code duplication.\n */\n\nconst _ = require('lodash');\nconst jwt = require('jsonwebtoken');\n\nmodule.exports = ({ strapi }) => ({\n getToken(ctx) {\n let token;\n\n if (ctx.request && ctx.request.header && ctx.request.header.authorization) {\n const parts = ctx.request.header.authorization.split(/\\s+/);\n\n if (parts[0].toLowerCase() !== 'bearer' || parts.length !== 2) {\n return null;\n }\n\n token = parts[1];\n } else {\n return null;\n }\n\n return this.verify(token);\n },\n\n issue(payload, jwtOptions = {}) {\n const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');\n\n if (mode === 'refresh') {\n const userId = String(payload.id ?? payload.userId ?? '');\n if (!userId) {\n throw new Error('Cannot issue token: missing user id');\n }\n\n const issueRefreshToken = async () => {\n const refresh = await strapi\n .sessionManager('users-permissions')\n .generateRefreshToken(userId, undefined, { type: 'refresh' });\n\n const access = await strapi\n .sessionManager('users-permissions')\n .generateAccessToken(refresh.token);\n if ('error' in access) {\n throw new Error('Failed to generate access token');\n }\n\n return access.token;\n };\n\n return issueRefreshToken();\n }\n\n _.defaults(jwtOptions, strapi.config.get('plugin::users-permissions.jwt'));\n return jwt.sign(\n _.clone(payload.toJSON ? payload.toJSON() : payload),\n strapi.config.get('plugin::users-permissions.jwtSecret'),\n jwtOptions\n );\n },\n\n async verify(token) {\n const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');\n\n if (mode === 'refresh') {\n // Accept only access tokens minted by the SessionManager for UP\n const result = strapi.sessionManager('users-permissions').validateAccessToken(token);\n if (!result.isValid || result.payload.type !== 'access') {\n throw new Error('Invalid token.');\n }\n\n const user = await strapi.db\n .query('plugin::users-permissions.user')\n .findOne({ where: { id: Number(result.payload.userId) || result.payload.userId } });\n if (!user) {\n throw new Error('Invalid token.');\n }\n\n return { id: user.id };\n }\n\n return new Promise((resolve, reject) => {\n const jwtConfig = strapi.config.get('plugin::users-permissions.jwt', {});\n const algorithms = jwtConfig && jwtConfig.algorithm ? [jwtConfig.algorithm] : undefined;\n\n jwt.verify(\n token,\n strapi.config.get('plugin::users-permissions.jwtSecret'),\n algorithms ? { algorithms } : {},\n (err, tokenPayload = {}) => {\n if (err) {\n return reject(new Error('Invalid token.'));\n }\n resolve(tokenPayload);\n }\n );\n });\n },\n});\n"],"names":["_","require$$0","jwt","require$$1","jwt_1","strapi","getToken","ctx","token","request","header","authorization","parts","split","toLowerCase","length","verify","issue","payload","jwtOptions","mode","config","get","userId","String","id","Error","issueRefreshToken","refresh","sessionManager","generateRefreshToken","undefined","type","access","generateAccessToken","defaults","sign","clone","toJSON","result","validateAccessToken","isValid","user","db","query","findOne","where","Number","Promise","resolve","reject","jwtConfig","algorithms","algorithm","err","tokenPayload"],"mappings":";;;;;;;;AAEA;;;;AAIA,KAEA,MAAMA,CAAIC,GAAAA,UAAAA;AACV,IAAA,MAAMC,GAAMC,GAAAA,UAAAA;AAEZC,IAAAA,KAAAA,GAAiB,CAAC,EAAEC,MAAM,EAAE,IAAM;AAChCC,YAAAA,QAAAA,CAAAA,CAASC,GAAG,EAAA;gBACV,IAAIC,KAAAA;AAEJ,gBAAA,IAAID,GAAIE,CAAAA,OAAO,IAAIF,GAAAA,CAAIE,OAAO,CAACC,MAAM,IAAIH,GAAAA,CAAIE,OAAO,CAACC,MAAM,CAACC,aAAa,EAAE;oBACzE,MAAMC,KAAAA,GAAQL,IAAIE,OAAO,CAACC,MAAM,CAACC,aAAa,CAACE,KAAK,CAAC,KAAA,CAAA;oBAErD,IAAID,KAAK,CAAC,CAAA,CAAE,CAACE,WAAW,OAAO,QAAYF,IAAAA,KAAAA,CAAMG,MAAM,KAAK,CAAG,EAAA;wBAC7D,OAAO,IAAA;AACR;oBAEDP,KAAQI,GAAAA,KAAK,CAAC,CAAE,CAAA;iBACX,MAAA;oBACL,OAAO,IAAA;AACR;gBAED,OAAO,IAAI,CAACI,MAAM,CAACR,KAAAA,CAAAA;AACpB,aAAA;AAEDS,YAAAA,KAAAA,CAAAA,CAAMC,OAAO,EAAEC,UAAa,GAAA,EAAE,EAAA;AAC5B,gBAAA,MAAMC,OAAOf,MAAOgB,CAAAA,MAAM,CAACC,GAAG,CAAC,yCAA2C,EAAA,gBAAA,CAAA;AAE1E,gBAAA,IAAIF,SAAS,SAAW,EAAA;AACtB,oBAAA,MAAMG,SAASC,MAAON,CAAAA,OAAAA,CAAQO,EAAE,IAAIP,OAAAA,CAAQK,MAAM,IAAI,EAAA,CAAA;AACtD,oBAAA,IAAI,CAACA,MAAQ,EAAA;AACX,wBAAA,MAAM,IAAIG,KAAM,CAAA,qCAAA,CAAA;AACjB;AAED,oBAAA,MAAMC,iBAAoB,GAAA,UAAA;wBACxB,MAAMC,OAAAA,GAAU,MAAMvB,MACnBwB,CAAAA,cAAc,CAAC,mBACfC,CAAAA,CAAAA,oBAAoB,CAACP,MAAAA,EAAQQ,SAAW,EAAA;4BAAEC,IAAM,EAAA;AAAW,yBAAA,CAAA;wBAE9D,MAAMC,MAAAA,GAAS,MAAM5B,MAClBwB,CAAAA,cAAc,CAAC,mBACfK,CAAAA,CAAAA,mBAAmB,CAACN,OAAAA,CAAQpB,KAAK,CAAA;AACpC,wBAAA,IAAI,WAAWyB,MAAQ,EAAA;AACrB,4BAAA,MAAM,IAAIP,KAAM,CAAA,iCAAA,CAAA;AACjB;AAED,wBAAA,OAAOO,OAAOzB,KAAK;AAC3B,qBAAA;oBAEM,OAAOmB,iBAAAA,EAAAA;AACR;AAED3B,gBAAAA,CAAAA,CAAEmC,QAAQ,CAAChB,UAAAA,EAAYd,OAAOgB,MAAM,CAACC,GAAG,CAAC,+BAAA,CAAA,CAAA;AACzC,gBAAA,OAAOpB,IAAIkC,IAAI,CACbpC,EAAEqC,KAAK,CAACnB,QAAQoB,MAAM,GAAGpB,OAAQoB,CAAAA,MAAM,KAAKpB,OAC5Cb,CAAAA,EAAAA,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,qCAClBH,CAAAA,EAAAA,UAAAA,CAAAA;AAEH,aAAA;AAED,YAAA,MAAMH,QAAOR,KAAK,EAAA;AAChB,gBAAA,MAAMY,OAAOf,MAAOgB,CAAAA,MAAM,CAACC,GAAG,CAAC,yCAA2C,EAAA,gBAAA,CAAA;AAE1E,gBAAA,IAAIF,SAAS,SAAW,EAAA;;AAEtB,oBAAA,MAAMmB,SAASlC,MAAOwB,CAAAA,cAAc,CAAC,mBAAA,CAAA,CAAqBW,mBAAmB,CAAChC,KAAAA,CAAAA;oBAC9E,IAAI,CAAC+B,OAAOE,OAAO,IAAIF,OAAOrB,OAAO,CAACc,IAAI,KAAK,QAAU,EAAA;AACvD,wBAAA,MAAM,IAAIN,KAAM,CAAA,gBAAA,CAAA;AACjB;oBAED,MAAMgB,IAAAA,GAAO,MAAMrC,MAAOsC,CAAAA,EAAE,CACzBC,KAAK,CAAC,gCACNC,CAAAA,CAAAA,OAAO,CAAC;wBAAEC,KAAO,EAAA;4BAAErB,EAAIsB,EAAAA,MAAAA,CAAOR,OAAOrB,OAAO,CAACK,MAAM,CAAKgB,IAAAA,MAAAA,CAAOrB,OAAO,CAACK;AAAM;AAAI,qBAAA,CAAA;AACpF,oBAAA,IAAI,CAACmB,IAAM,EAAA;AACT,wBAAA,MAAM,IAAIhB,KAAM,CAAA,gBAAA,CAAA;AACjB;oBAED,OAAO;AAAED,wBAAAA,EAAAA,EAAIiB,KAAKjB;;AACnB;gBAED,OAAO,IAAIuB,OAAQ,CAAA,CAACC,OAASC,EAAAA,MAAAA,GAAAA;AAC3B,oBAAA,MAAMC,YAAY9C,MAAOgB,CAAAA,MAAM,CAACC,GAAG,CAAC,iCAAiC,EAAA,CAAA;AACrE,oBAAA,MAAM8B,UAAaD,GAAAA,SAAAA,IAAaA,SAAUE,CAAAA,SAAS,GAAG;AAACF,wBAAAA,SAAAA,CAAUE;qBAAU,GAAGtB,SAAAA;oBAE9E7B,GAAIc,CAAAA,MAAM,CACRR,KACAH,EAAAA,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,qCAAA,CAAA,EAClB8B,UAAa,GAAA;AAAEA,wBAAAA;AAAU,qBAAA,GAAK,EAC9B,EAAA,CAACE,GAAKC,EAAAA,YAAAA,GAAe,EAAE,GAAA;AACrB,wBAAA,IAAID,GAAK,EAAA;4BACP,OAAOJ,MAAAA,CAAO,IAAIxB,KAAM,CAAA,gBAAA,CAAA,CAAA;AACzB;wBACDuB,OAAQM,CAAAA,YAAAA,CAAAA;AACT,qBAAA,CAAA;AAET,iBAAA,CAAA;AACG;SACH,CAAA;;;;;;"}
|
|
@@ -23,13 +23,17 @@ function requireUser() {
|
|
|
23
23
|
const { toNumber, getOr } = require$$0$1;
|
|
24
24
|
const { getService } = index.__require();
|
|
25
25
|
const USER_MODEL_UID = 'plugin::users-permissions.user';
|
|
26
|
-
|
|
26
|
+
const getSessionManager = ()=>{
|
|
27
|
+
const manager = strapi.sessionManager;
|
|
28
|
+
return manager ?? null;
|
|
29
|
+
};
|
|
30
|
+
user = ({ strapi: strapi1 })=>({
|
|
27
31
|
/**
|
|
28
32
|
* Promise to count users
|
|
29
33
|
*
|
|
30
34
|
* @return {Promise}
|
|
31
35
|
*/ count (params) {
|
|
32
|
-
return
|
|
36
|
+
return strapi1.db.query(USER_MODEL_UID).count({
|
|
33
37
|
where: params
|
|
34
38
|
});
|
|
35
39
|
},
|
|
@@ -41,7 +45,7 @@ function requireUser() {
|
|
|
41
45
|
* @param {object} values - The object containing the fields to be hashed.
|
|
42
46
|
* @return {object} The values object with hashed password fields if they were present.
|
|
43
47
|
*/ async ensureHashedPasswords (values) {
|
|
44
|
-
const attributes =
|
|
48
|
+
const attributes = strapi1.getModel(USER_MODEL_UID).attributes;
|
|
45
49
|
for(const key in values){
|
|
46
50
|
if (attributes[key] && attributes[key].type === 'password') {
|
|
47
51
|
// Check if a custom encryption.rounds has been set on the password attribute
|
|
@@ -55,7 +59,7 @@ function requireUser() {
|
|
|
55
59
|
* Promise to add a/an user.
|
|
56
60
|
* @return {Promise}
|
|
57
61
|
*/ async add (values) {
|
|
58
|
-
return
|
|
62
|
+
return strapi1.db.query(USER_MODEL_UID).create({
|
|
59
63
|
data: await this.ensureHashedPasswords(values),
|
|
60
64
|
populate: [
|
|
61
65
|
'role'
|
|
@@ -68,7 +72,7 @@ function requireUser() {
|
|
|
68
72
|
* @param {object} params
|
|
69
73
|
* @return {Promise}
|
|
70
74
|
*/ async edit (userId, params = {}) {
|
|
71
|
-
return
|
|
75
|
+
return strapi1.db.query(USER_MODEL_UID).update({
|
|
72
76
|
where: {
|
|
73
77
|
id: userId
|
|
74
78
|
},
|
|
@@ -82,8 +86,8 @@ function requireUser() {
|
|
|
82
86
|
* Promise to fetch a/an user.
|
|
83
87
|
* @return {Promise}
|
|
84
88
|
*/ fetch (id, params) {
|
|
85
|
-
const query =
|
|
86
|
-
return
|
|
89
|
+
const query = strapi1.get('query-params').transform(USER_MODEL_UID, params ?? {});
|
|
90
|
+
return strapi1.db.query(USER_MODEL_UID).findOne({
|
|
87
91
|
...query,
|
|
88
92
|
where: {
|
|
89
93
|
$and: [
|
|
@@ -99,7 +103,7 @@ function requireUser() {
|
|
|
99
103
|
* Promise to fetch authenticated user.
|
|
100
104
|
* @return {Promise}
|
|
101
105
|
*/ fetchAuthenticatedUser (id) {
|
|
102
|
-
return
|
|
106
|
+
return strapi1.db.query(USER_MODEL_UID).findOne({
|
|
103
107
|
where: {
|
|
104
108
|
id
|
|
105
109
|
},
|
|
@@ -112,14 +116,19 @@ function requireUser() {
|
|
|
112
116
|
* Promise to fetch all users.
|
|
113
117
|
* @return {Promise}
|
|
114
118
|
*/ fetchAll (params) {
|
|
115
|
-
const query =
|
|
116
|
-
return
|
|
119
|
+
const query = strapi1.get('query-params').transform(USER_MODEL_UID, params ?? {});
|
|
120
|
+
return strapi1.db.query(USER_MODEL_UID).findMany(query);
|
|
117
121
|
},
|
|
118
122
|
/**
|
|
119
123
|
* Promise to remove a/an user.
|
|
120
124
|
* @return {Promise}
|
|
121
125
|
*/ async remove (params) {
|
|
122
|
-
|
|
126
|
+
// Invalidate sessions for all affected users
|
|
127
|
+
const sessionManager = getSessionManager();
|
|
128
|
+
if (sessionManager && sessionManager.hasOrigin('users-permissions') && params.id) {
|
|
129
|
+
await sessionManager('users-permissions').invalidateRefreshToken(String(params.id));
|
|
130
|
+
}
|
|
131
|
+
return strapi1.db.query(USER_MODEL_UID).delete({
|
|
123
132
|
where: params
|
|
124
133
|
});
|
|
125
134
|
},
|
|
@@ -128,29 +137,29 @@ function requireUser() {
|
|
|
128
137
|
},
|
|
129
138
|
async sendConfirmationEmail (user) {
|
|
130
139
|
const userPermissionService = getService('users-permissions');
|
|
131
|
-
const pluginStore = await
|
|
140
|
+
const pluginStore = await strapi1.store({
|
|
132
141
|
type: 'plugin',
|
|
133
142
|
name: 'users-permissions'
|
|
134
143
|
});
|
|
135
|
-
const userSchema =
|
|
144
|
+
const userSchema = strapi1.getModel(USER_MODEL_UID);
|
|
136
145
|
const settings = await pluginStore.get({
|
|
137
146
|
key: 'email'
|
|
138
147
|
}).then((storeEmail)=>storeEmail.email_confirmation.options);
|
|
139
148
|
// Sanitize the template's user information
|
|
140
149
|
const sanitizedUserInfo = await sanitize.sanitizers.defaultSanitizeOutput({
|
|
141
150
|
schema: userSchema,
|
|
142
|
-
getModel:
|
|
151
|
+
getModel: strapi1.getModel.bind(strapi1)
|
|
143
152
|
}, user);
|
|
144
153
|
const confirmationToken = crypto.randomBytes(20).toString('hex');
|
|
145
154
|
await this.edit(user.id, {
|
|
146
155
|
confirmationToken
|
|
147
156
|
});
|
|
148
|
-
const apiPrefix =
|
|
157
|
+
const apiPrefix = strapi1.config.get('api.rest.prefix');
|
|
149
158
|
try {
|
|
150
159
|
settings.message = await userPermissionService.template(settings.message, {
|
|
151
|
-
URL: urlJoin(
|
|
152
|
-
SERVER_URL:
|
|
153
|
-
ADMIN_URL:
|
|
160
|
+
URL: urlJoin(strapi1.config.get('server.absoluteUrl'), apiPrefix, '/auth/email-confirmation'),
|
|
161
|
+
SERVER_URL: strapi1.config.get('server.absoluteUrl'),
|
|
162
|
+
ADMIN_URL: strapi1.config.get('admin.absoluteUrl'),
|
|
154
163
|
USER: sanitizedUserInfo,
|
|
155
164
|
CODE: confirmationToken
|
|
156
165
|
});
|
|
@@ -158,11 +167,11 @@ function requireUser() {
|
|
|
158
167
|
USER: sanitizedUserInfo
|
|
159
168
|
});
|
|
160
169
|
} catch {
|
|
161
|
-
|
|
170
|
+
strapi1.log.error('[plugin::users-permissions.sendConfirmationEmail]: Failed to generate a template for "user confirmation email". Please make sure your email template is valid and does not contain invalid characters or patterns');
|
|
162
171
|
return;
|
|
163
172
|
}
|
|
164
173
|
// Send an email to the user.
|
|
165
|
-
await
|
|
174
|
+
await strapi1.plugin('email').service('email').send({
|
|
166
175
|
to: user.email,
|
|
167
176
|
from: settings.from.email && settings.from.name ? `${settings.from.name} <${settings.from.email}>` : undefined,
|
|
168
177
|
replyTo: settings.response_email,
|