@strapi/plugin-users-permissions 5.49.0 → 5.50.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.eslintrc.cjs +1 -0
- package/admin/src/pages/AdvancedSettings/index.jsx +1 -1
- package/admin/src/pages/Roles/pages/ListPage/index.jsx +1 -1
- package/admin/src/translations/ja.json +46 -7
- package/dist/admin/pages/AdvancedSettings/index.js +1 -1
- package/dist/admin/pages/AdvancedSettings/index.js.map +1 -1
- package/dist/admin/pages/AdvancedSettings/index.mjs +1 -1
- package/dist/admin/pages/AdvancedSettings/index.mjs.map +1 -1
- package/dist/admin/pages/Roles/pages/ListPage/index.js +1 -1
- package/dist/admin/pages/Roles/pages/ListPage/index.js.map +1 -1
- package/dist/admin/pages/Roles/pages/ListPage/index.mjs +1 -1
- package/dist/admin/pages/Roles/pages/ListPage/index.mjs.map +1 -1
- package/dist/admin/translations/ja.json.js +46 -7
- package/dist/admin/translations/ja.json.js.map +1 -1
- package/dist/admin/translations/ja.json.mjs +46 -7
- package/dist/admin/translations/ja.json.mjs.map +1 -1
- package/dist/server/controllers/auth.js +133 -114
- package/dist/server/controllers/auth.js.map +1 -1
- package/dist/server/controllers/auth.mjs +132 -113
- package/dist/server/controllers/auth.mjs.map +1 -1
- package/dist/server/controllers/validation/auth.js +6 -6
- package/dist/server/controllers/validation/auth.js.map +1 -1
- package/dist/server/controllers/validation/auth.mjs +6 -6
- package/dist/server/controllers/validation/auth.mjs.map +1 -1
- package/dist/server/controllers/validation/user.js +16 -9
- package/dist/server/controllers/validation/user.js.map +1 -1
- package/dist/server/controllers/validation/user.mjs +16 -9
- package/dist/server/controllers/validation/user.mjs.map +1 -1
- package/dist/server/routes/content-api/auth.js +16 -0
- package/dist/server/routes/content-api/auth.js.map +1 -1
- package/dist/server/routes/content-api/auth.mjs +16 -0
- package/dist/server/routes/content-api/auth.mjs.map +1 -1
- package/dist/server/routes/content-api/validation.js +29 -2
- package/dist/server/routes/content-api/validation.js.map +1 -1
- package/dist/server/routes/content-api/validation.mjs +29 -2
- package/dist/server/routes/content-api/validation.mjs.map +1 -1
- package/dist/server/services/jwt.js +8 -6
- package/dist/server/services/jwt.js.map +1 -1
- package/dist/server/services/jwt.mjs +8 -6
- package/dist/server/services/jwt.mjs.map +1 -1
- package/dist/server/services/users-permissions.js +8 -0
- package/dist/server/services/users-permissions.js.map +1 -1
- package/dist/server/services/users-permissions.mjs +8 -0
- package/dist/server/services/users-permissions.mjs.map +1 -1
- package/dist/server/strategies/users-permissions.js +8 -1
- package/dist/server/strategies/users-permissions.js.map +1 -1
- package/dist/server/strategies/users-permissions.mjs +8 -1
- package/dist/server/strategies/users-permissions.mjs.map +1 -1
- package/dist/server/utils/refresh-cookie-options.js +27 -0
- package/dist/server/utils/refresh-cookie-options.js.map +1 -0
- package/dist/server/utils/refresh-cookie-options.mjs +25 -0
- package/dist/server/utils/refresh-cookie-options.mjs.map +1 -0
- package/lint-staged.config.mjs +1 -0
- package/package.json +5 -5
- package/rollup.config.mjs +3 -3
- package/server/controllers/auth.js +162 -141
- package/server/controllers/validation/auth.js +6 -6
- package/server/controllers/validation/user.js +22 -9
- package/server/routes/content-api/auth.js +12 -0
- package/server/routes/content-api/validation.js +32 -2
- package/server/services/jwt.js +4 -3
- package/server/services/users-permissions.js +2 -0
- package/server/strategies/users-permissions.js +6 -1
- package/server/utils/refresh-cookie-options.js +20 -0
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"user.mjs","sources":["../../../../server/controllers/validation/user.js"],"sourcesContent":["'use strict';\n\nconst { yup, validateYupSchema } = require('@strapi/utils');\n\nconst deleteRoleSchema = yup.object().shape({\n role: yup.strapiID().required(),\n});\n\nconst createUserBodySchema = yup.object().shape({\n email: yup.string().email().required(),\n username: yup.string().min(1).required(),\n password: yup.string().min(1).required(),\n role: yup.lazy((value) =>\n typeof value === 'object'\n ? yup\n .object()\n .shape({\n connect: yup\n .array()\n .of(
|
|
1
|
+
{"version":3,"file":"user.mjs","sources":["../../../../server/controllers/validation/user.js"],"sourcesContent":["'use strict';\n\nconst { yup, validateYupSchema } = require('@strapi/utils');\n\nconst deleteRoleSchema = yup.object().shape({\n role: yup.strapiID().required(),\n});\n\n// A role relation entry may be referenced by numeric `id` (legacy) or by\n// `documentId` (the v5 default), but must carry at least one of them.\nconst roleRelationEntrySchema = yup\n .object()\n .shape({ id: yup.strapiID(), documentId: yup.strapiID() })\n .test(\n 'id-or-documentId',\n 'Relation entry must include an id or documentId',\n (entry) => !!entry && (entry.id != null || entry.documentId != null)\n );\n\nconst createUserBodySchema = yup.object().shape({\n email: yup.string().email().required(),\n username: yup.string().min(1).required(),\n password: yup.string().min(1).required(),\n role: yup.lazy((value) =>\n typeof value === 'object'\n ? yup\n .object()\n .shape({\n connect: yup\n .array()\n .of(roleRelationEntrySchema)\n .min(1, 'Users must have a role')\n .required(),\n })\n .required()\n : yup.strapiID().required()\n ),\n});\n\nconst updateUserBodySchema = yup.object().shape({\n email: yup.string().email().min(1),\n username: yup.string().min(1),\n password: yup\n .mixed()\n .test(\n 'password-validation',\n 'Password must be at least 1 character',\n function validatePassword(value) {\n if (value == null || value === '') {\n return true;\n }\n return typeof value === 'string' && value.length >= 1;\n }\n ),\n role: yup.lazy((value) =>\n typeof value === 'object'\n ? yup.object().shape({\n // connect/disconnect are each optional (matching core relation inputs),\n // but a role must remain: reject disconnecting every role without\n // connecting a replacement.\n connect: yup.array().of(roleRelationEntrySchema),\n disconnect: yup\n .array()\n .of(roleRelationEntrySchema)\n .test('CheckDisconnect', 'Cannot remove role', function test(disconnect) {\n const connectValue = value.connect || [];\n const disconnectValue = disconnect || [];\n if (connectValue.length === 0 && disconnectValue.length > 0) {\n return false;\n }\n\n return true;\n }),\n })\n : yup.strapiID()\n ),\n});\n\nmodule.exports = {\n validateCreateUserBody: validateYupSchema(createUserBodySchema),\n validateUpdateUserBody: validateYupSchema(updateUserBodySchema),\n validateDeleteRoleBody: validateYupSchema(deleteRoleSchema),\n};\n"],"names":["yup","validateYupSchema","require$$0","deleteRoleSchema","object","shape","role","strapiID","required","roleRelationEntrySchema","id","documentId","test","entry","createUserBodySchema","email","string","username","min","password","lazy","value","connect","array","of","updateUserBodySchema","mixed","validatePassword","length","disconnect","connectValue","disconnectValue","user","validateCreateUserBody","validateUpdateUserBody","validateDeleteRoleBody"],"mappings":";;;;;;;AAEA,IAAA,MAAM,EAAEA,GAAG,EAAEC,iBAAiB,EAAE,GAAGC,UAAAA;AAEnC,IAAA,MAAMC,gBAAAA,GAAmBH,GAAAA,CAAII,MAAM,EAAA,CAAGC,KAAK,CAAC;QAC1CC,IAAAA,EAAMN,GAAAA,CAAIO,QAAQ,EAAA,CAAGC,QAAQ;AAC/B,KAAA,CAAA;;;AAIA,IAAA,MAAMC,uBAAAA,GAA0BT,GAAAA,CAC7BI,MAAM,EAAA,CACNC,KAAK,CAAC;AAAEK,QAAAA,EAAAA,EAAIV,IAAIO,QAAQ,EAAA;AAAII,QAAAA,UAAAA,EAAYX,IAAIO,QAAQ;OACpDK,IAAI,CACH,kBAAA,EACA,iDAAA,EACA,CAACC,QAAU,CAAC,CAACA,KAAAA,KAAUA,MAAMH,EAAE,IAAI,QAAQG,KAAAA,CAAMF,UAAU,IAAI;AAGnE,IAAA,MAAMG,oBAAAA,GAAuBd,GAAAA,CAAII,MAAM,EAAA,CAAGC,KAAK,CAAC;AAC9CU,QAAAA,KAAAA,EAAOf,GAAAA,CAAIgB,MAAM,EAAA,CAAGD,KAAK,GAAGP,QAAQ,EAAA;AACpCS,QAAAA,QAAAA,EAAUjB,IAAIgB,MAAM,EAAA,CAAGE,GAAG,CAAC,GAAGV,QAAQ,EAAA;AACtCW,QAAAA,QAAAA,EAAUnB,IAAIgB,MAAM,EAAA,CAAGE,GAAG,CAAC,GAAGV,QAAQ,EAAA;AACtCF,QAAAA,IAAAA,EAAMN,GAAAA,CAAIoB,IAAI,CAAC,CAACC,KAAAA,GACd,OAAOA,KAAAA,KAAU,QAAA,GACbrB,GAAAA,CACGI,MAAM,EAAA,CACNC,KAAK,CAAC;gBACLiB,OAAAA,EAAStB,GAAAA,CACNuB,KAAK,EAAA,CACLC,EAAE,CAACf,yBACHS,GAAG,CAAC,CAAA,EAAG,wBAAA,CAAA,CACPV,QAAQ;AACvB,aAAA,CAAA,CACWA,QAAQ,EAAA,GACXR,GAAAA,CAAIO,QAAQ,GAAGC,QAAQ,EAAA;AAE/B,KAAA,CAAA;AAEA,IAAA,MAAMiB,oBAAAA,GAAuBzB,GAAAA,CAAII,MAAM,EAAA,CAAGC,KAAK,CAAC;AAC9CU,QAAAA,KAAAA,EAAOf,IAAIgB,MAAM,EAAA,CAAGD,KAAK,EAAA,CAAGG,GAAG,CAAC,CAAA,CAAA;AAChCD,QAAAA,QAAAA,EAAUjB,GAAAA,CAAIgB,MAAM,EAAA,CAAGE,GAAG,CAAC,CAAA,CAAA;QAC3BC,QAAAA,EAAUnB,GAAAA,CACP0B,KAAK,EAAA,CACLd,IAAI,CACH,qBAAA,EACA,uCAAA,EACA,SAASe,gBAAAA,CAAiBN,KAAK,EAAA;YAC7B,IAAIA,KAAAA,IAAS,IAAA,IAAQA,KAAAA,KAAU,EAAA,EAAI;gBACjC,OAAO,IAAA;AACjB,YAAA;AACQ,YAAA,OAAO,OAAOA,KAAAA,KAAU,QAAA,IAAYA,KAAAA,CAAMO,MAAM,IAAI,CAAA;AAC5D,QAAA,CAAA,CAAA;AAEEtB,QAAAA,IAAAA,EAAMN,GAAAA,CAAIoB,IAAI,CAAC,CAACC,KAAAA,GACd,OAAOA,KAAAA,KAAU,QAAA,GACbrB,GAAAA,CAAII,MAAM,EAAA,CAAGC,KAAK,CAAC;;;;AAIjBiB,gBAAAA,OAAAA,EAAStB,GAAAA,CAAIuB,KAAK,EAAA,CAAGC,EAAE,CAACf,uBAAAA,CAAAA;AACxBoB,gBAAAA,UAAAA,EAAY7B,GAAAA,CACTuB,KAAK,EAAA,CACLC,EAAE,CAACf,uBAAAA,CAAAA,CACHG,IAAI,CAAC,iBAAA,EAAmB,oBAAA,EAAsB,SAASA,IAAAA,CAAKiB,UAAU,EAAA;AACrE,oBAAA,MAAMC,YAAAA,GAAeT,KAAAA,CAAMC,OAAO,IAAI,EAAE;oBACxC,MAAMS,eAAAA,GAAkBF,cAAc,EAAE;AACxC,oBAAA,IAAIC,aAAaF,MAAM,KAAK,KAAKG,eAAAA,CAAgBH,MAAM,GAAG,CAAA,EAAG;wBAC3D,OAAO,KAAA;AACvB,oBAAA;oBAEc,OAAO,IAAA;AACrB,gBAAA,CAAA;AACA,aAAA,CAAA,GACQ5B,IAAIO,QAAQ,EAAA;AAEpB,KAAA,CAAA;IAEAyB,IAAAA,GAAiB;AACfC,QAAAA,sBAAAA,EAAwBhC,iBAAAA,CAAkBa,oBAAAA,CAAAA;AAC1CoB,QAAAA,sBAAAA,EAAwBjC,iBAAAA,CAAkBwB,oBAAAA,CAAAA;AAC1CU,QAAAA,sBAAAA,EAAwBlC,iBAAAA,CAAkBE,gBAAAA;AAC5C,KAAA;;;;;;"}
|
|
@@ -161,6 +161,22 @@ function requireAuth() {
|
|
|
161
161
|
config: {
|
|
162
162
|
prefix: ''
|
|
163
163
|
}
|
|
164
|
+
},
|
|
165
|
+
{
|
|
166
|
+
method: 'GET',
|
|
167
|
+
path: '/auth/sessions',
|
|
168
|
+
handler: 'auth.getSessions',
|
|
169
|
+
config: {
|
|
170
|
+
prefix: ''
|
|
171
|
+
}
|
|
172
|
+
},
|
|
173
|
+
{
|
|
174
|
+
method: 'DELETE',
|
|
175
|
+
path: '/auth/sessions/:sessionId',
|
|
176
|
+
handler: 'auth.revokeSession',
|
|
177
|
+
config: {
|
|
178
|
+
prefix: ''
|
|
179
|
+
}
|
|
164
180
|
}
|
|
165
181
|
];
|
|
166
182
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.js","sources":["../../../../server/routes/content-api/auth.js"],"sourcesContent":["'use strict';\n\nconst { UsersPermissionsRouteValidator } = require('./validation');\n\nmodule.exports = (strapi) => {\n const validator = new UsersPermissionsRouteValidator(strapi);\n\n return [\n {\n method: 'GET',\n path: '/connect/(.*)',\n handler: 'auth.connect',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n },\n {\n method: 'POST',\n path: '/auth/local',\n handler: 'auth.callback',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.loginBodySchema },\n },\n response: validator.authResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/local/register',\n handler: 'auth.register',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.registerBodySchema },\n },\n response: validator.authRegisterResponseSchema,\n },\n {\n method: 'GET',\n path: '/auth/:provider/callback',\n handler: 'auth.callback',\n config: {\n prefix: '',\n },\n request: {\n params: {\n provider: validator.providerParam,\n },\n },\n response: validator.authResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/forgot-password',\n handler: 'auth.forgotPassword',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.forgotPasswordBodySchema },\n },\n response: validator.forgotPasswordResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/reset-password',\n handler: 'auth.resetPassword',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.resetPasswordBodySchema },\n },\n response: validator.authResponseSchema,\n },\n {\n method: 'GET',\n path: '/auth/email-confirmation',\n handler: 'auth.emailConfirmation',\n config: {\n prefix: '',\n },\n },\n {\n method: 'POST',\n path: '/auth/send-email-confirmation',\n handler: 'auth.sendEmailConfirmation',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.sendEmailConfirmationBodySchema },\n },\n response: validator.sendEmailConfirmationResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/change-password',\n handler: 'auth.changePassword',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.changePasswordBodySchema },\n },\n response: validator.authResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/refresh',\n handler: 'auth.refresh',\n config: { prefix: '' },\n },\n {\n method: 'POST',\n path: '/auth/logout',\n handler: 'auth.logout',\n config: { prefix: '' },\n },\n ];\n};\n"],"names":["UsersPermissionsRouteValidator","require$$0","auth","strapi","validator","method","path","handler","config","middlewares","prefix","request","body","loginBodySchema","response","authResponseSchema","registerBodySchema","authRegisterResponseSchema","params","provider","providerParam","forgotPasswordBodySchema","forgotPasswordResponseSchema","resetPasswordBodySchema","sendEmailConfirmationBodySchema","sendEmailConfirmationResponseSchema","changePasswordBodySchema"],"mappings":";;;;;;;;;IAEA,MAAM,EAAEA,8BAA8B,EAAE,GAAGC,oBAAAA,EAAAA;AAE3CC,IAAAA,IAAAA,GAAiB,CAACC,MAAAA,GAAAA;QAChB,MAAMC,SAAAA,GAAY,IAAIJ,8BAAAA,CAA+BG,MAAAA,CAAAA;QAErD,OAAO;AACL,YAAA;gBACEE,MAAAA,EAAQ,KAAA;gBACRC,IAAAA,EAAM,eAAA;gBACNC,OAAAA,EAAS,cAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB;AACA,aAAA;AACI,YAAA;gBACEL,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,aAAA;gBACNC,OAAAA,EAAS,eAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUS;AAAe;AAC7D,iBAAA;AACMC,gBAAAA,QAAAA,EAAUV,UAAUW;AAC1B,aAAA;AACI,YAAA;gBACEV,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,sBAAA;gBACNC,OAAAA,EAAS,eAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUY;AAAkB;AAChE,iBAAA;AACMF,gBAAAA,QAAAA,EAAUV,UAAUa;AAC1B,aAAA;AACI,YAAA;gBACEZ,MAAAA,EAAQ,KAAA;gBACRC,IAAAA,EAAM,0BAAA;gBACNC,OAAAA,EAAS,eAAA;gBACTC,MAAAA,EAAQ;oBACNE,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPO,MAAAA,EAAQ;AACNC,wBAAAA,QAAAA,EAAUf,UAAUgB;AAC9B;AACA,iBAAA;AACMN,gBAAAA,QAAAA,EAAUV,UAAUW;AAC1B,aAAA;AACI,YAAA;gBACEV,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,uBAAA;gBACNC,OAAAA,EAAS,qBAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUiB;AAAwB;AACtE,iBAAA;AACMP,gBAAAA,QAAAA,EAAUV,UAAUkB;AAC1B,aAAA;AACI,YAAA;gBACEjB,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,sBAAA;gBACNC,OAAAA,EAAS,oBAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUmB;AAAuB;AACrE,iBAAA;AACMT,gBAAAA,QAAAA,EAAUV,UAAUW;AAC1B,aAAA;AACI,YAAA;gBACEV,MAAAA,EAAQ,KAAA;gBACRC,IAAAA,EAAM,0BAAA;gBACNC,OAAAA,EAAS,wBAAA;gBACTC,MAAAA,EAAQ;oBACNE,MAAAA,EAAQ;AAChB;AACA,aAAA;AACI,YAAA;gBACEL,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,+BAAA;gBACNC,OAAAA,EAAS,4BAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUoB;AAA+B;AAC7E,iBAAA;AACMV,gBAAAA,QAAAA,EAAUV,UAAUqB;AAC1B,aAAA;AACI,YAAA;gBACEpB,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,uBAAA;gBACNC,OAAAA,EAAS,qBAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUsB;AAAwB;AACtE,iBAAA;AACMZ,gBAAAA,QAAAA,EAAUV,UAAUW;AAC1B,aAAA;AACI,YAAA;gBACEV,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,eAAA;gBACNC,OAAAA,EAAS,cAAA;gBACTC,MAAAA,EAAQ;oBAAEE,MAAAA,EAAQ;AAAE;AAC1B,aAAA;AACI,YAAA;gBACEL,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,cAAA;gBACNC,OAAAA,EAAS,aAAA;gBACTC,MAAAA,EAAQ;oBAAEE,MAAAA,EAAQ;AAAE;AAC1B;AACG,SAAA;AACH,IAAA,CAAA;;;;;;"}
|
|
1
|
+
{"version":3,"file":"auth.js","sources":["../../../../server/routes/content-api/auth.js"],"sourcesContent":["'use strict';\n\nconst { UsersPermissionsRouteValidator } = require('./validation');\n\nmodule.exports = (strapi) => {\n const validator = new UsersPermissionsRouteValidator(strapi);\n\n return [\n {\n method: 'GET',\n path: '/connect/(.*)',\n handler: 'auth.connect',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n },\n {\n method: 'POST',\n path: '/auth/local',\n handler: 'auth.callback',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.loginBodySchema },\n },\n response: validator.authResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/local/register',\n handler: 'auth.register',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.registerBodySchema },\n },\n response: validator.authRegisterResponseSchema,\n },\n {\n method: 'GET',\n path: '/auth/:provider/callback',\n handler: 'auth.callback',\n config: {\n prefix: '',\n },\n request: {\n params: {\n provider: validator.providerParam,\n },\n },\n response: validator.authResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/forgot-password',\n handler: 'auth.forgotPassword',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.forgotPasswordBodySchema },\n },\n response: validator.forgotPasswordResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/reset-password',\n handler: 'auth.resetPassword',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.resetPasswordBodySchema },\n },\n response: validator.authResponseSchema,\n },\n {\n method: 'GET',\n path: '/auth/email-confirmation',\n handler: 'auth.emailConfirmation',\n config: {\n prefix: '',\n },\n },\n {\n method: 'POST',\n path: '/auth/send-email-confirmation',\n handler: 'auth.sendEmailConfirmation',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.sendEmailConfirmationBodySchema },\n },\n response: validator.sendEmailConfirmationResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/change-password',\n handler: 'auth.changePassword',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.changePasswordBodySchema },\n },\n response: validator.authResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/refresh',\n handler: 'auth.refresh',\n config: { prefix: '' },\n },\n {\n method: 'POST',\n path: '/auth/logout',\n handler: 'auth.logout',\n config: { prefix: '' },\n },\n {\n method: 'GET',\n path: '/auth/sessions',\n handler: 'auth.getSessions',\n config: { prefix: '' },\n },\n {\n method: 'DELETE',\n path: '/auth/sessions/:sessionId',\n handler: 'auth.revokeSession',\n config: { prefix: '' },\n },\n ];\n};\n"],"names":["UsersPermissionsRouteValidator","require$$0","auth","strapi","validator","method","path","handler","config","middlewares","prefix","request","body","loginBodySchema","response","authResponseSchema","registerBodySchema","authRegisterResponseSchema","params","provider","providerParam","forgotPasswordBodySchema","forgotPasswordResponseSchema","resetPasswordBodySchema","sendEmailConfirmationBodySchema","sendEmailConfirmationResponseSchema","changePasswordBodySchema"],"mappings":";;;;;;;;;IAEA,MAAM,EAAEA,8BAA8B,EAAE,GAAGC,oBAAAA,EAAAA;AAE3CC,IAAAA,IAAAA,GAAiB,CAACC,MAAAA,GAAAA;QAChB,MAAMC,SAAAA,GAAY,IAAIJ,8BAAAA,CAA+BG,MAAAA,CAAAA;QAErD,OAAO;AACL,YAAA;gBACEE,MAAAA,EAAQ,KAAA;gBACRC,IAAAA,EAAM,eAAA;gBACNC,OAAAA,EAAS,cAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB;AACA,aAAA;AACI,YAAA;gBACEL,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,aAAA;gBACNC,OAAAA,EAAS,eAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUS;AAAe;AAC7D,iBAAA;AACMC,gBAAAA,QAAAA,EAAUV,UAAUW;AAC1B,aAAA;AACI,YAAA;gBACEV,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,sBAAA;gBACNC,OAAAA,EAAS,eAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUY;AAAkB;AAChE,iBAAA;AACMF,gBAAAA,QAAAA,EAAUV,UAAUa;AAC1B,aAAA;AACI,YAAA;gBACEZ,MAAAA,EAAQ,KAAA;gBACRC,IAAAA,EAAM,0BAAA;gBACNC,OAAAA,EAAS,eAAA;gBACTC,MAAAA,EAAQ;oBACNE,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPO,MAAAA,EAAQ;AACNC,wBAAAA,QAAAA,EAAUf,UAAUgB;AAC9B;AACA,iBAAA;AACMN,gBAAAA,QAAAA,EAAUV,UAAUW;AAC1B,aAAA;AACI,YAAA;gBACEV,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,uBAAA;gBACNC,OAAAA,EAAS,qBAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUiB;AAAwB;AACtE,iBAAA;AACMP,gBAAAA,QAAAA,EAAUV,UAAUkB;AAC1B,aAAA;AACI,YAAA;gBACEjB,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,sBAAA;gBACNC,OAAAA,EAAS,oBAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUmB;AAAuB;AACrE,iBAAA;AACMT,gBAAAA,QAAAA,EAAUV,UAAUW;AAC1B,aAAA;AACI,YAAA;gBACEV,MAAAA,EAAQ,KAAA;gBACRC,IAAAA,EAAM,0BAAA;gBACNC,OAAAA,EAAS,wBAAA;gBACTC,MAAAA,EAAQ;oBACNE,MAAAA,EAAQ;AAChB;AACA,aAAA;AACI,YAAA;gBACEL,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,+BAAA;gBACNC,OAAAA,EAAS,4BAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUoB;AAA+B;AAC7E,iBAAA;AACMV,gBAAAA,QAAAA,EAAUV,UAAUqB;AAC1B,aAAA;AACI,YAAA;gBACEpB,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,uBAAA;gBACNC,OAAAA,EAAS,qBAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUsB;AAAwB;AACtE,iBAAA;AACMZ,gBAAAA,QAAAA,EAAUV,UAAUW;AAC1B,aAAA;AACI,YAAA;gBACEV,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,eAAA;gBACNC,OAAAA,EAAS,cAAA;gBACTC,MAAAA,EAAQ;oBAAEE,MAAAA,EAAQ;AAAE;AAC1B,aAAA;AACI,YAAA;gBACEL,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,cAAA;gBACNC,OAAAA,EAAS,aAAA;gBACTC,MAAAA,EAAQ;oBAAEE,MAAAA,EAAQ;AAAE;AAC1B,aAAA;AACI,YAAA;gBACEL,MAAAA,EAAQ,KAAA;gBACRC,IAAAA,EAAM,gBAAA;gBACNC,OAAAA,EAAS,kBAAA;gBACTC,MAAAA,EAAQ;oBAAEE,MAAAA,EAAQ;AAAE;AAC1B,aAAA;AACI,YAAA;gBACEL,MAAAA,EAAQ,QAAA;gBACRC,IAAAA,EAAM,2BAAA;gBACNC,OAAAA,EAAS,oBAAA;gBACTC,MAAAA,EAAQ;oBAAEE,MAAAA,EAAQ;AAAE;AAC1B;AACG,SAAA;AACH,IAAA,CAAA;;;;;;"}
|
|
@@ -159,6 +159,22 @@ function requireAuth() {
|
|
|
159
159
|
config: {
|
|
160
160
|
prefix: ''
|
|
161
161
|
}
|
|
162
|
+
},
|
|
163
|
+
{
|
|
164
|
+
method: 'GET',
|
|
165
|
+
path: '/auth/sessions',
|
|
166
|
+
handler: 'auth.getSessions',
|
|
167
|
+
config: {
|
|
168
|
+
prefix: ''
|
|
169
|
+
}
|
|
170
|
+
},
|
|
171
|
+
{
|
|
172
|
+
method: 'DELETE',
|
|
173
|
+
path: '/auth/sessions/:sessionId',
|
|
174
|
+
handler: 'auth.revokeSession',
|
|
175
|
+
config: {
|
|
176
|
+
prefix: ''
|
|
177
|
+
}
|
|
162
178
|
}
|
|
163
179
|
];
|
|
164
180
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.mjs","sources":["../../../../server/routes/content-api/auth.js"],"sourcesContent":["'use strict';\n\nconst { UsersPermissionsRouteValidator } = require('./validation');\n\nmodule.exports = (strapi) => {\n const validator = new UsersPermissionsRouteValidator(strapi);\n\n return [\n {\n method: 'GET',\n path: '/connect/(.*)',\n handler: 'auth.connect',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n },\n {\n method: 'POST',\n path: '/auth/local',\n handler: 'auth.callback',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.loginBodySchema },\n },\n response: validator.authResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/local/register',\n handler: 'auth.register',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.registerBodySchema },\n },\n response: validator.authRegisterResponseSchema,\n },\n {\n method: 'GET',\n path: '/auth/:provider/callback',\n handler: 'auth.callback',\n config: {\n prefix: '',\n },\n request: {\n params: {\n provider: validator.providerParam,\n },\n },\n response: validator.authResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/forgot-password',\n handler: 'auth.forgotPassword',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.forgotPasswordBodySchema },\n },\n response: validator.forgotPasswordResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/reset-password',\n handler: 'auth.resetPassword',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.resetPasswordBodySchema },\n },\n response: validator.authResponseSchema,\n },\n {\n method: 'GET',\n path: '/auth/email-confirmation',\n handler: 'auth.emailConfirmation',\n config: {\n prefix: '',\n },\n },\n {\n method: 'POST',\n path: '/auth/send-email-confirmation',\n handler: 'auth.sendEmailConfirmation',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.sendEmailConfirmationBodySchema },\n },\n response: validator.sendEmailConfirmationResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/change-password',\n handler: 'auth.changePassword',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.changePasswordBodySchema },\n },\n response: validator.authResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/refresh',\n handler: 'auth.refresh',\n config: { prefix: '' },\n },\n {\n method: 'POST',\n path: '/auth/logout',\n handler: 'auth.logout',\n config: { prefix: '' },\n },\n ];\n};\n"],"names":["UsersPermissionsRouteValidator","require$$0","auth","strapi","validator","method","path","handler","config","middlewares","prefix","request","body","loginBodySchema","response","authResponseSchema","registerBodySchema","authRegisterResponseSchema","params","provider","providerParam","forgotPasswordBodySchema","forgotPasswordResponseSchema","resetPasswordBodySchema","sendEmailConfirmationBodySchema","sendEmailConfirmationResponseSchema","changePasswordBodySchema"],"mappings":";;;;;;;IAEA,MAAM,EAAEA,8BAA8B,EAAE,GAAGC,iBAAAA,EAAAA;AAE3CC,IAAAA,IAAAA,GAAiB,CAACC,MAAAA,GAAAA;QAChB,MAAMC,SAAAA,GAAY,IAAIJ,8BAAAA,CAA+BG,MAAAA,CAAAA;QAErD,OAAO;AACL,YAAA;gBACEE,MAAAA,EAAQ,KAAA;gBACRC,IAAAA,EAAM,eAAA;gBACNC,OAAAA,EAAS,cAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB;AACA,aAAA;AACI,YAAA;gBACEL,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,aAAA;gBACNC,OAAAA,EAAS,eAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUS;AAAe;AAC7D,iBAAA;AACMC,gBAAAA,QAAAA,EAAUV,UAAUW;AAC1B,aAAA;AACI,YAAA;gBACEV,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,sBAAA;gBACNC,OAAAA,EAAS,eAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUY;AAAkB;AAChE,iBAAA;AACMF,gBAAAA,QAAAA,EAAUV,UAAUa;AAC1B,aAAA;AACI,YAAA;gBACEZ,MAAAA,EAAQ,KAAA;gBACRC,IAAAA,EAAM,0BAAA;gBACNC,OAAAA,EAAS,eAAA;gBACTC,MAAAA,EAAQ;oBACNE,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPO,MAAAA,EAAQ;AACNC,wBAAAA,QAAAA,EAAUf,UAAUgB;AAC9B;AACA,iBAAA;AACMN,gBAAAA,QAAAA,EAAUV,UAAUW;AAC1B,aAAA;AACI,YAAA;gBACEV,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,uBAAA;gBACNC,OAAAA,EAAS,qBAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUiB;AAAwB;AACtE,iBAAA;AACMP,gBAAAA,QAAAA,EAAUV,UAAUkB;AAC1B,aAAA;AACI,YAAA;gBACEjB,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,sBAAA;gBACNC,OAAAA,EAAS,oBAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUmB;AAAuB;AACrE,iBAAA;AACMT,gBAAAA,QAAAA,EAAUV,UAAUW;AAC1B,aAAA;AACI,YAAA;gBACEV,MAAAA,EAAQ,KAAA;gBACRC,IAAAA,EAAM,0BAAA;gBACNC,OAAAA,EAAS,wBAAA;gBACTC,MAAAA,EAAQ;oBACNE,MAAAA,EAAQ;AAChB;AACA,aAAA;AACI,YAAA;gBACEL,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,+BAAA;gBACNC,OAAAA,EAAS,4BAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUoB;AAA+B;AAC7E,iBAAA;AACMV,gBAAAA,QAAAA,EAAUV,UAAUqB;AAC1B,aAAA;AACI,YAAA;gBACEpB,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,uBAAA;gBACNC,OAAAA,EAAS,qBAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUsB;AAAwB;AACtE,iBAAA;AACMZ,gBAAAA,QAAAA,EAAUV,UAAUW;AAC1B,aAAA;AACI,YAAA;gBACEV,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,eAAA;gBACNC,OAAAA,EAAS,cAAA;gBACTC,MAAAA,EAAQ;oBAAEE,MAAAA,EAAQ;AAAE;AAC1B,aAAA;AACI,YAAA;gBACEL,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,cAAA;gBACNC,OAAAA,EAAS,aAAA;gBACTC,MAAAA,EAAQ;oBAAEE,MAAAA,EAAQ;AAAE;AAC1B;AACG,SAAA;AACH,IAAA,CAAA;;;;;;"}
|
|
1
|
+
{"version":3,"file":"auth.mjs","sources":["../../../../server/routes/content-api/auth.js"],"sourcesContent":["'use strict';\n\nconst { UsersPermissionsRouteValidator } = require('./validation');\n\nmodule.exports = (strapi) => {\n const validator = new UsersPermissionsRouteValidator(strapi);\n\n return [\n {\n method: 'GET',\n path: '/connect/(.*)',\n handler: 'auth.connect',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n },\n {\n method: 'POST',\n path: '/auth/local',\n handler: 'auth.callback',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.loginBodySchema },\n },\n response: validator.authResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/local/register',\n handler: 'auth.register',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.registerBodySchema },\n },\n response: validator.authRegisterResponseSchema,\n },\n {\n method: 'GET',\n path: '/auth/:provider/callback',\n handler: 'auth.callback',\n config: {\n prefix: '',\n },\n request: {\n params: {\n provider: validator.providerParam,\n },\n },\n response: validator.authResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/forgot-password',\n handler: 'auth.forgotPassword',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.forgotPasswordBodySchema },\n },\n response: validator.forgotPasswordResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/reset-password',\n handler: 'auth.resetPassword',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.resetPasswordBodySchema },\n },\n response: validator.authResponseSchema,\n },\n {\n method: 'GET',\n path: '/auth/email-confirmation',\n handler: 'auth.emailConfirmation',\n config: {\n prefix: '',\n },\n },\n {\n method: 'POST',\n path: '/auth/send-email-confirmation',\n handler: 'auth.sendEmailConfirmation',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.sendEmailConfirmationBodySchema },\n },\n response: validator.sendEmailConfirmationResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/change-password',\n handler: 'auth.changePassword',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.changePasswordBodySchema },\n },\n response: validator.authResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/refresh',\n handler: 'auth.refresh',\n config: { prefix: '' },\n },\n {\n method: 'POST',\n path: '/auth/logout',\n handler: 'auth.logout',\n config: { prefix: '' },\n },\n {\n method: 'GET',\n path: '/auth/sessions',\n handler: 'auth.getSessions',\n config: { prefix: '' },\n },\n {\n method: 'DELETE',\n path: '/auth/sessions/:sessionId',\n handler: 'auth.revokeSession',\n config: { prefix: '' },\n },\n ];\n};\n"],"names":["UsersPermissionsRouteValidator","require$$0","auth","strapi","validator","method","path","handler","config","middlewares","prefix","request","body","loginBodySchema","response","authResponseSchema","registerBodySchema","authRegisterResponseSchema","params","provider","providerParam","forgotPasswordBodySchema","forgotPasswordResponseSchema","resetPasswordBodySchema","sendEmailConfirmationBodySchema","sendEmailConfirmationResponseSchema","changePasswordBodySchema"],"mappings":";;;;;;;IAEA,MAAM,EAAEA,8BAA8B,EAAE,GAAGC,iBAAAA,EAAAA;AAE3CC,IAAAA,IAAAA,GAAiB,CAACC,MAAAA,GAAAA;QAChB,MAAMC,SAAAA,GAAY,IAAIJ,8BAAAA,CAA+BG,MAAAA,CAAAA;QAErD,OAAO;AACL,YAAA;gBACEE,MAAAA,EAAQ,KAAA;gBACRC,IAAAA,EAAM,eAAA;gBACNC,OAAAA,EAAS,cAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB;AACA,aAAA;AACI,YAAA;gBACEL,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,aAAA;gBACNC,OAAAA,EAAS,eAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUS;AAAe;AAC7D,iBAAA;AACMC,gBAAAA,QAAAA,EAAUV,UAAUW;AAC1B,aAAA;AACI,YAAA;gBACEV,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,sBAAA;gBACNC,OAAAA,EAAS,eAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUY;AAAkB;AAChE,iBAAA;AACMF,gBAAAA,QAAAA,EAAUV,UAAUa;AAC1B,aAAA;AACI,YAAA;gBACEZ,MAAAA,EAAQ,KAAA;gBACRC,IAAAA,EAAM,0BAAA;gBACNC,OAAAA,EAAS,eAAA;gBACTC,MAAAA,EAAQ;oBACNE,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPO,MAAAA,EAAQ;AACNC,wBAAAA,QAAAA,EAAUf,UAAUgB;AAC9B;AACA,iBAAA;AACMN,gBAAAA,QAAAA,EAAUV,UAAUW;AAC1B,aAAA;AACI,YAAA;gBACEV,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,uBAAA;gBACNC,OAAAA,EAAS,qBAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUiB;AAAwB;AACtE,iBAAA;AACMP,gBAAAA,QAAAA,EAAUV,UAAUkB;AAC1B,aAAA;AACI,YAAA;gBACEjB,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,sBAAA;gBACNC,OAAAA,EAAS,oBAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUmB;AAAuB;AACrE,iBAAA;AACMT,gBAAAA,QAAAA,EAAUV,UAAUW;AAC1B,aAAA;AACI,YAAA;gBACEV,MAAAA,EAAQ,KAAA;gBACRC,IAAAA,EAAM,0BAAA;gBACNC,OAAAA,EAAS,wBAAA;gBACTC,MAAAA,EAAQ;oBACNE,MAAAA,EAAQ;AAChB;AACA,aAAA;AACI,YAAA;gBACEL,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,+BAAA;gBACNC,OAAAA,EAAS,4BAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUoB;AAA+B;AAC7E,iBAAA;AACMV,gBAAAA,QAAAA,EAAUV,UAAUqB;AAC1B,aAAA;AACI,YAAA;gBACEpB,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,uBAAA;gBACNC,OAAAA,EAAS,qBAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUsB;AAAwB;AACtE,iBAAA;AACMZ,gBAAAA,QAAAA,EAAUV,UAAUW;AAC1B,aAAA;AACI,YAAA;gBACEV,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,eAAA;gBACNC,OAAAA,EAAS,cAAA;gBACTC,MAAAA,EAAQ;oBAAEE,MAAAA,EAAQ;AAAE;AAC1B,aAAA;AACI,YAAA;gBACEL,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,cAAA;gBACNC,OAAAA,EAAS,aAAA;gBACTC,MAAAA,EAAQ;oBAAEE,MAAAA,EAAQ;AAAE;AAC1B,aAAA;AACI,YAAA;gBACEL,MAAAA,EAAQ,KAAA;gBACRC,IAAAA,EAAM,gBAAA;gBACNC,OAAAA,EAAS,kBAAA;gBACTC,MAAAA,EAAQ;oBAAEE,MAAAA,EAAQ;AAAE;AAC1B,aAAA;AACI,YAAA;gBACEL,MAAAA,EAAQ,QAAA;gBACRC,IAAAA,EAAM,2BAAA;gBACNC,OAAAA,EAAS,oBAAA;gBACTC,MAAAA,EAAQ;oBAAEE,MAAAA,EAAQ;AAAE;AAC1B;AACG,SAAA;AACH,IAAA,CAAA;;;;;;"}
|
|
@@ -15,6 +15,33 @@ function requireValidation() {
|
|
|
15
15
|
hasRequiredValidation = 1;
|
|
16
16
|
const { AbstractRouteValidator } = require$$1__default.default;
|
|
17
17
|
const z = require$$1__default$1.default;
|
|
18
|
+
// A single role relation entry, referenced by numeric `id` (legacy) or by
|
|
19
|
+
// `documentId` (the v5 default), but must carry at least one of them. The
|
|
20
|
+
// detailed rules (min one role on create, cannot remove the last role on
|
|
21
|
+
// update) stay in the Yup controller validator.
|
|
22
|
+
const roleRelationEntry = z.object({
|
|
23
|
+
id: z.union([
|
|
24
|
+
z.number(),
|
|
25
|
+
z.string()
|
|
26
|
+
]).optional(),
|
|
27
|
+
documentId: z.string().optional()
|
|
28
|
+
}).refine((entry)=>entry.id != null || entry.documentId != null, {
|
|
29
|
+
message: 'Relation entry must include an id or documentId'
|
|
30
|
+
});
|
|
31
|
+
// The `role` relation input: shorthand scalar (numeric id or documentId) or the
|
|
32
|
+
// longhand connect/disconnect object, matching every other v5 relation. The
|
|
33
|
+
// object form must carry at least one of connect/disconnect (an empty object is
|
|
34
|
+
// a no-op and almost certainly a mistake).
|
|
35
|
+
const roleRelationInput = z.union([
|
|
36
|
+
z.number(),
|
|
37
|
+
z.string(),
|
|
38
|
+
z.object({
|
|
39
|
+
connect: z.array(roleRelationEntry).optional(),
|
|
40
|
+
disconnect: z.array(roleRelationEntry).optional()
|
|
41
|
+
}).refine((input)=>input.connect != null || input.disconnect != null, {
|
|
42
|
+
message: 'Relation input must include connect or disconnect'
|
|
43
|
+
})
|
|
44
|
+
]);
|
|
18
45
|
class UsersPermissionsRouteValidator extends AbstractRouteValidator {
|
|
19
46
|
get userSchema() {
|
|
20
47
|
return z.object({
|
|
@@ -171,7 +198,7 @@ function requireValidation() {
|
|
|
171
198
|
username: z.string(),
|
|
172
199
|
email: z.email(),
|
|
173
200
|
password: z.string(),
|
|
174
|
-
role:
|
|
201
|
+
role: roleRelationInput.optional()
|
|
175
202
|
});
|
|
176
203
|
}
|
|
177
204
|
get updateUserBodySchema() {
|
|
@@ -179,7 +206,7 @@ function requireValidation() {
|
|
|
179
206
|
username: z.string().optional(),
|
|
180
207
|
email: z.email().optional(),
|
|
181
208
|
password: z.string().optional(),
|
|
182
|
-
role:
|
|
209
|
+
role: roleRelationInput.optional()
|
|
183
210
|
});
|
|
184
211
|
}
|
|
185
212
|
get createRoleBodySchema() {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"validation.js","sources":["../../../../server/routes/content-api/validation.js"],"sourcesContent":["'use strict';\n\nconst { AbstractRouteValidator } = require('@strapi/utils');\nconst z = require('zod/v4');\n\nclass UsersPermissionsRouteValidator extends AbstractRouteValidator {\n constructor(strapi) {\n super();\n this._strapi = strapi;\n }\n\n get userSchema() {\n return z.object({\n id: z.number(),\n documentId: z.string(),\n username: z.string(),\n email: z.string(),\n provider: z.string(),\n confirmed: z.boolean(),\n blocked: z.boolean(),\n role: z\n .union([\n z.number(),\n z.object({\n id: z.number(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n createdAt: z.string(),\n updatedAt: z.string(),\n }),\n ])\n .optional(),\n createdAt: z.string(),\n updatedAt: z.string(),\n publishedAt: z.string(),\n });\n }\n\n get roleSchema() {\n return z.object({\n id: z.number(),\n documentId: z.string(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n createdAt: z.string(),\n updatedAt: z.string(),\n publishedAt: z.string(),\n nb_users: z.number().optional(),\n permissions: z\n .record(\n z.string(), // plugin name\n z.object({\n controllers: z.record(\n z.string(), // controller name\n z.record(\n z.string(), // action name\n z.object({\n enabled: z.boolean(),\n policy: z.string(),\n })\n )\n ),\n })\n )\n .optional(),\n users: z.array(z.unknown()).optional(),\n });\n }\n\n get permissionSchema() {\n return z.object({\n id: z.number(),\n action: z.string(),\n role: z.object({\n id: z.number(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n }),\n createdAt: z.string(),\n updatedAt: z.string(),\n });\n }\n\n get authResponseSchema() {\n return z.object({\n jwt: z.string(),\n refreshToken: z.string().optional(),\n user: this.userSchema,\n });\n }\n\n get authResponseWithoutJwtSchema() {\n return z.object({\n user: this.userSchema,\n });\n }\n\n get authRegisterResponseSchema() {\n return z.union([this.authResponseSchema, this.authResponseWithoutJwtSchema]);\n }\n\n get forgotPasswordResponseSchema() {\n return z.object({\n ok: z.boolean(),\n });\n }\n\n get sendEmailConfirmationResponseSchema() {\n return z.object({\n email: z.string(),\n sent: z.boolean(),\n });\n }\n\n get rolesResponseSchema() {\n return z.object({\n roles: z.array(this.roleSchema),\n });\n }\n\n get roleResponseSchema() {\n return z.object({\n role: this.roleSchema,\n });\n }\n\n get roleSuccessResponseSchema() {\n return z.object({\n ok: z.boolean(),\n });\n }\n\n get permissionsResponseSchema() {\n return z.object({\n permissions: z.record(\n z.string(), // plugin name\n z.object({\n controllers: z.record(\n z.string(), // controller name\n z.record(\n z.string(), // action name\n z.object({\n enabled: z.boolean(),\n policy: z.string(),\n })\n )\n ),\n })\n ),\n });\n }\n\n get loginBodySchema() {\n return z.object({\n identifier: z.string(),\n password: z.string(),\n });\n }\n\n get registerBodySchema() {\n return z.object({\n username: z.string(),\n email: z.email(),\n password: z.string(),\n });\n }\n\n get forgotPasswordBodySchema() {\n return z.object({\n email: z.email(),\n });\n }\n\n get resetPasswordBodySchema() {\n return z.object({\n code: z.string(),\n password: z.string(),\n passwordConfirmation: z.string(),\n });\n }\n\n get changePasswordBodySchema() {\n return z.object({\n currentPassword: z.string(),\n password: z.string(),\n passwordConfirmation: z.string(),\n });\n }\n\n get sendEmailConfirmationBodySchema() {\n return z.object({\n email: z.email(),\n });\n }\n\n get createUserBodySchema() {\n return z.object({\n username: z.string(),\n email: z.email(),\n password: z.string(),\n role: z.number().optional(),\n });\n }\n\n get updateUserBodySchema() {\n return z.object({\n username: z.string().optional(),\n email: z.email().optional(),\n password: z.string().optional(),\n role: z.number().optional(),\n });\n }\n\n get createRoleBodySchema() {\n return z.object({\n name: z.string(),\n description: z.string().optional(),\n type: z.string(),\n permissions: z.record(z.string(), z.unknown()).optional(),\n });\n }\n\n get updateRoleBodySchema() {\n return z.object({\n name: z.string().optional(),\n description: z.string().optional(),\n type: z.string().optional(),\n permissions: z.record(z.string(), z.unknown()).optional(),\n });\n }\n\n get userIdParam() {\n return z.string();\n }\n\n get roleIdParam() {\n return z.string();\n }\n\n get providerParam() {\n return z.string();\n }\n}\n\nmodule.exports = {\n UsersPermissionsRouteValidator,\n};\n"],"names":["AbstractRouteValidator","require$$0","z","require$$1","UsersPermissionsRouteValidator","userSchema","object","id","number","documentId","string","username","email","provider","confirmed","boolean","blocked","role","union","name","description","nullable","type","createdAt","updatedAt","optional","publishedAt","roleSchema","nb_users","permissions","record","controllers","enabled","policy","users","array","unknown","permissionSchema","action","authResponseSchema","jwt","refreshToken","user","authResponseWithoutJwtSchema","authRegisterResponseSchema","forgotPasswordResponseSchema","ok","sendEmailConfirmationResponseSchema","sent","rolesResponseSchema","roles","roleResponseSchema","roleSuccessResponseSchema","permissionsResponseSchema","loginBodySchema","identifier","password","registerBodySchema","forgotPasswordBodySchema","resetPasswordBodySchema","code","passwordConfirmation","changePasswordBodySchema","currentPassword","sendEmailConfirmationBodySchema","createUserBodySchema","updateUserBodySchema","createRoleBodySchema","updateRoleBodySchema","userIdParam","roleIdParam","providerParam","strapi","_strapi","validation"],"mappings":";;;;;;;;;;;;;;;IAEA,MAAM,EAAEA,sBAAsB,EAAE,GAAGC,2BAAAA;AACnC,IAAA,MAAMC,CAAAA,GAAIC,6BAAAA;AAEV,IAAA,MAAMC,8BAAAA,SAAuCJ,sBAAAA,CAAAA;AAM3C,QAAA,IAAIK,UAAAA,GAAa;YACf,OAAOH,CAAAA,CAAEI,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIL,EAAEM,MAAM,EAAA;AACZC,gBAAAA,UAAAA,EAAYP,EAAEQ,MAAM,EAAA;AACpBC,gBAAAA,QAAAA,EAAUT,EAAEQ,MAAM,EAAA;AAClBE,gBAAAA,KAAAA,EAAOV,EAAEQ,MAAM,EAAA;AACfG,gBAAAA,QAAAA,EAAUX,EAAEQ,MAAM,EAAA;AAClBI,gBAAAA,SAAAA,EAAWZ,EAAEa,OAAO,EAAA;AACpBC,gBAAAA,OAAAA,EAASd,EAAEa,OAAO,EAAA;gBAClBE,IAAAA,EAAMf,CAAAA,CACHgB,KAAK,CAAC;AACLhB,oBAAAA,CAAAA,CAAEM,MAAM,EAAA;AACRN,oBAAAA,CAAAA,CAAEI,MAAM,CAAC;AACPC,wBAAAA,EAAAA,EAAIL,EAAEM,MAAM,EAAA;AACZW,wBAAAA,IAAAA,EAAMjB,EAAEQ,MAAM,EAAA;wBACdU,WAAAA,EAAalB,CAAAA,CAAEQ,MAAM,EAAA,CAAGW,QAAQ,EAAA;AAChCC,wBAAAA,IAAAA,EAAMpB,EAAEQ,MAAM,EAAA;AACda,wBAAAA,SAAAA,EAAWrB,EAAEQ,MAAM,EAAA;AACnBc,wBAAAA,SAAAA,EAAWtB,EAAEQ,MAAM;AAC/B,qBAAA;AACS,iBAAA,CAAA,CACAe,QAAQ,EAAA;AACXF,gBAAAA,SAAAA,EAAWrB,EAAEQ,MAAM,EAAA;AACnBc,gBAAAA,SAAAA,EAAWtB,EAAEQ,MAAM,EAAA;AACnBgB,gBAAAA,WAAAA,EAAaxB,EAAEQ,MAAM;AAC3B,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIiB,UAAAA,GAAa;YACf,OAAOzB,CAAAA,CAAEI,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIL,EAAEM,MAAM,EAAA;AACZC,gBAAAA,UAAAA,EAAYP,EAAEQ,MAAM,EAAA;AACpBS,gBAAAA,IAAAA,EAAMjB,EAAEQ,MAAM,EAAA;gBACdU,WAAAA,EAAalB,CAAAA,CAAEQ,MAAM,EAAA,CAAGW,QAAQ,EAAA;AAChCC,gBAAAA,IAAAA,EAAMpB,EAAEQ,MAAM,EAAA;AACda,gBAAAA,SAAAA,EAAWrB,EAAEQ,MAAM,EAAA;AACnBc,gBAAAA,SAAAA,EAAWtB,EAAEQ,MAAM,EAAA;AACnBgB,gBAAAA,WAAAA,EAAaxB,EAAEQ,MAAM,EAAA;gBACrBkB,QAAAA,EAAU1B,CAAAA,CAAEM,MAAM,EAAA,CAAGiB,QAAQ,EAAA;gBAC7BI,WAAAA,EAAa3B,CAAAA,CACV4B,MAAM,CACL5B,CAAAA,CAAEQ,MAAM,EAAA,EACRR,CAAAA,CAAEI,MAAM,CAAC;AACPyB,oBAAAA,WAAAA,EAAa7B,CAAAA,CAAE4B,MAAM,CACnB5B,CAAAA,CAAEQ,MAAM,EAAA,EACRR,CAAAA,CAAE4B,MAAM,CACN5B,CAAAA,CAAEQ,MAAM,EAAA,EACRR,CAAAA,CAAEI,MAAM,CAAC;AACP0B,wBAAAA,OAAAA,EAAS9B,EAAEa,OAAO,EAAA;AAClBkB,wBAAAA,MAAAA,EAAQ/B,EAAEQ,MAAM;AAClC,qBAAA,CAAA,CAAA;AAGA,iBAAA,CAAA,CAAA,CAESe,QAAQ,EAAA;AACXS,gBAAAA,KAAAA,EAAOhC,EAAEiC,KAAK,CAACjC,CAAAA,CAAEkC,OAAO,IAAIX,QAAQ;AAC1C,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIY,gBAAAA,GAAmB;YACrB,OAAOnC,CAAAA,CAAEI,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIL,EAAEM,MAAM,EAAA;AACZ8B,gBAAAA,MAAAA,EAAQpC,EAAEQ,MAAM,EAAA;gBAChBO,IAAAA,EAAMf,CAAAA,CAAEI,MAAM,CAAC;AACbC,oBAAAA,EAAAA,EAAIL,EAAEM,MAAM,EAAA;AACZW,oBAAAA,IAAAA,EAAMjB,EAAEQ,MAAM,EAAA;oBACdU,WAAAA,EAAalB,CAAAA,CAAEQ,MAAM,EAAA,CAAGW,QAAQ,EAAA;AAChCC,oBAAAA,IAAAA,EAAMpB,EAAEQ,MAAM;AACtB,iBAAA,CAAA;AACMa,gBAAAA,SAAAA,EAAWrB,EAAEQ,MAAM,EAAA;AACnBc,gBAAAA,SAAAA,EAAWtB,EAAEQ,MAAM;AACzB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI6B,kBAAAA,GAAqB;YACvB,OAAOrC,CAAAA,CAAEI,MAAM,CAAC;AACdkC,gBAAAA,GAAAA,EAAKtC,EAAEQ,MAAM,EAAA;gBACb+B,YAAAA,EAAcvC,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBACjCiB,IAAAA,EAAM,IAAI,CAACrC;AACjB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIsC,4BAAAA,GAA+B;YACjC,OAAOzC,CAAAA,CAAEI,MAAM,CAAC;gBACdoC,IAAAA,EAAM,IAAI,CAACrC;AACjB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIuC,0BAAAA,GAA6B;YAC/B,OAAO1C,CAAAA,CAAEgB,KAAK,CAAC;AAAC,gBAAA,IAAI,CAACqB,kBAAkB;AAAE,gBAAA,IAAI,CAACI;AAA6B,aAAA,CAAA;AAC/E,QAAA;AAEE,QAAA,IAAIE,4BAAAA,GAA+B;YACjC,OAAO3C,CAAAA,CAAEI,MAAM,CAAC;AACdwC,gBAAAA,EAAAA,EAAI5C,EAAEa,OAAO;AACnB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIgC,mCAAAA,GAAsC;YACxC,OAAO7C,CAAAA,CAAEI,MAAM,CAAC;AACdM,gBAAAA,KAAAA,EAAOV,EAAEQ,MAAM,EAAA;AACfsC,gBAAAA,IAAAA,EAAM9C,EAAEa,OAAO;AACrB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIkC,mBAAAA,GAAsB;YACxB,OAAO/C,CAAAA,CAAEI,MAAM,CAAC;AACd4C,gBAAAA,KAAAA,EAAOhD,CAAAA,CAAEiC,KAAK,CAAC,IAAI,CAACR,UAAU;AACpC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIwB,kBAAAA,GAAqB;YACvB,OAAOjD,CAAAA,CAAEI,MAAM,CAAC;gBACdW,IAAAA,EAAM,IAAI,CAACU;AACjB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIyB,yBAAAA,GAA4B;YAC9B,OAAOlD,CAAAA,CAAEI,MAAM,CAAC;AACdwC,gBAAAA,EAAAA,EAAI5C,EAAEa,OAAO;AACnB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIsC,yBAAAA,GAA4B;YAC9B,OAAOnD,CAAAA,CAAEI,MAAM,CAAC;gBACduB,WAAAA,EAAa3B,CAAAA,CAAE4B,MAAM,CACnB5B,CAAAA,CAAEQ,MAAM,EAAA,EACRR,CAAAA,CAAEI,MAAM,CAAC;AACPyB,oBAAAA,WAAAA,EAAa7B,CAAAA,CAAE4B,MAAM,CACnB5B,CAAAA,CAAEQ,MAAM,EAAA,EACRR,CAAAA,CAAE4B,MAAM,CACN5B,CAAAA,CAAEQ,MAAM,EAAA,EACRR,CAAAA,CAAEI,MAAM,CAAC;AACP0B,wBAAAA,OAAAA,EAAS9B,EAAEa,OAAO,EAAA;AAClBkB,wBAAAA,MAAAA,EAAQ/B,EAAEQ,MAAM;AAChC,qBAAA,CAAA,CAAA;AAGA,iBAAA,CAAA;AAEA,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI4C,eAAAA,GAAkB;YACpB,OAAOpD,CAAAA,CAAEI,MAAM,CAAC;AACdiD,gBAAAA,UAAAA,EAAYrD,EAAEQ,MAAM,EAAA;AACpB8C,gBAAAA,QAAAA,EAAUtD,EAAEQ,MAAM;AACxB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI+C,kBAAAA,GAAqB;YACvB,OAAOvD,CAAAA,CAAEI,MAAM,CAAC;AACdK,gBAAAA,QAAAA,EAAUT,EAAEQ,MAAM,EAAA;AAClBE,gBAAAA,KAAAA,EAAOV,EAAEU,KAAK,EAAA;AACd4C,gBAAAA,QAAAA,EAAUtD,EAAEQ,MAAM;AACxB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIgD,wBAAAA,GAA2B;YAC7B,OAAOxD,CAAAA,CAAEI,MAAM,CAAC;AACdM,gBAAAA,KAAAA,EAAOV,EAAEU,KAAK;AACpB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI+C,uBAAAA,GAA0B;YAC5B,OAAOzD,CAAAA,CAAEI,MAAM,CAAC;AACdsD,gBAAAA,IAAAA,EAAM1D,EAAEQ,MAAM,EAAA;AACd8C,gBAAAA,QAAAA,EAAUtD,EAAEQ,MAAM,EAAA;AAClBmD,gBAAAA,oBAAAA,EAAsB3D,EAAEQ,MAAM;AACpC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIoD,wBAAAA,GAA2B;YAC7B,OAAO5D,CAAAA,CAAEI,MAAM,CAAC;AACdyD,gBAAAA,eAAAA,EAAiB7D,EAAEQ,MAAM,EAAA;AACzB8C,gBAAAA,QAAAA,EAAUtD,EAAEQ,MAAM,EAAA;AAClBmD,gBAAAA,oBAAAA,EAAsB3D,EAAEQ,MAAM;AACpC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIsD,+BAAAA,GAAkC;YACpC,OAAO9D,CAAAA,CAAEI,MAAM,CAAC;AACdM,gBAAAA,KAAAA,EAAOV,EAAEU,KAAK;AACpB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIqD,oBAAAA,GAAuB;YACzB,OAAO/D,CAAAA,CAAEI,MAAM,CAAC;AACdK,gBAAAA,QAAAA,EAAUT,EAAEQ,MAAM,EAAA;AAClBE,gBAAAA,KAAAA,EAAOV,EAAEU,KAAK,EAAA;AACd4C,gBAAAA,QAAAA,EAAUtD,EAAEQ,MAAM,EAAA;gBAClBO,IAAAA,EAAMf,CAAAA,CAAEM,MAAM,EAAA,CAAGiB,QAAQ;AAC/B,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIyC,oBAAAA,GAAuB;YACzB,OAAOhE,CAAAA,CAAEI,MAAM,CAAC;gBACdK,QAAAA,EAAUT,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBAC7Bb,KAAAA,EAAOV,CAAAA,CAAEU,KAAK,EAAA,CAAGa,QAAQ,EAAA;gBACzB+B,QAAAA,EAAUtD,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBAC7BR,IAAAA,EAAMf,CAAAA,CAAEM,MAAM,EAAA,CAAGiB,QAAQ;AAC/B,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI0C,oBAAAA,GAAuB;YACzB,OAAOjE,CAAAA,CAAEI,MAAM,CAAC;AACda,gBAAAA,IAAAA,EAAMjB,EAAEQ,MAAM,EAAA;gBACdU,WAAAA,EAAalB,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;AAChCH,gBAAAA,IAAAA,EAAMpB,EAAEQ,MAAM,EAAA;gBACdmB,WAAAA,EAAa3B,CAAAA,CAAE4B,MAAM,CAAC5B,CAAAA,CAAEQ,MAAM,EAAA,EAAIR,CAAAA,CAAEkC,OAAO,EAAA,CAAA,CAAIX,QAAQ;AAC7D,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI2C,oBAAAA,GAAuB;YACzB,OAAOlE,CAAAA,CAAEI,MAAM,CAAC;gBACda,IAAAA,EAAMjB,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBACzBL,WAAAA,EAAalB,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBAChCH,IAAAA,EAAMpB,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBACzBI,WAAAA,EAAa3B,CAAAA,CAAE4B,MAAM,CAAC5B,CAAAA,CAAEQ,MAAM,EAAA,EAAIR,CAAAA,CAAEkC,OAAO,EAAA,CAAA,CAAIX,QAAQ;AAC7D,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI4C,WAAAA,GAAc;AAChB,YAAA,OAAOnE,EAAEQ,MAAM,EAAA;AACnB,QAAA;AAEE,QAAA,IAAI4D,WAAAA,GAAc;AAChB,YAAA,OAAOpE,EAAEQ,MAAM,EAAA;AACnB,QAAA;AAEE,QAAA,IAAI6D,aAAAA,GAAgB;AAClB,YAAA,OAAOrE,EAAEQ,MAAM,EAAA;AACnB,QAAA;AA9OE,QAAA,WAAA,CAAY8D,MAAM,CAAE;YAClB,KAAK,EAAA;YACL,IAAI,CAACC,OAAO,GAAGD,MAAAA;AACnB,QAAA;AA4OA;IAEAE,UAAAA,GAAiB;AACftE,QAAAA;AACF,KAAA;;;;;;"}
|
|
1
|
+
{"version":3,"file":"validation.js","sources":["../../../../server/routes/content-api/validation.js"],"sourcesContent":["'use strict';\n\nconst { AbstractRouteValidator } = require('@strapi/utils');\nconst z = require('zod/v4');\n\n// A single role relation entry, referenced by numeric `id` (legacy) or by\n// `documentId` (the v5 default), but must carry at least one of them. The\n// detailed rules (min one role on create, cannot remove the last role on\n// update) stay in the Yup controller validator.\nconst roleRelationEntry = z\n .object({\n id: z.union([z.number(), z.string()]).optional(),\n documentId: z.string().optional(),\n })\n .refine((entry) => entry.id != null || entry.documentId != null, {\n message: 'Relation entry must include an id or documentId',\n });\n\n// The `role` relation input: shorthand scalar (numeric id or documentId) or the\n// longhand connect/disconnect object, matching every other v5 relation. The\n// object form must carry at least one of connect/disconnect (an empty object is\n// a no-op and almost certainly a mistake).\nconst roleRelationInput = z.union([\n z.number(),\n z.string(),\n z\n .object({\n connect: z.array(roleRelationEntry).optional(),\n disconnect: z.array(roleRelationEntry).optional(),\n })\n .refine((input) => input.connect != null || input.disconnect != null, {\n message: 'Relation input must include connect or disconnect',\n }),\n]);\n\nclass UsersPermissionsRouteValidator extends AbstractRouteValidator {\n constructor(strapi) {\n super();\n this._strapi = strapi;\n }\n\n get userSchema() {\n return z.object({\n id: z.number(),\n documentId: z.string(),\n username: z.string(),\n email: z.string(),\n provider: z.string(),\n confirmed: z.boolean(),\n blocked: z.boolean(),\n role: z\n .union([\n z.number(),\n z.object({\n id: z.number(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n createdAt: z.string(),\n updatedAt: z.string(),\n }),\n ])\n .optional(),\n createdAt: z.string(),\n updatedAt: z.string(),\n publishedAt: z.string(),\n });\n }\n\n get roleSchema() {\n return z.object({\n id: z.number(),\n documentId: z.string(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n createdAt: z.string(),\n updatedAt: z.string(),\n publishedAt: z.string(),\n nb_users: z.number().optional(),\n permissions: z\n .record(\n z.string(), // plugin name\n z.object({\n controllers: z.record(\n z.string(), // controller name\n z.record(\n z.string(), // action name\n z.object({\n enabled: z.boolean(),\n policy: z.string(),\n })\n )\n ),\n })\n )\n .optional(),\n users: z.array(z.unknown()).optional(),\n });\n }\n\n get permissionSchema() {\n return z.object({\n id: z.number(),\n action: z.string(),\n role: z.object({\n id: z.number(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n }),\n createdAt: z.string(),\n updatedAt: z.string(),\n });\n }\n\n get authResponseSchema() {\n return z.object({\n jwt: z.string(),\n refreshToken: z.string().optional(),\n user: this.userSchema,\n });\n }\n\n get authResponseWithoutJwtSchema() {\n return z.object({\n user: this.userSchema,\n });\n }\n\n get authRegisterResponseSchema() {\n return z.union([this.authResponseSchema, this.authResponseWithoutJwtSchema]);\n }\n\n get forgotPasswordResponseSchema() {\n return z.object({\n ok: z.boolean(),\n });\n }\n\n get sendEmailConfirmationResponseSchema() {\n return z.object({\n email: z.string(),\n sent: z.boolean(),\n });\n }\n\n get rolesResponseSchema() {\n return z.object({\n roles: z.array(this.roleSchema),\n });\n }\n\n get roleResponseSchema() {\n return z.object({\n role: this.roleSchema,\n });\n }\n\n get roleSuccessResponseSchema() {\n return z.object({\n ok: z.boolean(),\n });\n }\n\n get permissionsResponseSchema() {\n return z.object({\n permissions: z.record(\n z.string(), // plugin name\n z.object({\n controllers: z.record(\n z.string(), // controller name\n z.record(\n z.string(), // action name\n z.object({\n enabled: z.boolean(),\n policy: z.string(),\n })\n )\n ),\n })\n ),\n });\n }\n\n get loginBodySchema() {\n return z.object({\n identifier: z.string(),\n password: z.string(),\n });\n }\n\n get registerBodySchema() {\n return z.object({\n username: z.string(),\n email: z.email(),\n password: z.string(),\n });\n }\n\n get forgotPasswordBodySchema() {\n return z.object({\n email: z.email(),\n });\n }\n\n get resetPasswordBodySchema() {\n return z.object({\n code: z.string(),\n password: z.string(),\n passwordConfirmation: z.string(),\n });\n }\n\n get changePasswordBodySchema() {\n return z.object({\n currentPassword: z.string(),\n password: z.string(),\n passwordConfirmation: z.string(),\n });\n }\n\n get sendEmailConfirmationBodySchema() {\n return z.object({\n email: z.email(),\n });\n }\n\n get createUserBodySchema() {\n return z.object({\n username: z.string(),\n email: z.email(),\n password: z.string(),\n role: roleRelationInput.optional(),\n });\n }\n\n get updateUserBodySchema() {\n return z.object({\n username: z.string().optional(),\n email: z.email().optional(),\n password: z.string().optional(),\n role: roleRelationInput.optional(),\n });\n }\n\n get createRoleBodySchema() {\n return z.object({\n name: z.string(),\n description: z.string().optional(),\n type: z.string(),\n permissions: z.record(z.string(), z.unknown()).optional(),\n });\n }\n\n get updateRoleBodySchema() {\n return z.object({\n name: z.string().optional(),\n description: z.string().optional(),\n type: z.string().optional(),\n permissions: z.record(z.string(), z.unknown()).optional(),\n });\n }\n\n get userIdParam() {\n return z.string();\n }\n\n get roleIdParam() {\n return z.string();\n }\n\n get providerParam() {\n return z.string();\n }\n}\n\nmodule.exports = {\n UsersPermissionsRouteValidator,\n};\n"],"names":["AbstractRouteValidator","require$$0","z","require$$1","roleRelationEntry","object","id","union","number","string","optional","documentId","refine","entry","message","roleRelationInput","connect","array","disconnect","input","UsersPermissionsRouteValidator","userSchema","username","email","provider","confirmed","boolean","blocked","role","name","description","nullable","type","createdAt","updatedAt","publishedAt","roleSchema","nb_users","permissions","record","controllers","enabled","policy","users","unknown","permissionSchema","action","authResponseSchema","jwt","refreshToken","user","authResponseWithoutJwtSchema","authRegisterResponseSchema","forgotPasswordResponseSchema","ok","sendEmailConfirmationResponseSchema","sent","rolesResponseSchema","roles","roleResponseSchema","roleSuccessResponseSchema","permissionsResponseSchema","loginBodySchema","identifier","password","registerBodySchema","forgotPasswordBodySchema","resetPasswordBodySchema","code","passwordConfirmation","changePasswordBodySchema","currentPassword","sendEmailConfirmationBodySchema","createUserBodySchema","updateUserBodySchema","createRoleBodySchema","updateRoleBodySchema","userIdParam","roleIdParam","providerParam","strapi","_strapi","validation"],"mappings":";;;;;;;;;;;;;;;IAEA,MAAM,EAAEA,sBAAsB,EAAE,GAAGC,2BAAAA;AACnC,IAAA,MAAMC,CAAAA,GAAIC,6BAAAA;;;;;IAMV,MAAMC,iBAAAA,GAAoBF,CAAAA,CACvBG,MAAM,CAAC;QACNC,EAAAA,EAAIJ,CAAAA,CAAEK,KAAK,CAAC;AAACL,YAAAA,CAAAA,CAAEM,MAAM,EAAA;AAAIN,YAAAA,CAAAA,CAAEO,MAAM;AAAG,SAAA,CAAA,CAAEC,QAAQ,EAAA;QAC9CC,UAAAA,EAAYT,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ;KACnC,CAAA,CACGE,MAAM,CAAC,CAACC,KAAAA,GAAUA,KAAAA,CAAMP,EAAE,IAAI,IAAA,IAAQO,KAAAA,CAAMF,UAAU,IAAI,IAAA,EAAM;QAC/DG,OAAAA,EAAS;AACb,KAAA,CAAA;;;;;IAMA,MAAMC,iBAAAA,GAAoBb,CAAAA,CAAEK,KAAK,CAAC;AAChCL,QAAAA,CAAAA,CAAEM,MAAM,EAAA;AACRN,QAAAA,CAAAA,CAAEO,MAAM,EAAA;AACRP,QAAAA,CAAAA,CACGG,MAAM,CAAC;AACNW,YAAAA,OAAAA,EAASd,CAAAA,CAAEe,KAAK,CAACb,iBAAAA,CAAAA,CAAmBM,QAAQ,EAAA;AAC5CQ,YAAAA,UAAAA,EAAYhB,CAAAA,CAAEe,KAAK,CAACb,iBAAAA,CAAAA,CAAmBM,QAAQ;SACrD,CAAA,CACKE,MAAM,CAAC,CAACO,KAAAA,GAAUA,KAAAA,CAAMH,OAAO,IAAI,IAAA,IAAQG,KAAAA,CAAMD,UAAU,IAAI,IAAA,EAAM;YACpEJ,OAAAA,EAAS;AACf,SAAA;AACC,KAAA,CAAA;AAED,IAAA,MAAMM,8BAAAA,SAAuCpB,sBAAAA,CAAAA;AAM3C,QAAA,IAAIqB,UAAAA,GAAa;YACf,OAAOnB,CAAAA,CAAEG,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIJ,EAAEM,MAAM,EAAA;AACZG,gBAAAA,UAAAA,EAAYT,EAAEO,MAAM,EAAA;AACpBa,gBAAAA,QAAAA,EAAUpB,EAAEO,MAAM,EAAA;AAClBc,gBAAAA,KAAAA,EAAOrB,EAAEO,MAAM,EAAA;AACfe,gBAAAA,QAAAA,EAAUtB,EAAEO,MAAM,EAAA;AAClBgB,gBAAAA,SAAAA,EAAWvB,EAAEwB,OAAO,EAAA;AACpBC,gBAAAA,OAAAA,EAASzB,EAAEwB,OAAO,EAAA;gBAClBE,IAAAA,EAAM1B,CAAAA,CACHK,KAAK,CAAC;AACLL,oBAAAA,CAAAA,CAAEM,MAAM,EAAA;AACRN,oBAAAA,CAAAA,CAAEG,MAAM,CAAC;AACPC,wBAAAA,EAAAA,EAAIJ,EAAEM,MAAM,EAAA;AACZqB,wBAAAA,IAAAA,EAAM3B,EAAEO,MAAM,EAAA;wBACdqB,WAAAA,EAAa5B,CAAAA,CAAEO,MAAM,EAAA,CAAGsB,QAAQ,EAAA;AAChCC,wBAAAA,IAAAA,EAAM9B,EAAEO,MAAM,EAAA;AACdwB,wBAAAA,SAAAA,EAAW/B,EAAEO,MAAM,EAAA;AACnByB,wBAAAA,SAAAA,EAAWhC,EAAEO,MAAM;AAC/B,qBAAA;AACS,iBAAA,CAAA,CACAC,QAAQ,EAAA;AACXuB,gBAAAA,SAAAA,EAAW/B,EAAEO,MAAM,EAAA;AACnByB,gBAAAA,SAAAA,EAAWhC,EAAEO,MAAM,EAAA;AACnB0B,gBAAAA,WAAAA,EAAajC,EAAEO,MAAM;AAC3B,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI2B,UAAAA,GAAa;YACf,OAAOlC,CAAAA,CAAEG,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIJ,EAAEM,MAAM,EAAA;AACZG,gBAAAA,UAAAA,EAAYT,EAAEO,MAAM,EAAA;AACpBoB,gBAAAA,IAAAA,EAAM3B,EAAEO,MAAM,EAAA;gBACdqB,WAAAA,EAAa5B,CAAAA,CAAEO,MAAM,EAAA,CAAGsB,QAAQ,EAAA;AAChCC,gBAAAA,IAAAA,EAAM9B,EAAEO,MAAM,EAAA;AACdwB,gBAAAA,SAAAA,EAAW/B,EAAEO,MAAM,EAAA;AACnByB,gBAAAA,SAAAA,EAAWhC,EAAEO,MAAM,EAAA;AACnB0B,gBAAAA,WAAAA,EAAajC,EAAEO,MAAM,EAAA;gBACrB4B,QAAAA,EAAUnC,CAAAA,CAAEM,MAAM,EAAA,CAAGE,QAAQ,EAAA;gBAC7B4B,WAAAA,EAAapC,CAAAA,CACVqC,MAAM,CACLrC,CAAAA,CAAEO,MAAM,EAAA,EACRP,CAAAA,CAAEG,MAAM,CAAC;AACPmC,oBAAAA,WAAAA,EAAatC,CAAAA,CAAEqC,MAAM,CACnBrC,CAAAA,CAAEO,MAAM,EAAA,EACRP,CAAAA,CAAEqC,MAAM,CACNrC,CAAAA,CAAEO,MAAM,EAAA,EACRP,CAAAA,CAAEG,MAAM,CAAC;AACPoC,wBAAAA,OAAAA,EAASvC,EAAEwB,OAAO,EAAA;AAClBgB,wBAAAA,MAAAA,EAAQxC,EAAEO,MAAM;AAClC,qBAAA,CAAA,CAAA;AAGA,iBAAA,CAAA,CAAA,CAESC,QAAQ,EAAA;AACXiC,gBAAAA,KAAAA,EAAOzC,EAAEe,KAAK,CAACf,CAAAA,CAAE0C,OAAO,IAAIlC,QAAQ;AAC1C,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAImC,gBAAAA,GAAmB;YACrB,OAAO3C,CAAAA,CAAEG,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIJ,EAAEM,MAAM,EAAA;AACZsC,gBAAAA,MAAAA,EAAQ5C,EAAEO,MAAM,EAAA;gBAChBmB,IAAAA,EAAM1B,CAAAA,CAAEG,MAAM,CAAC;AACbC,oBAAAA,EAAAA,EAAIJ,EAAEM,MAAM,EAAA;AACZqB,oBAAAA,IAAAA,EAAM3B,EAAEO,MAAM,EAAA;oBACdqB,WAAAA,EAAa5B,CAAAA,CAAEO,MAAM,EAAA,CAAGsB,QAAQ,EAAA;AAChCC,oBAAAA,IAAAA,EAAM9B,EAAEO,MAAM;AACtB,iBAAA,CAAA;AACMwB,gBAAAA,SAAAA,EAAW/B,EAAEO,MAAM,EAAA;AACnByB,gBAAAA,SAAAA,EAAWhC,EAAEO,MAAM;AACzB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIsC,kBAAAA,GAAqB;YACvB,OAAO7C,CAAAA,CAAEG,MAAM,CAAC;AACd2C,gBAAAA,GAAAA,EAAK9C,EAAEO,MAAM,EAAA;gBACbwC,YAAAA,EAAc/C,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;gBACjCwC,IAAAA,EAAM,IAAI,CAAC7B;AACjB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI8B,4BAAAA,GAA+B;YACjC,OAAOjD,CAAAA,CAAEG,MAAM,CAAC;gBACd6C,IAAAA,EAAM,IAAI,CAAC7B;AACjB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI+B,0BAAAA,GAA6B;YAC/B,OAAOlD,CAAAA,CAAEK,KAAK,CAAC;AAAC,gBAAA,IAAI,CAACwC,kBAAkB;AAAE,gBAAA,IAAI,CAACI;AAA6B,aAAA,CAAA;AAC/E,QAAA;AAEE,QAAA,IAAIE,4BAAAA,GAA+B;YACjC,OAAOnD,CAAAA,CAAEG,MAAM,CAAC;AACdiD,gBAAAA,EAAAA,EAAIpD,EAAEwB,OAAO;AACnB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI6B,mCAAAA,GAAsC;YACxC,OAAOrD,CAAAA,CAAEG,MAAM,CAAC;AACdkB,gBAAAA,KAAAA,EAAOrB,EAAEO,MAAM,EAAA;AACf+C,gBAAAA,IAAAA,EAAMtD,EAAEwB,OAAO;AACrB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI+B,mBAAAA,GAAsB;YACxB,OAAOvD,CAAAA,CAAEG,MAAM,CAAC;AACdqD,gBAAAA,KAAAA,EAAOxD,CAAAA,CAAEe,KAAK,CAAC,IAAI,CAACmB,UAAU;AACpC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIuB,kBAAAA,GAAqB;YACvB,OAAOzD,CAAAA,CAAEG,MAAM,CAAC;gBACduB,IAAAA,EAAM,IAAI,CAACQ;AACjB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIwB,yBAAAA,GAA4B;YAC9B,OAAO1D,CAAAA,CAAEG,MAAM,CAAC;AACdiD,gBAAAA,EAAAA,EAAIpD,EAAEwB,OAAO;AACnB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAImC,yBAAAA,GAA4B;YAC9B,OAAO3D,CAAAA,CAAEG,MAAM,CAAC;gBACdiC,WAAAA,EAAapC,CAAAA,CAAEqC,MAAM,CACnBrC,CAAAA,CAAEO,MAAM,EAAA,EACRP,CAAAA,CAAEG,MAAM,CAAC;AACPmC,oBAAAA,WAAAA,EAAatC,CAAAA,CAAEqC,MAAM,CACnBrC,CAAAA,CAAEO,MAAM,EAAA,EACRP,CAAAA,CAAEqC,MAAM,CACNrC,CAAAA,CAAEO,MAAM,EAAA,EACRP,CAAAA,CAAEG,MAAM,CAAC;AACPoC,wBAAAA,OAAAA,EAASvC,EAAEwB,OAAO,EAAA;AAClBgB,wBAAAA,MAAAA,EAAQxC,EAAEO,MAAM;AAChC,qBAAA,CAAA,CAAA;AAGA,iBAAA,CAAA;AAEA,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIqD,eAAAA,GAAkB;YACpB,OAAO5D,CAAAA,CAAEG,MAAM,CAAC;AACd0D,gBAAAA,UAAAA,EAAY7D,EAAEO,MAAM,EAAA;AACpBuD,gBAAAA,QAAAA,EAAU9D,EAAEO,MAAM;AACxB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIwD,kBAAAA,GAAqB;YACvB,OAAO/D,CAAAA,CAAEG,MAAM,CAAC;AACdiB,gBAAAA,QAAAA,EAAUpB,EAAEO,MAAM,EAAA;AAClBc,gBAAAA,KAAAA,EAAOrB,EAAEqB,KAAK,EAAA;AACdyC,gBAAAA,QAAAA,EAAU9D,EAAEO,MAAM;AACxB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIyD,wBAAAA,GAA2B;YAC7B,OAAOhE,CAAAA,CAAEG,MAAM,CAAC;AACdkB,gBAAAA,KAAAA,EAAOrB,EAAEqB,KAAK;AACpB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI4C,uBAAAA,GAA0B;YAC5B,OAAOjE,CAAAA,CAAEG,MAAM,CAAC;AACd+D,gBAAAA,IAAAA,EAAMlE,EAAEO,MAAM,EAAA;AACduD,gBAAAA,QAAAA,EAAU9D,EAAEO,MAAM,EAAA;AAClB4D,gBAAAA,oBAAAA,EAAsBnE,EAAEO,MAAM;AACpC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI6D,wBAAAA,GAA2B;YAC7B,OAAOpE,CAAAA,CAAEG,MAAM,CAAC;AACdkE,gBAAAA,eAAAA,EAAiBrE,EAAEO,MAAM,EAAA;AACzBuD,gBAAAA,QAAAA,EAAU9D,EAAEO,MAAM,EAAA;AAClB4D,gBAAAA,oBAAAA,EAAsBnE,EAAEO,MAAM;AACpC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI+D,+BAAAA,GAAkC;YACpC,OAAOtE,CAAAA,CAAEG,MAAM,CAAC;AACdkB,gBAAAA,KAAAA,EAAOrB,EAAEqB,KAAK;AACpB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIkD,oBAAAA,GAAuB;YACzB,OAAOvE,CAAAA,CAAEG,MAAM,CAAC;AACdiB,gBAAAA,QAAAA,EAAUpB,EAAEO,MAAM,EAAA;AAClBc,gBAAAA,KAAAA,EAAOrB,EAAEqB,KAAK,EAAA;AACdyC,gBAAAA,QAAAA,EAAU9D,EAAEO,MAAM,EAAA;AAClBmB,gBAAAA,IAAAA,EAAMb,kBAAkBL,QAAQ;AACtC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIgE,oBAAAA,GAAuB;YACzB,OAAOxE,CAAAA,CAAEG,MAAM,CAAC;gBACdiB,QAAAA,EAAUpB,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;gBAC7Ba,KAAAA,EAAOrB,CAAAA,CAAEqB,KAAK,EAAA,CAAGb,QAAQ,EAAA;gBACzBsD,QAAAA,EAAU9D,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;AAC7BkB,gBAAAA,IAAAA,EAAMb,kBAAkBL,QAAQ;AACtC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIiE,oBAAAA,GAAuB;YACzB,OAAOzE,CAAAA,CAAEG,MAAM,CAAC;AACdwB,gBAAAA,IAAAA,EAAM3B,EAAEO,MAAM,EAAA;gBACdqB,WAAAA,EAAa5B,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;AAChCsB,gBAAAA,IAAAA,EAAM9B,EAAEO,MAAM,EAAA;gBACd6B,WAAAA,EAAapC,CAAAA,CAAEqC,MAAM,CAACrC,CAAAA,CAAEO,MAAM,EAAA,EAAIP,CAAAA,CAAE0C,OAAO,EAAA,CAAA,CAAIlC,QAAQ;AAC7D,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIkE,oBAAAA,GAAuB;YACzB,OAAO1E,CAAAA,CAAEG,MAAM,CAAC;gBACdwB,IAAAA,EAAM3B,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;gBACzBoB,WAAAA,EAAa5B,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;gBAChCsB,IAAAA,EAAM9B,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;gBACzB4B,WAAAA,EAAapC,CAAAA,CAAEqC,MAAM,CAACrC,CAAAA,CAAEO,MAAM,EAAA,EAAIP,CAAAA,CAAE0C,OAAO,EAAA,CAAA,CAAIlC,QAAQ;AAC7D,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAImE,WAAAA,GAAc;AAChB,YAAA,OAAO3E,EAAEO,MAAM,EAAA;AACnB,QAAA;AAEE,QAAA,IAAIqE,WAAAA,GAAc;AAChB,YAAA,OAAO5E,EAAEO,MAAM,EAAA;AACnB,QAAA;AAEE,QAAA,IAAIsE,aAAAA,GAAgB;AAClB,YAAA,OAAO7E,EAAEO,MAAM,EAAA;AACnB,QAAA;AA9OE,QAAA,WAAA,CAAYuE,MAAM,CAAE;YAClB,KAAK,EAAA;YACL,IAAI,CAACC,OAAO,GAAGD,MAAAA;AACnB,QAAA;AA4OA;IAEAE,UAAAA,GAAiB;AACf9D,QAAAA;AACF,KAAA;;;;;;"}
|
|
@@ -8,6 +8,33 @@ function requireValidation() {
|
|
|
8
8
|
hasRequiredValidation = 1;
|
|
9
9
|
const { AbstractRouteValidator } = require$$1;
|
|
10
10
|
const z = require$$1$1;
|
|
11
|
+
// A single role relation entry, referenced by numeric `id` (legacy) or by
|
|
12
|
+
// `documentId` (the v5 default), but must carry at least one of them. The
|
|
13
|
+
// detailed rules (min one role on create, cannot remove the last role on
|
|
14
|
+
// update) stay in the Yup controller validator.
|
|
15
|
+
const roleRelationEntry = z.object({
|
|
16
|
+
id: z.union([
|
|
17
|
+
z.number(),
|
|
18
|
+
z.string()
|
|
19
|
+
]).optional(),
|
|
20
|
+
documentId: z.string().optional()
|
|
21
|
+
}).refine((entry)=>entry.id != null || entry.documentId != null, {
|
|
22
|
+
message: 'Relation entry must include an id or documentId'
|
|
23
|
+
});
|
|
24
|
+
// The `role` relation input: shorthand scalar (numeric id or documentId) or the
|
|
25
|
+
// longhand connect/disconnect object, matching every other v5 relation. The
|
|
26
|
+
// object form must carry at least one of connect/disconnect (an empty object is
|
|
27
|
+
// a no-op and almost certainly a mistake).
|
|
28
|
+
const roleRelationInput = z.union([
|
|
29
|
+
z.number(),
|
|
30
|
+
z.string(),
|
|
31
|
+
z.object({
|
|
32
|
+
connect: z.array(roleRelationEntry).optional(),
|
|
33
|
+
disconnect: z.array(roleRelationEntry).optional()
|
|
34
|
+
}).refine((input)=>input.connect != null || input.disconnect != null, {
|
|
35
|
+
message: 'Relation input must include connect or disconnect'
|
|
36
|
+
})
|
|
37
|
+
]);
|
|
11
38
|
class UsersPermissionsRouteValidator extends AbstractRouteValidator {
|
|
12
39
|
get userSchema() {
|
|
13
40
|
return z.object({
|
|
@@ -164,7 +191,7 @@ function requireValidation() {
|
|
|
164
191
|
username: z.string(),
|
|
165
192
|
email: z.email(),
|
|
166
193
|
password: z.string(),
|
|
167
|
-
role:
|
|
194
|
+
role: roleRelationInput.optional()
|
|
168
195
|
});
|
|
169
196
|
}
|
|
170
197
|
get updateUserBodySchema() {
|
|
@@ -172,7 +199,7 @@ function requireValidation() {
|
|
|
172
199
|
username: z.string().optional(),
|
|
173
200
|
email: z.email().optional(),
|
|
174
201
|
password: z.string().optional(),
|
|
175
|
-
role:
|
|
202
|
+
role: roleRelationInput.optional()
|
|
176
203
|
});
|
|
177
204
|
}
|
|
178
205
|
get createRoleBodySchema() {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"validation.mjs","sources":["../../../../server/routes/content-api/validation.js"],"sourcesContent":["'use strict';\n\nconst { AbstractRouteValidator } = require('@strapi/utils');\nconst z = require('zod/v4');\n\nclass UsersPermissionsRouteValidator extends AbstractRouteValidator {\n constructor(strapi) {\n super();\n this._strapi = strapi;\n }\n\n get userSchema() {\n return z.object({\n id: z.number(),\n documentId: z.string(),\n username: z.string(),\n email: z.string(),\n provider: z.string(),\n confirmed: z.boolean(),\n blocked: z.boolean(),\n role: z\n .union([\n z.number(),\n z.object({\n id: z.number(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n createdAt: z.string(),\n updatedAt: z.string(),\n }),\n ])\n .optional(),\n createdAt: z.string(),\n updatedAt: z.string(),\n publishedAt: z.string(),\n });\n }\n\n get roleSchema() {\n return z.object({\n id: z.number(),\n documentId: z.string(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n createdAt: z.string(),\n updatedAt: z.string(),\n publishedAt: z.string(),\n nb_users: z.number().optional(),\n permissions: z\n .record(\n z.string(), // plugin name\n z.object({\n controllers: z.record(\n z.string(), // controller name\n z.record(\n z.string(), // action name\n z.object({\n enabled: z.boolean(),\n policy: z.string(),\n })\n )\n ),\n })\n )\n .optional(),\n users: z.array(z.unknown()).optional(),\n });\n }\n\n get permissionSchema() {\n return z.object({\n id: z.number(),\n action: z.string(),\n role: z.object({\n id: z.number(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n }),\n createdAt: z.string(),\n updatedAt: z.string(),\n });\n }\n\n get authResponseSchema() {\n return z.object({\n jwt: z.string(),\n refreshToken: z.string().optional(),\n user: this.userSchema,\n });\n }\n\n get authResponseWithoutJwtSchema() {\n return z.object({\n user: this.userSchema,\n });\n }\n\n get authRegisterResponseSchema() {\n return z.union([this.authResponseSchema, this.authResponseWithoutJwtSchema]);\n }\n\n get forgotPasswordResponseSchema() {\n return z.object({\n ok: z.boolean(),\n });\n }\n\n get sendEmailConfirmationResponseSchema() {\n return z.object({\n email: z.string(),\n sent: z.boolean(),\n });\n }\n\n get rolesResponseSchema() {\n return z.object({\n roles: z.array(this.roleSchema),\n });\n }\n\n get roleResponseSchema() {\n return z.object({\n role: this.roleSchema,\n });\n }\n\n get roleSuccessResponseSchema() {\n return z.object({\n ok: z.boolean(),\n });\n }\n\n get permissionsResponseSchema() {\n return z.object({\n permissions: z.record(\n z.string(), // plugin name\n z.object({\n controllers: z.record(\n z.string(), // controller name\n z.record(\n z.string(), // action name\n z.object({\n enabled: z.boolean(),\n policy: z.string(),\n })\n )\n ),\n })\n ),\n });\n }\n\n get loginBodySchema() {\n return z.object({\n identifier: z.string(),\n password: z.string(),\n });\n }\n\n get registerBodySchema() {\n return z.object({\n username: z.string(),\n email: z.email(),\n password: z.string(),\n });\n }\n\n get forgotPasswordBodySchema() {\n return z.object({\n email: z.email(),\n });\n }\n\n get resetPasswordBodySchema() {\n return z.object({\n code: z.string(),\n password: z.string(),\n passwordConfirmation: z.string(),\n });\n }\n\n get changePasswordBodySchema() {\n return z.object({\n currentPassword: z.string(),\n password: z.string(),\n passwordConfirmation: z.string(),\n });\n }\n\n get sendEmailConfirmationBodySchema() {\n return z.object({\n email: z.email(),\n });\n }\n\n get createUserBodySchema() {\n return z.object({\n username: z.string(),\n email: z.email(),\n password: z.string(),\n role: z.number().optional(),\n });\n }\n\n get updateUserBodySchema() {\n return z.object({\n username: z.string().optional(),\n email: z.email().optional(),\n password: z.string().optional(),\n role: z.number().optional(),\n });\n }\n\n get createRoleBodySchema() {\n return z.object({\n name: z.string(),\n description: z.string().optional(),\n type: z.string(),\n permissions: z.record(z.string(), z.unknown()).optional(),\n });\n }\n\n get updateRoleBodySchema() {\n return z.object({\n name: z.string().optional(),\n description: z.string().optional(),\n type: z.string().optional(),\n permissions: z.record(z.string(), z.unknown()).optional(),\n });\n }\n\n get userIdParam() {\n return z.string();\n }\n\n get roleIdParam() {\n return z.string();\n }\n\n get providerParam() {\n return z.string();\n }\n}\n\nmodule.exports = {\n UsersPermissionsRouteValidator,\n};\n"],"names":["AbstractRouteValidator","require$$0","z","require$$1","UsersPermissionsRouteValidator","userSchema","object","id","number","documentId","string","username","email","provider","confirmed","boolean","blocked","role","union","name","description","nullable","type","createdAt","updatedAt","optional","publishedAt","roleSchema","nb_users","permissions","record","controllers","enabled","policy","users","array","unknown","permissionSchema","action","authResponseSchema","jwt","refreshToken","user","authResponseWithoutJwtSchema","authRegisterResponseSchema","forgotPasswordResponseSchema","ok","sendEmailConfirmationResponseSchema","sent","rolesResponseSchema","roles","roleResponseSchema","roleSuccessResponseSchema","permissionsResponseSchema","loginBodySchema","identifier","password","registerBodySchema","forgotPasswordBodySchema","resetPasswordBodySchema","code","passwordConfirmation","changePasswordBodySchema","currentPassword","sendEmailConfirmationBodySchema","createUserBodySchema","updateUserBodySchema","createRoleBodySchema","updateRoleBodySchema","userIdParam","roleIdParam","providerParam","strapi","_strapi","validation"],"mappings":";;;;;;;;IAEA,MAAM,EAAEA,sBAAsB,EAAE,GAAGC,UAAAA;AACnC,IAAA,MAAMC,CAAAA,GAAIC,YAAAA;AAEV,IAAA,MAAMC,8BAAAA,SAAuCJ,sBAAAA,CAAAA;AAM3C,QAAA,IAAIK,UAAAA,GAAa;YACf,OAAOH,CAAAA,CAAEI,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIL,EAAEM,MAAM,EAAA;AACZC,gBAAAA,UAAAA,EAAYP,EAAEQ,MAAM,EAAA;AACpBC,gBAAAA,QAAAA,EAAUT,EAAEQ,MAAM,EAAA;AAClBE,gBAAAA,KAAAA,EAAOV,EAAEQ,MAAM,EAAA;AACfG,gBAAAA,QAAAA,EAAUX,EAAEQ,MAAM,EAAA;AAClBI,gBAAAA,SAAAA,EAAWZ,EAAEa,OAAO,EAAA;AACpBC,gBAAAA,OAAAA,EAASd,EAAEa,OAAO,EAAA;gBAClBE,IAAAA,EAAMf,CAAAA,CACHgB,KAAK,CAAC;AACLhB,oBAAAA,CAAAA,CAAEM,MAAM,EAAA;AACRN,oBAAAA,CAAAA,CAAEI,MAAM,CAAC;AACPC,wBAAAA,EAAAA,EAAIL,EAAEM,MAAM,EAAA;AACZW,wBAAAA,IAAAA,EAAMjB,EAAEQ,MAAM,EAAA;wBACdU,WAAAA,EAAalB,CAAAA,CAAEQ,MAAM,EAAA,CAAGW,QAAQ,EAAA;AAChCC,wBAAAA,IAAAA,EAAMpB,EAAEQ,MAAM,EAAA;AACda,wBAAAA,SAAAA,EAAWrB,EAAEQ,MAAM,EAAA;AACnBc,wBAAAA,SAAAA,EAAWtB,EAAEQ,MAAM;AAC/B,qBAAA;AACS,iBAAA,CAAA,CACAe,QAAQ,EAAA;AACXF,gBAAAA,SAAAA,EAAWrB,EAAEQ,MAAM,EAAA;AACnBc,gBAAAA,SAAAA,EAAWtB,EAAEQ,MAAM,EAAA;AACnBgB,gBAAAA,WAAAA,EAAaxB,EAAEQ,MAAM;AAC3B,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIiB,UAAAA,GAAa;YACf,OAAOzB,CAAAA,CAAEI,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIL,EAAEM,MAAM,EAAA;AACZC,gBAAAA,UAAAA,EAAYP,EAAEQ,MAAM,EAAA;AACpBS,gBAAAA,IAAAA,EAAMjB,EAAEQ,MAAM,EAAA;gBACdU,WAAAA,EAAalB,CAAAA,CAAEQ,MAAM,EAAA,CAAGW,QAAQ,EAAA;AAChCC,gBAAAA,IAAAA,EAAMpB,EAAEQ,MAAM,EAAA;AACda,gBAAAA,SAAAA,EAAWrB,EAAEQ,MAAM,EAAA;AACnBc,gBAAAA,SAAAA,EAAWtB,EAAEQ,MAAM,EAAA;AACnBgB,gBAAAA,WAAAA,EAAaxB,EAAEQ,MAAM,EAAA;gBACrBkB,QAAAA,EAAU1B,CAAAA,CAAEM,MAAM,EAAA,CAAGiB,QAAQ,EAAA;gBAC7BI,WAAAA,EAAa3B,CAAAA,CACV4B,MAAM,CACL5B,CAAAA,CAAEQ,MAAM,EAAA,EACRR,CAAAA,CAAEI,MAAM,CAAC;AACPyB,oBAAAA,WAAAA,EAAa7B,CAAAA,CAAE4B,MAAM,CACnB5B,CAAAA,CAAEQ,MAAM,EAAA,EACRR,CAAAA,CAAE4B,MAAM,CACN5B,CAAAA,CAAEQ,MAAM,EAAA,EACRR,CAAAA,CAAEI,MAAM,CAAC;AACP0B,wBAAAA,OAAAA,EAAS9B,EAAEa,OAAO,EAAA;AAClBkB,wBAAAA,MAAAA,EAAQ/B,EAAEQ,MAAM;AAClC,qBAAA,CAAA,CAAA;AAGA,iBAAA,CAAA,CAAA,CAESe,QAAQ,EAAA;AACXS,gBAAAA,KAAAA,EAAOhC,EAAEiC,KAAK,CAACjC,CAAAA,CAAEkC,OAAO,IAAIX,QAAQ;AAC1C,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIY,gBAAAA,GAAmB;YACrB,OAAOnC,CAAAA,CAAEI,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIL,EAAEM,MAAM,EAAA;AACZ8B,gBAAAA,MAAAA,EAAQpC,EAAEQ,MAAM,EAAA;gBAChBO,IAAAA,EAAMf,CAAAA,CAAEI,MAAM,CAAC;AACbC,oBAAAA,EAAAA,EAAIL,EAAEM,MAAM,EAAA;AACZW,oBAAAA,IAAAA,EAAMjB,EAAEQ,MAAM,EAAA;oBACdU,WAAAA,EAAalB,CAAAA,CAAEQ,MAAM,EAAA,CAAGW,QAAQ,EAAA;AAChCC,oBAAAA,IAAAA,EAAMpB,EAAEQ,MAAM;AACtB,iBAAA,CAAA;AACMa,gBAAAA,SAAAA,EAAWrB,EAAEQ,MAAM,EAAA;AACnBc,gBAAAA,SAAAA,EAAWtB,EAAEQ,MAAM;AACzB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI6B,kBAAAA,GAAqB;YACvB,OAAOrC,CAAAA,CAAEI,MAAM,CAAC;AACdkC,gBAAAA,GAAAA,EAAKtC,EAAEQ,MAAM,EAAA;gBACb+B,YAAAA,EAAcvC,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBACjCiB,IAAAA,EAAM,IAAI,CAACrC;AACjB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIsC,4BAAAA,GAA+B;YACjC,OAAOzC,CAAAA,CAAEI,MAAM,CAAC;gBACdoC,IAAAA,EAAM,IAAI,CAACrC;AACjB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIuC,0BAAAA,GAA6B;YAC/B,OAAO1C,CAAAA,CAAEgB,KAAK,CAAC;AAAC,gBAAA,IAAI,CAACqB,kBAAkB;AAAE,gBAAA,IAAI,CAACI;AAA6B,aAAA,CAAA;AAC/E,QAAA;AAEE,QAAA,IAAIE,4BAAAA,GAA+B;YACjC,OAAO3C,CAAAA,CAAEI,MAAM,CAAC;AACdwC,gBAAAA,EAAAA,EAAI5C,EAAEa,OAAO;AACnB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIgC,mCAAAA,GAAsC;YACxC,OAAO7C,CAAAA,CAAEI,MAAM,CAAC;AACdM,gBAAAA,KAAAA,EAAOV,EAAEQ,MAAM,EAAA;AACfsC,gBAAAA,IAAAA,EAAM9C,EAAEa,OAAO;AACrB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIkC,mBAAAA,GAAsB;YACxB,OAAO/C,CAAAA,CAAEI,MAAM,CAAC;AACd4C,gBAAAA,KAAAA,EAAOhD,CAAAA,CAAEiC,KAAK,CAAC,IAAI,CAACR,UAAU;AACpC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIwB,kBAAAA,GAAqB;YACvB,OAAOjD,CAAAA,CAAEI,MAAM,CAAC;gBACdW,IAAAA,EAAM,IAAI,CAACU;AACjB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIyB,yBAAAA,GAA4B;YAC9B,OAAOlD,CAAAA,CAAEI,MAAM,CAAC;AACdwC,gBAAAA,EAAAA,EAAI5C,EAAEa,OAAO;AACnB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIsC,yBAAAA,GAA4B;YAC9B,OAAOnD,CAAAA,CAAEI,MAAM,CAAC;gBACduB,WAAAA,EAAa3B,CAAAA,CAAE4B,MAAM,CACnB5B,CAAAA,CAAEQ,MAAM,EAAA,EACRR,CAAAA,CAAEI,MAAM,CAAC;AACPyB,oBAAAA,WAAAA,EAAa7B,CAAAA,CAAE4B,MAAM,CACnB5B,CAAAA,CAAEQ,MAAM,EAAA,EACRR,CAAAA,CAAE4B,MAAM,CACN5B,CAAAA,CAAEQ,MAAM,EAAA,EACRR,CAAAA,CAAEI,MAAM,CAAC;AACP0B,wBAAAA,OAAAA,EAAS9B,EAAEa,OAAO,EAAA;AAClBkB,wBAAAA,MAAAA,EAAQ/B,EAAEQ,MAAM;AAChC,qBAAA,CAAA,CAAA;AAGA,iBAAA,CAAA;AAEA,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI4C,eAAAA,GAAkB;YACpB,OAAOpD,CAAAA,CAAEI,MAAM,CAAC;AACdiD,gBAAAA,UAAAA,EAAYrD,EAAEQ,MAAM,EAAA;AACpB8C,gBAAAA,QAAAA,EAAUtD,EAAEQ,MAAM;AACxB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI+C,kBAAAA,GAAqB;YACvB,OAAOvD,CAAAA,CAAEI,MAAM,CAAC;AACdK,gBAAAA,QAAAA,EAAUT,EAAEQ,MAAM,EAAA;AAClBE,gBAAAA,KAAAA,EAAOV,EAAEU,KAAK,EAAA;AACd4C,gBAAAA,QAAAA,EAAUtD,EAAEQ,MAAM;AACxB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIgD,wBAAAA,GAA2B;YAC7B,OAAOxD,CAAAA,CAAEI,MAAM,CAAC;AACdM,gBAAAA,KAAAA,EAAOV,EAAEU,KAAK;AACpB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI+C,uBAAAA,GAA0B;YAC5B,OAAOzD,CAAAA,CAAEI,MAAM,CAAC;AACdsD,gBAAAA,IAAAA,EAAM1D,EAAEQ,MAAM,EAAA;AACd8C,gBAAAA,QAAAA,EAAUtD,EAAEQ,MAAM,EAAA;AAClBmD,gBAAAA,oBAAAA,EAAsB3D,EAAEQ,MAAM;AACpC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIoD,wBAAAA,GAA2B;YAC7B,OAAO5D,CAAAA,CAAEI,MAAM,CAAC;AACdyD,gBAAAA,eAAAA,EAAiB7D,EAAEQ,MAAM,EAAA;AACzB8C,gBAAAA,QAAAA,EAAUtD,EAAEQ,MAAM,EAAA;AAClBmD,gBAAAA,oBAAAA,EAAsB3D,EAAEQ,MAAM;AACpC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIsD,+BAAAA,GAAkC;YACpC,OAAO9D,CAAAA,CAAEI,MAAM,CAAC;AACdM,gBAAAA,KAAAA,EAAOV,EAAEU,KAAK;AACpB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIqD,oBAAAA,GAAuB;YACzB,OAAO/D,CAAAA,CAAEI,MAAM,CAAC;AACdK,gBAAAA,QAAAA,EAAUT,EAAEQ,MAAM,EAAA;AAClBE,gBAAAA,KAAAA,EAAOV,EAAEU,KAAK,EAAA;AACd4C,gBAAAA,QAAAA,EAAUtD,EAAEQ,MAAM,EAAA;gBAClBO,IAAAA,EAAMf,CAAAA,CAAEM,MAAM,EAAA,CAAGiB,QAAQ;AAC/B,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIyC,oBAAAA,GAAuB;YACzB,OAAOhE,CAAAA,CAAEI,MAAM,CAAC;gBACdK,QAAAA,EAAUT,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBAC7Bb,KAAAA,EAAOV,CAAAA,CAAEU,KAAK,EAAA,CAAGa,QAAQ,EAAA;gBACzB+B,QAAAA,EAAUtD,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBAC7BR,IAAAA,EAAMf,CAAAA,CAAEM,MAAM,EAAA,CAAGiB,QAAQ;AAC/B,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI0C,oBAAAA,GAAuB;YACzB,OAAOjE,CAAAA,CAAEI,MAAM,CAAC;AACda,gBAAAA,IAAAA,EAAMjB,EAAEQ,MAAM,EAAA;gBACdU,WAAAA,EAAalB,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;AAChCH,gBAAAA,IAAAA,EAAMpB,EAAEQ,MAAM,EAAA;gBACdmB,WAAAA,EAAa3B,CAAAA,CAAE4B,MAAM,CAAC5B,CAAAA,CAAEQ,MAAM,EAAA,EAAIR,CAAAA,CAAEkC,OAAO,EAAA,CAAA,CAAIX,QAAQ;AAC7D,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI2C,oBAAAA,GAAuB;YACzB,OAAOlE,CAAAA,CAAEI,MAAM,CAAC;gBACda,IAAAA,EAAMjB,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBACzBL,WAAAA,EAAalB,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBAChCH,IAAAA,EAAMpB,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBACzBI,WAAAA,EAAa3B,CAAAA,CAAE4B,MAAM,CAAC5B,CAAAA,CAAEQ,MAAM,EAAA,EAAIR,CAAAA,CAAEkC,OAAO,EAAA,CAAA,CAAIX,QAAQ;AAC7D,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI4C,WAAAA,GAAc;AAChB,YAAA,OAAOnE,EAAEQ,MAAM,EAAA;AACnB,QAAA;AAEE,QAAA,IAAI4D,WAAAA,GAAc;AAChB,YAAA,OAAOpE,EAAEQ,MAAM,EAAA;AACnB,QAAA;AAEE,QAAA,IAAI6D,aAAAA,GAAgB;AAClB,YAAA,OAAOrE,EAAEQ,MAAM,EAAA;AACnB,QAAA;AA9OE,QAAA,WAAA,CAAY8D,MAAM,CAAE;YAClB,KAAK,EAAA;YACL,IAAI,CAACC,OAAO,GAAGD,MAAAA;AACnB,QAAA;AA4OA;IAEAE,UAAAA,GAAiB;AACftE,QAAAA;AACF,KAAA;;;;;;"}
|
|
1
|
+
{"version":3,"file":"validation.mjs","sources":["../../../../server/routes/content-api/validation.js"],"sourcesContent":["'use strict';\n\nconst { AbstractRouteValidator } = require('@strapi/utils');\nconst z = require('zod/v4');\n\n// A single role relation entry, referenced by numeric `id` (legacy) or by\n// `documentId` (the v5 default), but must carry at least one of them. The\n// detailed rules (min one role on create, cannot remove the last role on\n// update) stay in the Yup controller validator.\nconst roleRelationEntry = z\n .object({\n id: z.union([z.number(), z.string()]).optional(),\n documentId: z.string().optional(),\n })\n .refine((entry) => entry.id != null || entry.documentId != null, {\n message: 'Relation entry must include an id or documentId',\n });\n\n// The `role` relation input: shorthand scalar (numeric id or documentId) or the\n// longhand connect/disconnect object, matching every other v5 relation. The\n// object form must carry at least one of connect/disconnect (an empty object is\n// a no-op and almost certainly a mistake).\nconst roleRelationInput = z.union([\n z.number(),\n z.string(),\n z\n .object({\n connect: z.array(roleRelationEntry).optional(),\n disconnect: z.array(roleRelationEntry).optional(),\n })\n .refine((input) => input.connect != null || input.disconnect != null, {\n message: 'Relation input must include connect or disconnect',\n }),\n]);\n\nclass UsersPermissionsRouteValidator extends AbstractRouteValidator {\n constructor(strapi) {\n super();\n this._strapi = strapi;\n }\n\n get userSchema() {\n return z.object({\n id: z.number(),\n documentId: z.string(),\n username: z.string(),\n email: z.string(),\n provider: z.string(),\n confirmed: z.boolean(),\n blocked: z.boolean(),\n role: z\n .union([\n z.number(),\n z.object({\n id: z.number(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n createdAt: z.string(),\n updatedAt: z.string(),\n }),\n ])\n .optional(),\n createdAt: z.string(),\n updatedAt: z.string(),\n publishedAt: z.string(),\n });\n }\n\n get roleSchema() {\n return z.object({\n id: z.number(),\n documentId: z.string(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n createdAt: z.string(),\n updatedAt: z.string(),\n publishedAt: z.string(),\n nb_users: z.number().optional(),\n permissions: z\n .record(\n z.string(), // plugin name\n z.object({\n controllers: z.record(\n z.string(), // controller name\n z.record(\n z.string(), // action name\n z.object({\n enabled: z.boolean(),\n policy: z.string(),\n })\n )\n ),\n })\n )\n .optional(),\n users: z.array(z.unknown()).optional(),\n });\n }\n\n get permissionSchema() {\n return z.object({\n id: z.number(),\n action: z.string(),\n role: z.object({\n id: z.number(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n }),\n createdAt: z.string(),\n updatedAt: z.string(),\n });\n }\n\n get authResponseSchema() {\n return z.object({\n jwt: z.string(),\n refreshToken: z.string().optional(),\n user: this.userSchema,\n });\n }\n\n get authResponseWithoutJwtSchema() {\n return z.object({\n user: this.userSchema,\n });\n }\n\n get authRegisterResponseSchema() {\n return z.union([this.authResponseSchema, this.authResponseWithoutJwtSchema]);\n }\n\n get forgotPasswordResponseSchema() {\n return z.object({\n ok: z.boolean(),\n });\n }\n\n get sendEmailConfirmationResponseSchema() {\n return z.object({\n email: z.string(),\n sent: z.boolean(),\n });\n }\n\n get rolesResponseSchema() {\n return z.object({\n roles: z.array(this.roleSchema),\n });\n }\n\n get roleResponseSchema() {\n return z.object({\n role: this.roleSchema,\n });\n }\n\n get roleSuccessResponseSchema() {\n return z.object({\n ok: z.boolean(),\n });\n }\n\n get permissionsResponseSchema() {\n return z.object({\n permissions: z.record(\n z.string(), // plugin name\n z.object({\n controllers: z.record(\n z.string(), // controller name\n z.record(\n z.string(), // action name\n z.object({\n enabled: z.boolean(),\n policy: z.string(),\n })\n )\n ),\n })\n ),\n });\n }\n\n get loginBodySchema() {\n return z.object({\n identifier: z.string(),\n password: z.string(),\n });\n }\n\n get registerBodySchema() {\n return z.object({\n username: z.string(),\n email: z.email(),\n password: z.string(),\n });\n }\n\n get forgotPasswordBodySchema() {\n return z.object({\n email: z.email(),\n });\n }\n\n get resetPasswordBodySchema() {\n return z.object({\n code: z.string(),\n password: z.string(),\n passwordConfirmation: z.string(),\n });\n }\n\n get changePasswordBodySchema() {\n return z.object({\n currentPassword: z.string(),\n password: z.string(),\n passwordConfirmation: z.string(),\n });\n }\n\n get sendEmailConfirmationBodySchema() {\n return z.object({\n email: z.email(),\n });\n }\n\n get createUserBodySchema() {\n return z.object({\n username: z.string(),\n email: z.email(),\n password: z.string(),\n role: roleRelationInput.optional(),\n });\n }\n\n get updateUserBodySchema() {\n return z.object({\n username: z.string().optional(),\n email: z.email().optional(),\n password: z.string().optional(),\n role: roleRelationInput.optional(),\n });\n }\n\n get createRoleBodySchema() {\n return z.object({\n name: z.string(),\n description: z.string().optional(),\n type: z.string(),\n permissions: z.record(z.string(), z.unknown()).optional(),\n });\n }\n\n get updateRoleBodySchema() {\n return z.object({\n name: z.string().optional(),\n description: z.string().optional(),\n type: z.string().optional(),\n permissions: z.record(z.string(), z.unknown()).optional(),\n });\n }\n\n get userIdParam() {\n return z.string();\n }\n\n get roleIdParam() {\n return z.string();\n }\n\n get providerParam() {\n return z.string();\n }\n}\n\nmodule.exports = {\n UsersPermissionsRouteValidator,\n};\n"],"names":["AbstractRouteValidator","require$$0","z","require$$1","roleRelationEntry","object","id","union","number","string","optional","documentId","refine","entry","message","roleRelationInput","connect","array","disconnect","input","UsersPermissionsRouteValidator","userSchema","username","email","provider","confirmed","boolean","blocked","role","name","description","nullable","type","createdAt","updatedAt","publishedAt","roleSchema","nb_users","permissions","record","controllers","enabled","policy","users","unknown","permissionSchema","action","authResponseSchema","jwt","refreshToken","user","authResponseWithoutJwtSchema","authRegisterResponseSchema","forgotPasswordResponseSchema","ok","sendEmailConfirmationResponseSchema","sent","rolesResponseSchema","roles","roleResponseSchema","roleSuccessResponseSchema","permissionsResponseSchema","loginBodySchema","identifier","password","registerBodySchema","forgotPasswordBodySchema","resetPasswordBodySchema","code","passwordConfirmation","changePasswordBodySchema","currentPassword","sendEmailConfirmationBodySchema","createUserBodySchema","updateUserBodySchema","createRoleBodySchema","updateRoleBodySchema","userIdParam","roleIdParam","providerParam","strapi","_strapi","validation"],"mappings":";;;;;;;;IAEA,MAAM,EAAEA,sBAAsB,EAAE,GAAGC,UAAAA;AACnC,IAAA,MAAMC,CAAAA,GAAIC,YAAAA;;;;;IAMV,MAAMC,iBAAAA,GAAoBF,CAAAA,CACvBG,MAAM,CAAC;QACNC,EAAAA,EAAIJ,CAAAA,CAAEK,KAAK,CAAC;AAACL,YAAAA,CAAAA,CAAEM,MAAM,EAAA;AAAIN,YAAAA,CAAAA,CAAEO,MAAM;AAAG,SAAA,CAAA,CAAEC,QAAQ,EAAA;QAC9CC,UAAAA,EAAYT,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ;KACnC,CAAA,CACGE,MAAM,CAAC,CAACC,KAAAA,GAAUA,KAAAA,CAAMP,EAAE,IAAI,IAAA,IAAQO,KAAAA,CAAMF,UAAU,IAAI,IAAA,EAAM;QAC/DG,OAAAA,EAAS;AACb,KAAA,CAAA;;;;;IAMA,MAAMC,iBAAAA,GAAoBb,CAAAA,CAAEK,KAAK,CAAC;AAChCL,QAAAA,CAAAA,CAAEM,MAAM,EAAA;AACRN,QAAAA,CAAAA,CAAEO,MAAM,EAAA;AACRP,QAAAA,CAAAA,CACGG,MAAM,CAAC;AACNW,YAAAA,OAAAA,EAASd,CAAAA,CAAEe,KAAK,CAACb,iBAAAA,CAAAA,CAAmBM,QAAQ,EAAA;AAC5CQ,YAAAA,UAAAA,EAAYhB,CAAAA,CAAEe,KAAK,CAACb,iBAAAA,CAAAA,CAAmBM,QAAQ;SACrD,CAAA,CACKE,MAAM,CAAC,CAACO,KAAAA,GAAUA,KAAAA,CAAMH,OAAO,IAAI,IAAA,IAAQG,KAAAA,CAAMD,UAAU,IAAI,IAAA,EAAM;YACpEJ,OAAAA,EAAS;AACf,SAAA;AACC,KAAA,CAAA;AAED,IAAA,MAAMM,8BAAAA,SAAuCpB,sBAAAA,CAAAA;AAM3C,QAAA,IAAIqB,UAAAA,GAAa;YACf,OAAOnB,CAAAA,CAAEG,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIJ,EAAEM,MAAM,EAAA;AACZG,gBAAAA,UAAAA,EAAYT,EAAEO,MAAM,EAAA;AACpBa,gBAAAA,QAAAA,EAAUpB,EAAEO,MAAM,EAAA;AAClBc,gBAAAA,KAAAA,EAAOrB,EAAEO,MAAM,EAAA;AACfe,gBAAAA,QAAAA,EAAUtB,EAAEO,MAAM,EAAA;AAClBgB,gBAAAA,SAAAA,EAAWvB,EAAEwB,OAAO,EAAA;AACpBC,gBAAAA,OAAAA,EAASzB,EAAEwB,OAAO,EAAA;gBAClBE,IAAAA,EAAM1B,CAAAA,CACHK,KAAK,CAAC;AACLL,oBAAAA,CAAAA,CAAEM,MAAM,EAAA;AACRN,oBAAAA,CAAAA,CAAEG,MAAM,CAAC;AACPC,wBAAAA,EAAAA,EAAIJ,EAAEM,MAAM,EAAA;AACZqB,wBAAAA,IAAAA,EAAM3B,EAAEO,MAAM,EAAA;wBACdqB,WAAAA,EAAa5B,CAAAA,CAAEO,MAAM,EAAA,CAAGsB,QAAQ,EAAA;AAChCC,wBAAAA,IAAAA,EAAM9B,EAAEO,MAAM,EAAA;AACdwB,wBAAAA,SAAAA,EAAW/B,EAAEO,MAAM,EAAA;AACnByB,wBAAAA,SAAAA,EAAWhC,EAAEO,MAAM;AAC/B,qBAAA;AACS,iBAAA,CAAA,CACAC,QAAQ,EAAA;AACXuB,gBAAAA,SAAAA,EAAW/B,EAAEO,MAAM,EAAA;AACnByB,gBAAAA,SAAAA,EAAWhC,EAAEO,MAAM,EAAA;AACnB0B,gBAAAA,WAAAA,EAAajC,EAAEO,MAAM;AAC3B,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI2B,UAAAA,GAAa;YACf,OAAOlC,CAAAA,CAAEG,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIJ,EAAEM,MAAM,EAAA;AACZG,gBAAAA,UAAAA,EAAYT,EAAEO,MAAM,EAAA;AACpBoB,gBAAAA,IAAAA,EAAM3B,EAAEO,MAAM,EAAA;gBACdqB,WAAAA,EAAa5B,CAAAA,CAAEO,MAAM,EAAA,CAAGsB,QAAQ,EAAA;AAChCC,gBAAAA,IAAAA,EAAM9B,EAAEO,MAAM,EAAA;AACdwB,gBAAAA,SAAAA,EAAW/B,EAAEO,MAAM,EAAA;AACnByB,gBAAAA,SAAAA,EAAWhC,EAAEO,MAAM,EAAA;AACnB0B,gBAAAA,WAAAA,EAAajC,EAAEO,MAAM,EAAA;gBACrB4B,QAAAA,EAAUnC,CAAAA,CAAEM,MAAM,EAAA,CAAGE,QAAQ,EAAA;gBAC7B4B,WAAAA,EAAapC,CAAAA,CACVqC,MAAM,CACLrC,CAAAA,CAAEO,MAAM,EAAA,EACRP,CAAAA,CAAEG,MAAM,CAAC;AACPmC,oBAAAA,WAAAA,EAAatC,CAAAA,CAAEqC,MAAM,CACnBrC,CAAAA,CAAEO,MAAM,EAAA,EACRP,CAAAA,CAAEqC,MAAM,CACNrC,CAAAA,CAAEO,MAAM,EAAA,EACRP,CAAAA,CAAEG,MAAM,CAAC;AACPoC,wBAAAA,OAAAA,EAASvC,EAAEwB,OAAO,EAAA;AAClBgB,wBAAAA,MAAAA,EAAQxC,EAAEO,MAAM;AAClC,qBAAA,CAAA,CAAA;AAGA,iBAAA,CAAA,CAAA,CAESC,QAAQ,EAAA;AACXiC,gBAAAA,KAAAA,EAAOzC,EAAEe,KAAK,CAACf,CAAAA,CAAE0C,OAAO,IAAIlC,QAAQ;AAC1C,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAImC,gBAAAA,GAAmB;YACrB,OAAO3C,CAAAA,CAAEG,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIJ,EAAEM,MAAM,EAAA;AACZsC,gBAAAA,MAAAA,EAAQ5C,EAAEO,MAAM,EAAA;gBAChBmB,IAAAA,EAAM1B,CAAAA,CAAEG,MAAM,CAAC;AACbC,oBAAAA,EAAAA,EAAIJ,EAAEM,MAAM,EAAA;AACZqB,oBAAAA,IAAAA,EAAM3B,EAAEO,MAAM,EAAA;oBACdqB,WAAAA,EAAa5B,CAAAA,CAAEO,MAAM,EAAA,CAAGsB,QAAQ,EAAA;AAChCC,oBAAAA,IAAAA,EAAM9B,EAAEO,MAAM;AACtB,iBAAA,CAAA;AACMwB,gBAAAA,SAAAA,EAAW/B,EAAEO,MAAM,EAAA;AACnByB,gBAAAA,SAAAA,EAAWhC,EAAEO,MAAM;AACzB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIsC,kBAAAA,GAAqB;YACvB,OAAO7C,CAAAA,CAAEG,MAAM,CAAC;AACd2C,gBAAAA,GAAAA,EAAK9C,EAAEO,MAAM,EAAA;gBACbwC,YAAAA,EAAc/C,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;gBACjCwC,IAAAA,EAAM,IAAI,CAAC7B;AACjB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI8B,4BAAAA,GAA+B;YACjC,OAAOjD,CAAAA,CAAEG,MAAM,CAAC;gBACd6C,IAAAA,EAAM,IAAI,CAAC7B;AACjB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI+B,0BAAAA,GAA6B;YAC/B,OAAOlD,CAAAA,CAAEK,KAAK,CAAC;AAAC,gBAAA,IAAI,CAACwC,kBAAkB;AAAE,gBAAA,IAAI,CAACI;AAA6B,aAAA,CAAA;AAC/E,QAAA;AAEE,QAAA,IAAIE,4BAAAA,GAA+B;YACjC,OAAOnD,CAAAA,CAAEG,MAAM,CAAC;AACdiD,gBAAAA,EAAAA,EAAIpD,EAAEwB,OAAO;AACnB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI6B,mCAAAA,GAAsC;YACxC,OAAOrD,CAAAA,CAAEG,MAAM,CAAC;AACdkB,gBAAAA,KAAAA,EAAOrB,EAAEO,MAAM,EAAA;AACf+C,gBAAAA,IAAAA,EAAMtD,EAAEwB,OAAO;AACrB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI+B,mBAAAA,GAAsB;YACxB,OAAOvD,CAAAA,CAAEG,MAAM,CAAC;AACdqD,gBAAAA,KAAAA,EAAOxD,CAAAA,CAAEe,KAAK,CAAC,IAAI,CAACmB,UAAU;AACpC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIuB,kBAAAA,GAAqB;YACvB,OAAOzD,CAAAA,CAAEG,MAAM,CAAC;gBACduB,IAAAA,EAAM,IAAI,CAACQ;AACjB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIwB,yBAAAA,GAA4B;YAC9B,OAAO1D,CAAAA,CAAEG,MAAM,CAAC;AACdiD,gBAAAA,EAAAA,EAAIpD,EAAEwB,OAAO;AACnB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAImC,yBAAAA,GAA4B;YAC9B,OAAO3D,CAAAA,CAAEG,MAAM,CAAC;gBACdiC,WAAAA,EAAapC,CAAAA,CAAEqC,MAAM,CACnBrC,CAAAA,CAAEO,MAAM,EAAA,EACRP,CAAAA,CAAEG,MAAM,CAAC;AACPmC,oBAAAA,WAAAA,EAAatC,CAAAA,CAAEqC,MAAM,CACnBrC,CAAAA,CAAEO,MAAM,EAAA,EACRP,CAAAA,CAAEqC,MAAM,CACNrC,CAAAA,CAAEO,MAAM,EAAA,EACRP,CAAAA,CAAEG,MAAM,CAAC;AACPoC,wBAAAA,OAAAA,EAASvC,EAAEwB,OAAO,EAAA;AAClBgB,wBAAAA,MAAAA,EAAQxC,EAAEO,MAAM;AAChC,qBAAA,CAAA,CAAA;AAGA,iBAAA,CAAA;AAEA,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIqD,eAAAA,GAAkB;YACpB,OAAO5D,CAAAA,CAAEG,MAAM,CAAC;AACd0D,gBAAAA,UAAAA,EAAY7D,EAAEO,MAAM,EAAA;AACpBuD,gBAAAA,QAAAA,EAAU9D,EAAEO,MAAM;AACxB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIwD,kBAAAA,GAAqB;YACvB,OAAO/D,CAAAA,CAAEG,MAAM,CAAC;AACdiB,gBAAAA,QAAAA,EAAUpB,EAAEO,MAAM,EAAA;AAClBc,gBAAAA,KAAAA,EAAOrB,EAAEqB,KAAK,EAAA;AACdyC,gBAAAA,QAAAA,EAAU9D,EAAEO,MAAM;AACxB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIyD,wBAAAA,GAA2B;YAC7B,OAAOhE,CAAAA,CAAEG,MAAM,CAAC;AACdkB,gBAAAA,KAAAA,EAAOrB,EAAEqB,KAAK;AACpB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI4C,uBAAAA,GAA0B;YAC5B,OAAOjE,CAAAA,CAAEG,MAAM,CAAC;AACd+D,gBAAAA,IAAAA,EAAMlE,EAAEO,MAAM,EAAA;AACduD,gBAAAA,QAAAA,EAAU9D,EAAEO,MAAM,EAAA;AAClB4D,gBAAAA,oBAAAA,EAAsBnE,EAAEO,MAAM;AACpC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI6D,wBAAAA,GAA2B;YAC7B,OAAOpE,CAAAA,CAAEG,MAAM,CAAC;AACdkE,gBAAAA,eAAAA,EAAiBrE,EAAEO,MAAM,EAAA;AACzBuD,gBAAAA,QAAAA,EAAU9D,EAAEO,MAAM,EAAA;AAClB4D,gBAAAA,oBAAAA,EAAsBnE,EAAEO,MAAM;AACpC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI+D,+BAAAA,GAAkC;YACpC,OAAOtE,CAAAA,CAAEG,MAAM,CAAC;AACdkB,gBAAAA,KAAAA,EAAOrB,EAAEqB,KAAK;AACpB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIkD,oBAAAA,GAAuB;YACzB,OAAOvE,CAAAA,CAAEG,MAAM,CAAC;AACdiB,gBAAAA,QAAAA,EAAUpB,EAAEO,MAAM,EAAA;AAClBc,gBAAAA,KAAAA,EAAOrB,EAAEqB,KAAK,EAAA;AACdyC,gBAAAA,QAAAA,EAAU9D,EAAEO,MAAM,EAAA;AAClBmB,gBAAAA,IAAAA,EAAMb,kBAAkBL,QAAQ;AACtC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIgE,oBAAAA,GAAuB;YACzB,OAAOxE,CAAAA,CAAEG,MAAM,CAAC;gBACdiB,QAAAA,EAAUpB,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;gBAC7Ba,KAAAA,EAAOrB,CAAAA,CAAEqB,KAAK,EAAA,CAAGb,QAAQ,EAAA;gBACzBsD,QAAAA,EAAU9D,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;AAC7BkB,gBAAAA,IAAAA,EAAMb,kBAAkBL,QAAQ;AACtC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIiE,oBAAAA,GAAuB;YACzB,OAAOzE,CAAAA,CAAEG,MAAM,CAAC;AACdwB,gBAAAA,IAAAA,EAAM3B,EAAEO,MAAM,EAAA;gBACdqB,WAAAA,EAAa5B,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;AAChCsB,gBAAAA,IAAAA,EAAM9B,EAAEO,MAAM,EAAA;gBACd6B,WAAAA,EAAapC,CAAAA,CAAEqC,MAAM,CAACrC,CAAAA,CAAEO,MAAM,EAAA,EAAIP,CAAAA,CAAE0C,OAAO,EAAA,CAAA,CAAIlC,QAAQ;AAC7D,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIkE,oBAAAA,GAAuB;YACzB,OAAO1E,CAAAA,CAAEG,MAAM,CAAC;gBACdwB,IAAAA,EAAM3B,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;gBACzBoB,WAAAA,EAAa5B,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;gBAChCsB,IAAAA,EAAM9B,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;gBACzB4B,WAAAA,EAAapC,CAAAA,CAAEqC,MAAM,CAACrC,CAAAA,CAAEO,MAAM,EAAA,EAAIP,CAAAA,CAAE0C,OAAO,EAAA,CAAA,CAAIlC,QAAQ;AAC7D,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAImE,WAAAA,GAAc;AAChB,YAAA,OAAO3E,EAAEO,MAAM,EAAA;AACnB,QAAA;AAEE,QAAA,IAAIqE,WAAAA,GAAc;AAChB,YAAA,OAAO5E,EAAEO,MAAM,EAAA;AACnB,QAAA;AAEE,QAAA,IAAIsE,aAAAA,GAAgB;AAClB,YAAA,OAAO7E,EAAEO,MAAM,EAAA;AACnB,QAAA;AA9OE,QAAA,WAAA,CAAYuE,MAAM,CAAE;YAClB,KAAK,EAAA;YACL,IAAI,CAACC,OAAO,GAAGD,MAAAA;AACnB,QAAA;AA4OA;IAEAE,UAAAA,GAAiB;AACf9D,QAAAA;AACF,KAAA;;;;;;"}
|
|
@@ -71,18 +71,20 @@ function requireJwt() {
|
|
|
71
71
|
if (!user) {
|
|
72
72
|
throw new Error('Invalid token.');
|
|
73
73
|
}
|
|
74
|
+
// Surface the sessionId so the strategy can flag the "current" session.
|
|
74
75
|
return {
|
|
75
|
-
id: user.id
|
|
76
|
+
id: user.id,
|
|
77
|
+
sessionId: result.payload.sessionId
|
|
76
78
|
};
|
|
77
79
|
}
|
|
78
80
|
return new Promise((resolve, reject)=>{
|
|
79
81
|
const jwtConfig = strapi.config.get('plugin::users-permissions.jwt', {});
|
|
80
|
-
const algorithms =
|
|
81
|
-
jwtConfig
|
|
82
|
-
]
|
|
83
|
-
jwt.verify(token, strapi.config.get('plugin::users-permissions.jwtSecret'),
|
|
82
|
+
const algorithms = [
|
|
83
|
+
jwtConfig?.algorithm || 'HS256'
|
|
84
|
+
];
|
|
85
|
+
jwt.verify(token, strapi.config.get('plugin::users-permissions.jwtSecret'), {
|
|
84
86
|
algorithms
|
|
85
|
-
}
|
|
87
|
+
}, (err, tokenPayload = {})=>{
|
|
86
88
|
if (err) {
|
|
87
89
|
return reject(new Error('Invalid token.'));
|
|
88
90
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwt.js","sources":["../../../server/services/jwt.js"],"sourcesContent":["'use strict';\n\n/**\n * Jwt.js service\n *\n * @description: A set of functions similar to controller's actions to avoid code duplication.\n */\n\nconst _ = require('lodash');\nconst jwt = require('jsonwebtoken');\n\nmodule.exports = ({ strapi }) => ({\n getToken(ctx) {\n let token;\n\n if (ctx.request && ctx.request.header && ctx.request.header.authorization) {\n const parts = ctx.request.header.authorization.split(/\\s+/);\n\n if (parts[0].toLowerCase() !== 'bearer' || parts.length !== 2) {\n return null;\n }\n\n token = parts[1];\n } else {\n return null;\n }\n\n return this.verify(token);\n },\n\n issue(payload, jwtOptions = {}) {\n const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');\n\n if (mode === 'refresh') {\n const userId = String(payload.id ?? payload.userId ?? '');\n if (!userId) {\n throw new Error('Cannot issue token: missing user id');\n }\n\n const issueRefreshToken = async () => {\n const refresh = await strapi\n .sessionManager('users-permissions')\n .generateRefreshToken(userId, undefined, { type: 'refresh' });\n\n const access = await strapi\n .sessionManager('users-permissions')\n .generateAccessToken(refresh.token);\n if ('error' in access) {\n throw new Error('Failed to generate access token');\n }\n\n return access.token;\n };\n\n return issueRefreshToken();\n }\n\n _.defaults(jwtOptions, strapi.config.get('plugin::users-permissions.jwt'));\n return jwt.sign(\n _.clone(payload.toJSON ? payload.toJSON() : payload),\n strapi.config.get('plugin::users-permissions.jwtSecret'),\n jwtOptions\n );\n },\n\n async verify(token) {\n const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');\n\n if (mode === 'refresh') {\n // Accept only access tokens minted by the SessionManager for UP\n const result = strapi.sessionManager('users-permissions').validateAccessToken(token);\n if (!result.isValid || result.payload.type !== 'access') {\n throw new Error('Invalid token.');\n }\n\n const user = await strapi.db\n .query('plugin::users-permissions.user')\n .findOne({ where: { id: Number(result.payload.userId) || result.payload.userId } });\n if (!user) {\n throw new Error('Invalid token.');\n }\n\n return { id: user.id };\n }\n\n return new Promise((resolve, reject) => {\n const jwtConfig = strapi.config.get('plugin::users-permissions.jwt', {});\n const algorithms = jwtConfig
|
|
1
|
+
{"version":3,"file":"jwt.js","sources":["../../../server/services/jwt.js"],"sourcesContent":["'use strict';\n\n/**\n * Jwt.js service\n *\n * @description: A set of functions similar to controller's actions to avoid code duplication.\n */\n\nconst _ = require('lodash');\nconst jwt = require('jsonwebtoken');\n\nmodule.exports = ({ strapi }) => ({\n getToken(ctx) {\n let token;\n\n if (ctx.request && ctx.request.header && ctx.request.header.authorization) {\n const parts = ctx.request.header.authorization.split(/\\s+/);\n\n if (parts[0].toLowerCase() !== 'bearer' || parts.length !== 2) {\n return null;\n }\n\n token = parts[1];\n } else {\n return null;\n }\n\n return this.verify(token);\n },\n\n issue(payload, jwtOptions = {}) {\n const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');\n\n if (mode === 'refresh') {\n const userId = String(payload.id ?? payload.userId ?? '');\n if (!userId) {\n throw new Error('Cannot issue token: missing user id');\n }\n\n const issueRefreshToken = async () => {\n const refresh = await strapi\n .sessionManager('users-permissions')\n .generateRefreshToken(userId, undefined, { type: 'refresh' });\n\n const access = await strapi\n .sessionManager('users-permissions')\n .generateAccessToken(refresh.token);\n if ('error' in access) {\n throw new Error('Failed to generate access token');\n }\n\n return access.token;\n };\n\n return issueRefreshToken();\n }\n\n _.defaults(jwtOptions, strapi.config.get('plugin::users-permissions.jwt'));\n return jwt.sign(\n _.clone(payload.toJSON ? payload.toJSON() : payload),\n strapi.config.get('plugin::users-permissions.jwtSecret'),\n jwtOptions\n );\n },\n\n async verify(token) {\n const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');\n\n if (mode === 'refresh') {\n // Accept only access tokens minted by the SessionManager for UP\n const result = strapi.sessionManager('users-permissions').validateAccessToken(token);\n if (!result.isValid || result.payload.type !== 'access') {\n throw new Error('Invalid token.');\n }\n\n const user = await strapi.db\n .query('plugin::users-permissions.user')\n .findOne({ where: { id: Number(result.payload.userId) || result.payload.userId } });\n if (!user) {\n throw new Error('Invalid token.');\n }\n\n // Surface the sessionId so the strategy can flag the \"current\" session.\n return { id: user.id, sessionId: result.payload.sessionId };\n }\n\n return new Promise((resolve, reject) => {\n const jwtConfig = strapi.config.get('plugin::users-permissions.jwt', {});\n const algorithms = [jwtConfig?.algorithm || 'HS256'];\n\n jwt.verify(\n token,\n strapi.config.get('plugin::users-permissions.jwtSecret'),\n { algorithms },\n (err, tokenPayload = {}) => {\n if (err) {\n return reject(new Error('Invalid token.'));\n }\n resolve(tokenPayload);\n }\n );\n });\n },\n});\n"],"names":["_","require$$0","jwt","require$$1","jwt_1","strapi","getToken","ctx","token","request","header","authorization","parts","split","toLowerCase","length","verify","issue","payload","jwtOptions","mode","config","get","userId","String","id","Error","issueRefreshToken","refresh","sessionManager","generateRefreshToken","undefined","type","access","generateAccessToken","defaults","sign","clone","toJSON","result","validateAccessToken","isValid","user","db","query","findOne","where","Number","sessionId","Promise","resolve","reject","jwtConfig","algorithms","algorithm","err","tokenPayload"],"mappings":";;;;;;;;;;;;;;;AAEA;;;;AAIA,KAEA,MAAMA,CAAAA,GAAIC,2BAAAA;AACV,IAAA,MAAMC,GAAAA,GAAMC,2BAAAA;AAEZC,IAAAA,KAAAA,GAAiB,CAAC,EAAEC,MAAM,EAAE,IAAM;AAChCC,YAAAA,QAAAA,CAAAA,CAASC,GAAG,EAAA;gBACV,IAAIC,KAAAA;AAEJ,gBAAA,IAAID,GAAAA,CAAIE,OAAO,IAAIF,GAAAA,CAAIE,OAAO,CAACC,MAAM,IAAIH,GAAAA,CAAIE,OAAO,CAACC,MAAM,CAACC,aAAa,EAAE;oBACzE,MAAMC,KAAAA,GAAQL,IAAIE,OAAO,CAACC,MAAM,CAACC,aAAa,CAACE,KAAK,CAAC,KAAA,CAAA;oBAErD,IAAID,KAAK,CAAC,CAAA,CAAE,CAACE,WAAW,OAAO,QAAA,IAAYF,KAAAA,CAAMG,MAAM,KAAK,CAAA,EAAG;wBAC7D,OAAO,IAAA;AACf,oBAAA;oBAEMP,KAAAA,GAAQI,KAAK,CAAC,CAAA,CAAE;gBACtB,CAAA,MAAW;oBACL,OAAO,IAAA;AACb,gBAAA;gBAEI,OAAO,IAAI,CAACI,MAAM,CAACR,KAAAA,CAAAA;AACvB,YAAA,CAAA;AAEES,YAAAA,KAAAA,CAAAA,CAAMC,OAAO,EAAEC,UAAAA,GAAa,EAAE,EAAA;AAC5B,gBAAA,MAAMC,OAAOf,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,yCAAA,EAA2C,gBAAA,CAAA;AAE1E,gBAAA,IAAIF,SAAS,SAAA,EAAW;AACtB,oBAAA,MAAMG,SAASC,MAAAA,CAAON,OAAAA,CAAQO,EAAE,IAAIP,OAAAA,CAAQK,MAAM,IAAI,EAAA,CAAA;AACtD,oBAAA,IAAI,CAACA,MAAAA,EAAQ;AACX,wBAAA,MAAM,IAAIG,KAAAA,CAAM,qCAAA,CAAA;AACxB,oBAAA;AAEM,oBAAA,MAAMC,iBAAAA,GAAoB,UAAA;wBACxB,MAAMC,OAAAA,GAAU,MAAMvB,MAAAA,CACnBwB,cAAc,CAAC,mBAAA,CAAA,CACfC,oBAAoB,CAACP,MAAAA,EAAQQ,SAAAA,EAAW;4BAAEC,IAAAA,EAAM;AAAS,yBAAA,CAAA;wBAE5D,MAAMC,MAAAA,GAAS,MAAM5B,MAAAA,CAClBwB,cAAc,CAAC,mBAAA,CAAA,CACfK,mBAAmB,CAACN,OAAAA,CAAQpB,KAAK,CAAA;AACpC,wBAAA,IAAI,WAAWyB,MAAAA,EAAQ;AACrB,4BAAA,MAAM,IAAIP,KAAAA,CAAM,iCAAA,CAAA;AAC1B,wBAAA;AAEQ,wBAAA,OAAOO,OAAOzB,KAAK;AAC3B,oBAAA,CAAA;oBAEM,OAAOmB,iBAAAA,EAAAA;AACb,gBAAA;AAEI3B,gBAAAA,CAAAA,CAAEmC,QAAQ,CAAChB,UAAAA,EAAYd,OAAOgB,MAAM,CAACC,GAAG,CAAC,+BAAA,CAAA,CAAA;AACzC,gBAAA,OAAOpB,IAAIkC,IAAI,CACbpC,EAAEqC,KAAK,CAACnB,QAAQoB,MAAM,GAAGpB,OAAAA,CAAQoB,MAAM,KAAKpB,OAAAA,CAAAA,EAC5Cb,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,qCAAA,CAAA,EAClBH,UAAAA,CAAAA;AAEN,YAAA,CAAA;AAEE,YAAA,MAAMH,QAAOR,KAAK,EAAA;AAChB,gBAAA,MAAMY,OAAOf,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,yCAAA,EAA2C,gBAAA,CAAA;AAE1E,gBAAA,IAAIF,SAAS,SAAA,EAAW;;AAEtB,oBAAA,MAAMmB,SAASlC,MAAAA,CAAOwB,cAAc,CAAC,mBAAA,CAAA,CAAqBW,mBAAmB,CAAChC,KAAAA,CAAAA;oBAC9E,IAAI,CAAC+B,OAAOE,OAAO,IAAIF,OAAOrB,OAAO,CAACc,IAAI,KAAK,QAAA,EAAU;AACvD,wBAAA,MAAM,IAAIN,KAAAA,CAAM,gBAAA,CAAA;AACxB,oBAAA;oBAEM,MAAMgB,IAAAA,GAAO,MAAMrC,MAAAA,CAAOsC,EAAE,CACzBC,KAAK,CAAC,gCAAA,CAAA,CACNC,OAAO,CAAC;wBAAEC,KAAAA,EAAO;4BAAErB,EAAAA,EAAIsB,MAAAA,CAAOR,OAAOrB,OAAO,CAACK,MAAM,CAAA,IAAKgB,MAAAA,CAAOrB,OAAO,CAACK;AAAM;AAAE,qBAAA,CAAA;AAClF,oBAAA,IAAI,CAACmB,IAAAA,EAAM;AACT,wBAAA,MAAM,IAAIhB,KAAAA,CAAM,gBAAA,CAAA;AACxB,oBAAA;;oBAGM,OAAO;AAAED,wBAAAA,EAAAA,EAAIiB,KAAKjB,EAAE;wBAAEuB,SAAAA,EAAWT,MAAAA,CAAOrB,OAAO,CAAC8B;;AACtD,gBAAA;gBAEI,OAAO,IAAIC,OAAAA,CAAQ,CAACC,OAAAA,EAASC,MAAAA,GAAAA;AAC3B,oBAAA,MAAMC,YAAY/C,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,iCAAiC,EAAA,CAAA;AACrE,oBAAA,MAAM+B,UAAAA,GAAa;AAACD,wBAAAA,SAAAA,EAAWE,SAAAA,IAAa;AAAQ,qBAAA;oBAEpDpD,GAAAA,CAAIc,MAAM,CACRR,KAAAA,EACAH,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,qCAAA,CAAA,EAClB;AAAE+B,wBAAAA;AAAU,qBAAA,EACZ,CAACE,GAAAA,EAAKC,YAAAA,GAAe,EAAE,GAAA;AACrB,wBAAA,IAAID,GAAAA,EAAK;4BACP,OAAOJ,MAAAA,CAAO,IAAIzB,KAAAA,CAAM,gBAAA,CAAA,CAAA;AACpC,wBAAA;wBACUwB,OAAAA,CAAQM,YAAAA,CAAAA;AAClB,oBAAA,CAAA,CAAA;AAEA,gBAAA,CAAA,CAAA;AACA,YAAA;SACA,CAAA;;;;;;"}
|
|
@@ -64,18 +64,20 @@ function requireJwt() {
|
|
|
64
64
|
if (!user) {
|
|
65
65
|
throw new Error('Invalid token.');
|
|
66
66
|
}
|
|
67
|
+
// Surface the sessionId so the strategy can flag the "current" session.
|
|
67
68
|
return {
|
|
68
|
-
id: user.id
|
|
69
|
+
id: user.id,
|
|
70
|
+
sessionId: result.payload.sessionId
|
|
69
71
|
};
|
|
70
72
|
}
|
|
71
73
|
return new Promise((resolve, reject)=>{
|
|
72
74
|
const jwtConfig = strapi.config.get('plugin::users-permissions.jwt', {});
|
|
73
|
-
const algorithms =
|
|
74
|
-
jwtConfig
|
|
75
|
-
]
|
|
76
|
-
jwt.verify(token, strapi.config.get('plugin::users-permissions.jwtSecret'),
|
|
75
|
+
const algorithms = [
|
|
76
|
+
jwtConfig?.algorithm || 'HS256'
|
|
77
|
+
];
|
|
78
|
+
jwt.verify(token, strapi.config.get('plugin::users-permissions.jwtSecret'), {
|
|
77
79
|
algorithms
|
|
78
|
-
}
|
|
80
|
+
}, (err, tokenPayload = {})=>{
|
|
79
81
|
if (err) {
|
|
80
82
|
return reject(new Error('Invalid token.'));
|
|
81
83
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwt.mjs","sources":["../../../server/services/jwt.js"],"sourcesContent":["'use strict';\n\n/**\n * Jwt.js service\n *\n * @description: A set of functions similar to controller's actions to avoid code duplication.\n */\n\nconst _ = require('lodash');\nconst jwt = require('jsonwebtoken');\n\nmodule.exports = ({ strapi }) => ({\n getToken(ctx) {\n let token;\n\n if (ctx.request && ctx.request.header && ctx.request.header.authorization) {\n const parts = ctx.request.header.authorization.split(/\\s+/);\n\n if (parts[0].toLowerCase() !== 'bearer' || parts.length !== 2) {\n return null;\n }\n\n token = parts[1];\n } else {\n return null;\n }\n\n return this.verify(token);\n },\n\n issue(payload, jwtOptions = {}) {\n const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');\n\n if (mode === 'refresh') {\n const userId = String(payload.id ?? payload.userId ?? '');\n if (!userId) {\n throw new Error('Cannot issue token: missing user id');\n }\n\n const issueRefreshToken = async () => {\n const refresh = await strapi\n .sessionManager('users-permissions')\n .generateRefreshToken(userId, undefined, { type: 'refresh' });\n\n const access = await strapi\n .sessionManager('users-permissions')\n .generateAccessToken(refresh.token);\n if ('error' in access) {\n throw new Error('Failed to generate access token');\n }\n\n return access.token;\n };\n\n return issueRefreshToken();\n }\n\n _.defaults(jwtOptions, strapi.config.get('plugin::users-permissions.jwt'));\n return jwt.sign(\n _.clone(payload.toJSON ? payload.toJSON() : payload),\n strapi.config.get('plugin::users-permissions.jwtSecret'),\n jwtOptions\n );\n },\n\n async verify(token) {\n const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');\n\n if (mode === 'refresh') {\n // Accept only access tokens minted by the SessionManager for UP\n const result = strapi.sessionManager('users-permissions').validateAccessToken(token);\n if (!result.isValid || result.payload.type !== 'access') {\n throw new Error('Invalid token.');\n }\n\n const user = await strapi.db\n .query('plugin::users-permissions.user')\n .findOne({ where: { id: Number(result.payload.userId) || result.payload.userId } });\n if (!user) {\n throw new Error('Invalid token.');\n }\n\n return { id: user.id };\n }\n\n return new Promise((resolve, reject) => {\n const jwtConfig = strapi.config.get('plugin::users-permissions.jwt', {});\n const algorithms = jwtConfig
|
|
1
|
+
{"version":3,"file":"jwt.mjs","sources":["../../../server/services/jwt.js"],"sourcesContent":["'use strict';\n\n/**\n * Jwt.js service\n *\n * @description: A set of functions similar to controller's actions to avoid code duplication.\n */\n\nconst _ = require('lodash');\nconst jwt = require('jsonwebtoken');\n\nmodule.exports = ({ strapi }) => ({\n getToken(ctx) {\n let token;\n\n if (ctx.request && ctx.request.header && ctx.request.header.authorization) {\n const parts = ctx.request.header.authorization.split(/\\s+/);\n\n if (parts[0].toLowerCase() !== 'bearer' || parts.length !== 2) {\n return null;\n }\n\n token = parts[1];\n } else {\n return null;\n }\n\n return this.verify(token);\n },\n\n issue(payload, jwtOptions = {}) {\n const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');\n\n if (mode === 'refresh') {\n const userId = String(payload.id ?? payload.userId ?? '');\n if (!userId) {\n throw new Error('Cannot issue token: missing user id');\n }\n\n const issueRefreshToken = async () => {\n const refresh = await strapi\n .sessionManager('users-permissions')\n .generateRefreshToken(userId, undefined, { type: 'refresh' });\n\n const access = await strapi\n .sessionManager('users-permissions')\n .generateAccessToken(refresh.token);\n if ('error' in access) {\n throw new Error('Failed to generate access token');\n }\n\n return access.token;\n };\n\n return issueRefreshToken();\n }\n\n _.defaults(jwtOptions, strapi.config.get('plugin::users-permissions.jwt'));\n return jwt.sign(\n _.clone(payload.toJSON ? payload.toJSON() : payload),\n strapi.config.get('plugin::users-permissions.jwtSecret'),\n jwtOptions\n );\n },\n\n async verify(token) {\n const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');\n\n if (mode === 'refresh') {\n // Accept only access tokens minted by the SessionManager for UP\n const result = strapi.sessionManager('users-permissions').validateAccessToken(token);\n if (!result.isValid || result.payload.type !== 'access') {\n throw new Error('Invalid token.');\n }\n\n const user = await strapi.db\n .query('plugin::users-permissions.user')\n .findOne({ where: { id: Number(result.payload.userId) || result.payload.userId } });\n if (!user) {\n throw new Error('Invalid token.');\n }\n\n // Surface the sessionId so the strategy can flag the \"current\" session.\n return { id: user.id, sessionId: result.payload.sessionId };\n }\n\n return new Promise((resolve, reject) => {\n const jwtConfig = strapi.config.get('plugin::users-permissions.jwt', {});\n const algorithms = [jwtConfig?.algorithm || 'HS256'];\n\n jwt.verify(\n token,\n strapi.config.get('plugin::users-permissions.jwtSecret'),\n { algorithms },\n (err, tokenPayload = {}) => {\n if (err) {\n return reject(new Error('Invalid token.'));\n }\n resolve(tokenPayload);\n }\n );\n });\n },\n});\n"],"names":["_","require$$0","jwt","require$$1","jwt_1","strapi","getToken","ctx","token","request","header","authorization","parts","split","toLowerCase","length","verify","issue","payload","jwtOptions","mode","config","get","userId","String","id","Error","issueRefreshToken","refresh","sessionManager","generateRefreshToken","undefined","type","access","generateAccessToken","defaults","sign","clone","toJSON","result","validateAccessToken","isValid","user","db","query","findOne","where","Number","sessionId","Promise","resolve","reject","jwtConfig","algorithms","algorithm","err","tokenPayload"],"mappings":";;;;;;;;AAEA;;;;AAIA,KAEA,MAAMA,CAAAA,GAAIC,UAAAA;AACV,IAAA,MAAMC,GAAAA,GAAMC,UAAAA;AAEZC,IAAAA,KAAAA,GAAiB,CAAC,EAAEC,MAAM,EAAE,IAAM;AAChCC,YAAAA,QAAAA,CAAAA,CAASC,GAAG,EAAA;gBACV,IAAIC,KAAAA;AAEJ,gBAAA,IAAID,GAAAA,CAAIE,OAAO,IAAIF,GAAAA,CAAIE,OAAO,CAACC,MAAM,IAAIH,GAAAA,CAAIE,OAAO,CAACC,MAAM,CAACC,aAAa,EAAE;oBACzE,MAAMC,KAAAA,GAAQL,IAAIE,OAAO,CAACC,MAAM,CAACC,aAAa,CAACE,KAAK,CAAC,KAAA,CAAA;oBAErD,IAAID,KAAK,CAAC,CAAA,CAAE,CAACE,WAAW,OAAO,QAAA,IAAYF,KAAAA,CAAMG,MAAM,KAAK,CAAA,EAAG;wBAC7D,OAAO,IAAA;AACf,oBAAA;oBAEMP,KAAAA,GAAQI,KAAK,CAAC,CAAA,CAAE;gBACtB,CAAA,MAAW;oBACL,OAAO,IAAA;AACb,gBAAA;gBAEI,OAAO,IAAI,CAACI,MAAM,CAACR,KAAAA,CAAAA;AACvB,YAAA,CAAA;AAEES,YAAAA,KAAAA,CAAAA,CAAMC,OAAO,EAAEC,UAAAA,GAAa,EAAE,EAAA;AAC5B,gBAAA,MAAMC,OAAOf,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,yCAAA,EAA2C,gBAAA,CAAA;AAE1E,gBAAA,IAAIF,SAAS,SAAA,EAAW;AACtB,oBAAA,MAAMG,SAASC,MAAAA,CAAON,OAAAA,CAAQO,EAAE,IAAIP,OAAAA,CAAQK,MAAM,IAAI,EAAA,CAAA;AACtD,oBAAA,IAAI,CAACA,MAAAA,EAAQ;AACX,wBAAA,MAAM,IAAIG,KAAAA,CAAM,qCAAA,CAAA;AACxB,oBAAA;AAEM,oBAAA,MAAMC,iBAAAA,GAAoB,UAAA;wBACxB,MAAMC,OAAAA,GAAU,MAAMvB,MAAAA,CACnBwB,cAAc,CAAC,mBAAA,CAAA,CACfC,oBAAoB,CAACP,MAAAA,EAAQQ,SAAAA,EAAW;4BAAEC,IAAAA,EAAM;AAAS,yBAAA,CAAA;wBAE5D,MAAMC,MAAAA,GAAS,MAAM5B,MAAAA,CAClBwB,cAAc,CAAC,mBAAA,CAAA,CACfK,mBAAmB,CAACN,OAAAA,CAAQpB,KAAK,CAAA;AACpC,wBAAA,IAAI,WAAWyB,MAAAA,EAAQ;AACrB,4BAAA,MAAM,IAAIP,KAAAA,CAAM,iCAAA,CAAA;AAC1B,wBAAA;AAEQ,wBAAA,OAAOO,OAAOzB,KAAK;AAC3B,oBAAA,CAAA;oBAEM,OAAOmB,iBAAAA,EAAAA;AACb,gBAAA;AAEI3B,gBAAAA,CAAAA,CAAEmC,QAAQ,CAAChB,UAAAA,EAAYd,OAAOgB,MAAM,CAACC,GAAG,CAAC,+BAAA,CAAA,CAAA;AACzC,gBAAA,OAAOpB,IAAIkC,IAAI,CACbpC,EAAEqC,KAAK,CAACnB,QAAQoB,MAAM,GAAGpB,OAAAA,CAAQoB,MAAM,KAAKpB,OAAAA,CAAAA,EAC5Cb,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,qCAAA,CAAA,EAClBH,UAAAA,CAAAA;AAEN,YAAA,CAAA;AAEE,YAAA,MAAMH,QAAOR,KAAK,EAAA;AAChB,gBAAA,MAAMY,OAAOf,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,yCAAA,EAA2C,gBAAA,CAAA;AAE1E,gBAAA,IAAIF,SAAS,SAAA,EAAW;;AAEtB,oBAAA,MAAMmB,SAASlC,MAAAA,CAAOwB,cAAc,CAAC,mBAAA,CAAA,CAAqBW,mBAAmB,CAAChC,KAAAA,CAAAA;oBAC9E,IAAI,CAAC+B,OAAOE,OAAO,IAAIF,OAAOrB,OAAO,CAACc,IAAI,KAAK,QAAA,EAAU;AACvD,wBAAA,MAAM,IAAIN,KAAAA,CAAM,gBAAA,CAAA;AACxB,oBAAA;oBAEM,MAAMgB,IAAAA,GAAO,MAAMrC,MAAAA,CAAOsC,EAAE,CACzBC,KAAK,CAAC,gCAAA,CAAA,CACNC,OAAO,CAAC;wBAAEC,KAAAA,EAAO;4BAAErB,EAAAA,EAAIsB,MAAAA,CAAOR,OAAOrB,OAAO,CAACK,MAAM,CAAA,IAAKgB,MAAAA,CAAOrB,OAAO,CAACK;AAAM;AAAE,qBAAA,CAAA;AAClF,oBAAA,IAAI,CAACmB,IAAAA,EAAM;AACT,wBAAA,MAAM,IAAIhB,KAAAA,CAAM,gBAAA,CAAA;AACxB,oBAAA;;oBAGM,OAAO;AAAED,wBAAAA,EAAAA,EAAIiB,KAAKjB,EAAE;wBAAEuB,SAAAA,EAAWT,MAAAA,CAAOrB,OAAO,CAAC8B;;AACtD,gBAAA;gBAEI,OAAO,IAAIC,OAAAA,CAAQ,CAACC,OAAAA,EAASC,MAAAA,GAAAA;AAC3B,oBAAA,MAAMC,YAAY/C,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,iCAAiC,EAAA,CAAA;AACrE,oBAAA,MAAM+B,UAAAA,GAAa;AAACD,wBAAAA,SAAAA,EAAWE,SAAAA,IAAa;AAAQ,qBAAA;oBAEpDpD,GAAAA,CAAIc,MAAM,CACRR,KAAAA,EACAH,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,qCAAA,CAAA,EAClB;AAAE+B,wBAAAA;AAAU,qBAAA,EACZ,CAACE,GAAAA,EAAKC,YAAAA,GAAe,EAAE,GAAA;AACrB,wBAAA,IAAID,GAAAA,EAAK;4BACP,OAAOJ,MAAAA,CAAO,IAAIzB,KAAAA,CAAM,gBAAA,CAAA,CAAA;AACpC,wBAAA;wBACUwB,OAAAA,CAAQM,YAAAA,CAAAA;AAClB,oBAAA,CAAA,CAAA;AAEA,gBAAA,CAAA,CAAA;AACA,YAAA;SACA,CAAA;;;;;;"}
|
|
@@ -60,6 +60,14 @@ function requireUsersPermissions() {
|
|
|
60
60
|
action: 'plugin::users-permissions.auth.logout',
|
|
61
61
|
roleType: 'authenticated'
|
|
62
62
|
},
|
|
63
|
+
{
|
|
64
|
+
action: 'plugin::users-permissions.auth.getSessions',
|
|
65
|
+
roleType: 'authenticated'
|
|
66
|
+
},
|
|
67
|
+
{
|
|
68
|
+
action: 'plugin::users-permissions.auth.revokeSession',
|
|
69
|
+
roleType: 'authenticated'
|
|
70
|
+
},
|
|
63
71
|
{
|
|
64
72
|
action: 'plugin::users-permissions.user.me',
|
|
65
73
|
roleType: 'authenticated'
|