@strapi/plugin-users-permissions 5.49.0 → 5.50.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (64) hide show
  1. package/.eslintrc.cjs +1 -0
  2. package/admin/src/pages/AdvancedSettings/index.jsx +1 -1
  3. package/admin/src/pages/Roles/pages/ListPage/index.jsx +1 -1
  4. package/admin/src/translations/ja.json +46 -7
  5. package/dist/admin/pages/AdvancedSettings/index.js +1 -1
  6. package/dist/admin/pages/AdvancedSettings/index.js.map +1 -1
  7. package/dist/admin/pages/AdvancedSettings/index.mjs +1 -1
  8. package/dist/admin/pages/AdvancedSettings/index.mjs.map +1 -1
  9. package/dist/admin/pages/Roles/pages/ListPage/index.js +1 -1
  10. package/dist/admin/pages/Roles/pages/ListPage/index.js.map +1 -1
  11. package/dist/admin/pages/Roles/pages/ListPage/index.mjs +1 -1
  12. package/dist/admin/pages/Roles/pages/ListPage/index.mjs.map +1 -1
  13. package/dist/admin/translations/ja.json.js +46 -7
  14. package/dist/admin/translations/ja.json.js.map +1 -1
  15. package/dist/admin/translations/ja.json.mjs +46 -7
  16. package/dist/admin/translations/ja.json.mjs.map +1 -1
  17. package/dist/server/controllers/auth.js +133 -114
  18. package/dist/server/controllers/auth.js.map +1 -1
  19. package/dist/server/controllers/auth.mjs +132 -113
  20. package/dist/server/controllers/auth.mjs.map +1 -1
  21. package/dist/server/controllers/validation/auth.js +6 -6
  22. package/dist/server/controllers/validation/auth.js.map +1 -1
  23. package/dist/server/controllers/validation/auth.mjs +6 -6
  24. package/dist/server/controllers/validation/auth.mjs.map +1 -1
  25. package/dist/server/controllers/validation/user.js +16 -9
  26. package/dist/server/controllers/validation/user.js.map +1 -1
  27. package/dist/server/controllers/validation/user.mjs +16 -9
  28. package/dist/server/controllers/validation/user.mjs.map +1 -1
  29. package/dist/server/routes/content-api/auth.js +16 -0
  30. package/dist/server/routes/content-api/auth.js.map +1 -1
  31. package/dist/server/routes/content-api/auth.mjs +16 -0
  32. package/dist/server/routes/content-api/auth.mjs.map +1 -1
  33. package/dist/server/routes/content-api/validation.js +29 -2
  34. package/dist/server/routes/content-api/validation.js.map +1 -1
  35. package/dist/server/routes/content-api/validation.mjs +29 -2
  36. package/dist/server/routes/content-api/validation.mjs.map +1 -1
  37. package/dist/server/services/jwt.js +8 -6
  38. package/dist/server/services/jwt.js.map +1 -1
  39. package/dist/server/services/jwt.mjs +8 -6
  40. package/dist/server/services/jwt.mjs.map +1 -1
  41. package/dist/server/services/users-permissions.js +8 -0
  42. package/dist/server/services/users-permissions.js.map +1 -1
  43. package/dist/server/services/users-permissions.mjs +8 -0
  44. package/dist/server/services/users-permissions.mjs.map +1 -1
  45. package/dist/server/strategies/users-permissions.js +8 -1
  46. package/dist/server/strategies/users-permissions.js.map +1 -1
  47. package/dist/server/strategies/users-permissions.mjs +8 -1
  48. package/dist/server/strategies/users-permissions.mjs.map +1 -1
  49. package/dist/server/utils/refresh-cookie-options.js +27 -0
  50. package/dist/server/utils/refresh-cookie-options.js.map +1 -0
  51. package/dist/server/utils/refresh-cookie-options.mjs +25 -0
  52. package/dist/server/utils/refresh-cookie-options.mjs.map +1 -0
  53. package/lint-staged.config.mjs +1 -0
  54. package/package.json +5 -5
  55. package/rollup.config.mjs +3 -3
  56. package/server/controllers/auth.js +162 -141
  57. package/server/controllers/validation/auth.js +6 -6
  58. package/server/controllers/validation/user.js +22 -9
  59. package/server/routes/content-api/auth.js +12 -0
  60. package/server/routes/content-api/validation.js +32 -2
  61. package/server/services/jwt.js +4 -3
  62. package/server/services/users-permissions.js +2 -0
  63. package/server/strategies/users-permissions.js +6 -1
  64. package/server/utils/refresh-cookie-options.js +20 -0
@@ -1 +1 @@
1
- {"version":3,"file":"user.mjs","sources":["../../../../server/controllers/validation/user.js"],"sourcesContent":["'use strict';\n\nconst { yup, validateYupSchema } = require('@strapi/utils');\n\nconst deleteRoleSchema = yup.object().shape({\n role: yup.strapiID().required(),\n});\n\nconst createUserBodySchema = yup.object().shape({\n email: yup.string().email().required(),\n username: yup.string().min(1).required(),\n password: yup.string().min(1).required(),\n role: yup.lazy((value) =>\n typeof value === 'object'\n ? yup\n .object()\n .shape({\n connect: yup\n .array()\n .of(yup.object().shape({ id: yup.strapiID().required() }))\n .min(1, 'Users must have a role')\n .required(),\n })\n .required()\n : yup.strapiID().required()\n ),\n});\n\nconst updateUserBodySchema = yup.object().shape({\n email: yup.string().email().min(1),\n username: yup.string().min(1),\n password: yup\n .mixed()\n .test(\n 'password-validation',\n 'Password must be at least 1 character',\n function validatePassword(value) {\n if (value == null || value === '') {\n return true;\n }\n return typeof value === 'string' && value.length >= 1;\n }\n ),\n role: yup.lazy((value) =>\n typeof value === 'object'\n ? yup.object().shape({\n connect: yup\n .array()\n .of(yup.object().shape({ id: yup.strapiID().required() }))\n .required(),\n disconnect: yup\n .array()\n .test('CheckDisconnect', 'Cannot remove role', function test(disconnectValue) {\n if (value.connect.length === 0 && disconnectValue.length > 0) {\n return false;\n }\n\n return true;\n })\n .required(),\n })\n : yup.strapiID()\n ),\n});\n\nmodule.exports = {\n validateCreateUserBody: validateYupSchema(createUserBodySchema),\n validateUpdateUserBody: validateYupSchema(updateUserBodySchema),\n validateDeleteRoleBody: validateYupSchema(deleteRoleSchema),\n};\n"],"names":["yup","validateYupSchema","require$$0","deleteRoleSchema","object","shape","role","strapiID","required","createUserBodySchema","email","string","username","min","password","lazy","value","connect","array","of","id","updateUserBodySchema","mixed","test","validatePassword","length","disconnect","disconnectValue","user","validateCreateUserBody","validateUpdateUserBody","validateDeleteRoleBody"],"mappings":";;;;;;;AAEA,IAAA,MAAM,EAAEA,GAAG,EAAEC,iBAAiB,EAAE,GAAGC,UAAAA;AAEnC,IAAA,MAAMC,gBAAAA,GAAmBH,GAAAA,CAAII,MAAM,EAAA,CAAGC,KAAK,CAAC;QAC1CC,IAAAA,EAAMN,GAAAA,CAAIO,QAAQ,EAAA,CAAGC,QAAQ;AAC/B,KAAA,CAAA;AAEA,IAAA,MAAMC,oBAAAA,GAAuBT,GAAAA,CAAII,MAAM,EAAA,CAAGC,KAAK,CAAC;AAC9CK,QAAAA,KAAAA,EAAOV,GAAAA,CAAIW,MAAM,EAAA,CAAGD,KAAK,GAAGF,QAAQ,EAAA;AACpCI,QAAAA,QAAAA,EAAUZ,IAAIW,MAAM,EAAA,CAAGE,GAAG,CAAC,GAAGL,QAAQ,EAAA;AACtCM,QAAAA,QAAAA,EAAUd,IAAIW,MAAM,EAAA,CAAGE,GAAG,CAAC,GAAGL,QAAQ,EAAA;AACtCF,QAAAA,IAAAA,EAAMN,GAAAA,CAAIe,IAAI,CAAC,CAACC,KAAAA,GACd,OAAOA,KAAAA,KAAU,QAAA,GACbhB,GAAAA,CACGI,MAAM,EAAA,CACNC,KAAK,CAAC;gBACLY,OAAAA,EAASjB,GAAAA,CACNkB,KAAK,EAAA,CACLC,EAAE,CAACnB,GAAAA,CAAII,MAAM,EAAA,CAAGC,KAAK,CAAC;oBAAEe,EAAAA,EAAIpB,GAAAA,CAAIO,QAAQ,EAAA,CAAGC,QAAQ;AAAE,iBAAA,CAAA,CAAA,CACrDK,GAAG,CAAC,CAAA,EAAG,wBAAA,CAAA,CACPL,QAAQ;AACvB,aAAA,CAAA,CACWA,QAAQ,EAAA,GACXR,GAAAA,CAAIO,QAAQ,GAAGC,QAAQ,EAAA;AAE/B,KAAA,CAAA;AAEA,IAAA,MAAMa,oBAAAA,GAAuBrB,GAAAA,CAAII,MAAM,EAAA,CAAGC,KAAK,CAAC;AAC9CK,QAAAA,KAAAA,EAAOV,IAAIW,MAAM,EAAA,CAAGD,KAAK,EAAA,CAAGG,GAAG,CAAC,CAAA,CAAA;AAChCD,QAAAA,QAAAA,EAAUZ,GAAAA,CAAIW,MAAM,EAAA,CAAGE,GAAG,CAAC,CAAA,CAAA;QAC3BC,QAAAA,EAAUd,GAAAA,CACPsB,KAAK,EAAA,CACLC,IAAI,CACH,qBAAA,EACA,uCAAA,EACA,SAASC,gBAAAA,CAAiBR,KAAK,EAAA;YAC7B,IAAIA,KAAAA,IAAS,IAAA,IAAQA,KAAAA,KAAU,EAAA,EAAI;gBACjC,OAAO,IAAA;AACjB,YAAA;AACQ,YAAA,OAAO,OAAOA,KAAAA,KAAU,QAAA,IAAYA,KAAAA,CAAMS,MAAM,IAAI,CAAA;AAC5D,QAAA,CAAA,CAAA;AAEEnB,QAAAA,IAAAA,EAAMN,GAAAA,CAAIe,IAAI,CAAC,CAACC,KAAAA,GACd,OAAOA,KAAAA,KAAU,QAAA,GACbhB,GAAAA,CAAII,MAAM,EAAA,CAAGC,KAAK,CAAC;gBACjBY,OAAAA,EAASjB,GAAAA,CACNkB,KAAK,EAAA,CACLC,EAAE,CAACnB,GAAAA,CAAII,MAAM,EAAA,CAAGC,KAAK,CAAC;oBAAEe,EAAAA,EAAIpB,GAAAA,CAAIO,QAAQ,EAAA,CAAGC,QAAQ;AAAE,iBAAA,CAAA,CAAA,CACrDA,QAAQ,EAAA;gBACXkB,UAAAA,EAAY1B,GAAAA,CACTkB,KAAK,EAAA,CACLK,IAAI,CAAC,iBAAA,EAAmB,oBAAA,EAAsB,SAASA,IAAAA,CAAKI,eAAe,EAAA;oBAC1E,IAAIX,KAAAA,CAAMC,OAAO,CAACQ,MAAM,KAAK,CAAA,IAAKE,eAAAA,CAAgBF,MAAM,GAAG,CAAA,EAAG;wBAC5D,OAAO,KAAA;AACvB,oBAAA;oBAEc,OAAO,IAAA;AACrB,gBAAA,CAAA,CAAA,CACajB,QAAQ;AACrB,aAAA,CAAA,GACQR,IAAIO,QAAQ,EAAA;AAEpB,KAAA,CAAA;IAEAqB,IAAAA,GAAiB;AACfC,QAAAA,sBAAAA,EAAwB5B,iBAAAA,CAAkBQ,oBAAAA,CAAAA;AAC1CqB,QAAAA,sBAAAA,EAAwB7B,iBAAAA,CAAkBoB,oBAAAA,CAAAA;AAC1CU,QAAAA,sBAAAA,EAAwB9B,iBAAAA,CAAkBE,gBAAAA;AAC5C,KAAA;;;;;;"}
1
+ {"version":3,"file":"user.mjs","sources":["../../../../server/controllers/validation/user.js"],"sourcesContent":["'use strict';\n\nconst { yup, validateYupSchema } = require('@strapi/utils');\n\nconst deleteRoleSchema = yup.object().shape({\n role: yup.strapiID().required(),\n});\n\n// A role relation entry may be referenced by numeric `id` (legacy) or by\n// `documentId` (the v5 default), but must carry at least one of them.\nconst roleRelationEntrySchema = yup\n .object()\n .shape({ id: yup.strapiID(), documentId: yup.strapiID() })\n .test(\n 'id-or-documentId',\n 'Relation entry must include an id or documentId',\n (entry) => !!entry && (entry.id != null || entry.documentId != null)\n );\n\nconst createUserBodySchema = yup.object().shape({\n email: yup.string().email().required(),\n username: yup.string().min(1).required(),\n password: yup.string().min(1).required(),\n role: yup.lazy((value) =>\n typeof value === 'object'\n ? yup\n .object()\n .shape({\n connect: yup\n .array()\n .of(roleRelationEntrySchema)\n .min(1, 'Users must have a role')\n .required(),\n })\n .required()\n : yup.strapiID().required()\n ),\n});\n\nconst updateUserBodySchema = yup.object().shape({\n email: yup.string().email().min(1),\n username: yup.string().min(1),\n password: yup\n .mixed()\n .test(\n 'password-validation',\n 'Password must be at least 1 character',\n function validatePassword(value) {\n if (value == null || value === '') {\n return true;\n }\n return typeof value === 'string' && value.length >= 1;\n }\n ),\n role: yup.lazy((value) =>\n typeof value === 'object'\n ? yup.object().shape({\n // connect/disconnect are each optional (matching core relation inputs),\n // but a role must remain: reject disconnecting every role without\n // connecting a replacement.\n connect: yup.array().of(roleRelationEntrySchema),\n disconnect: yup\n .array()\n .of(roleRelationEntrySchema)\n .test('CheckDisconnect', 'Cannot remove role', function test(disconnect) {\n const connectValue = value.connect || [];\n const disconnectValue = disconnect || [];\n if (connectValue.length === 0 && disconnectValue.length > 0) {\n return false;\n }\n\n return true;\n }),\n })\n : yup.strapiID()\n ),\n});\n\nmodule.exports = {\n validateCreateUserBody: validateYupSchema(createUserBodySchema),\n validateUpdateUserBody: validateYupSchema(updateUserBodySchema),\n validateDeleteRoleBody: validateYupSchema(deleteRoleSchema),\n};\n"],"names":["yup","validateYupSchema","require$$0","deleteRoleSchema","object","shape","role","strapiID","required","roleRelationEntrySchema","id","documentId","test","entry","createUserBodySchema","email","string","username","min","password","lazy","value","connect","array","of","updateUserBodySchema","mixed","validatePassword","length","disconnect","connectValue","disconnectValue","user","validateCreateUserBody","validateUpdateUserBody","validateDeleteRoleBody"],"mappings":";;;;;;;AAEA,IAAA,MAAM,EAAEA,GAAG,EAAEC,iBAAiB,EAAE,GAAGC,UAAAA;AAEnC,IAAA,MAAMC,gBAAAA,GAAmBH,GAAAA,CAAII,MAAM,EAAA,CAAGC,KAAK,CAAC;QAC1CC,IAAAA,EAAMN,GAAAA,CAAIO,QAAQ,EAAA,CAAGC,QAAQ;AAC/B,KAAA,CAAA;;;AAIA,IAAA,MAAMC,uBAAAA,GAA0BT,GAAAA,CAC7BI,MAAM,EAAA,CACNC,KAAK,CAAC;AAAEK,QAAAA,EAAAA,EAAIV,IAAIO,QAAQ,EAAA;AAAII,QAAAA,UAAAA,EAAYX,IAAIO,QAAQ;OACpDK,IAAI,CACH,kBAAA,EACA,iDAAA,EACA,CAACC,QAAU,CAAC,CAACA,KAAAA,KAAUA,MAAMH,EAAE,IAAI,QAAQG,KAAAA,CAAMF,UAAU,IAAI;AAGnE,IAAA,MAAMG,oBAAAA,GAAuBd,GAAAA,CAAII,MAAM,EAAA,CAAGC,KAAK,CAAC;AAC9CU,QAAAA,KAAAA,EAAOf,GAAAA,CAAIgB,MAAM,EAAA,CAAGD,KAAK,GAAGP,QAAQ,EAAA;AACpCS,QAAAA,QAAAA,EAAUjB,IAAIgB,MAAM,EAAA,CAAGE,GAAG,CAAC,GAAGV,QAAQ,EAAA;AACtCW,QAAAA,QAAAA,EAAUnB,IAAIgB,MAAM,EAAA,CAAGE,GAAG,CAAC,GAAGV,QAAQ,EAAA;AACtCF,QAAAA,IAAAA,EAAMN,GAAAA,CAAIoB,IAAI,CAAC,CAACC,KAAAA,GACd,OAAOA,KAAAA,KAAU,QAAA,GACbrB,GAAAA,CACGI,MAAM,EAAA,CACNC,KAAK,CAAC;gBACLiB,OAAAA,EAAStB,GAAAA,CACNuB,KAAK,EAAA,CACLC,EAAE,CAACf,yBACHS,GAAG,CAAC,CAAA,EAAG,wBAAA,CAAA,CACPV,QAAQ;AACvB,aAAA,CAAA,CACWA,QAAQ,EAAA,GACXR,GAAAA,CAAIO,QAAQ,GAAGC,QAAQ,EAAA;AAE/B,KAAA,CAAA;AAEA,IAAA,MAAMiB,oBAAAA,GAAuBzB,GAAAA,CAAII,MAAM,EAAA,CAAGC,KAAK,CAAC;AAC9CU,QAAAA,KAAAA,EAAOf,IAAIgB,MAAM,EAAA,CAAGD,KAAK,EAAA,CAAGG,GAAG,CAAC,CAAA,CAAA;AAChCD,QAAAA,QAAAA,EAAUjB,GAAAA,CAAIgB,MAAM,EAAA,CAAGE,GAAG,CAAC,CAAA,CAAA;QAC3BC,QAAAA,EAAUnB,GAAAA,CACP0B,KAAK,EAAA,CACLd,IAAI,CACH,qBAAA,EACA,uCAAA,EACA,SAASe,gBAAAA,CAAiBN,KAAK,EAAA;YAC7B,IAAIA,KAAAA,IAAS,IAAA,IAAQA,KAAAA,KAAU,EAAA,EAAI;gBACjC,OAAO,IAAA;AACjB,YAAA;AACQ,YAAA,OAAO,OAAOA,KAAAA,KAAU,QAAA,IAAYA,KAAAA,CAAMO,MAAM,IAAI,CAAA;AAC5D,QAAA,CAAA,CAAA;AAEEtB,QAAAA,IAAAA,EAAMN,GAAAA,CAAIoB,IAAI,CAAC,CAACC,KAAAA,GACd,OAAOA,KAAAA,KAAU,QAAA,GACbrB,GAAAA,CAAII,MAAM,EAAA,CAAGC,KAAK,CAAC;;;;AAIjBiB,gBAAAA,OAAAA,EAAStB,GAAAA,CAAIuB,KAAK,EAAA,CAAGC,EAAE,CAACf,uBAAAA,CAAAA;AACxBoB,gBAAAA,UAAAA,EAAY7B,GAAAA,CACTuB,KAAK,EAAA,CACLC,EAAE,CAACf,uBAAAA,CAAAA,CACHG,IAAI,CAAC,iBAAA,EAAmB,oBAAA,EAAsB,SAASA,IAAAA,CAAKiB,UAAU,EAAA;AACrE,oBAAA,MAAMC,YAAAA,GAAeT,KAAAA,CAAMC,OAAO,IAAI,EAAE;oBACxC,MAAMS,eAAAA,GAAkBF,cAAc,EAAE;AACxC,oBAAA,IAAIC,aAAaF,MAAM,KAAK,KAAKG,eAAAA,CAAgBH,MAAM,GAAG,CAAA,EAAG;wBAC3D,OAAO,KAAA;AACvB,oBAAA;oBAEc,OAAO,IAAA;AACrB,gBAAA,CAAA;AACA,aAAA,CAAA,GACQ5B,IAAIO,QAAQ,EAAA;AAEpB,KAAA,CAAA;IAEAyB,IAAAA,GAAiB;AACfC,QAAAA,sBAAAA,EAAwBhC,iBAAAA,CAAkBa,oBAAAA,CAAAA;AAC1CoB,QAAAA,sBAAAA,EAAwBjC,iBAAAA,CAAkBwB,oBAAAA,CAAAA;AAC1CU,QAAAA,sBAAAA,EAAwBlC,iBAAAA,CAAkBE,gBAAAA;AAC5C,KAAA;;;;;;"}
@@ -161,6 +161,22 @@ function requireAuth() {
161
161
  config: {
162
162
  prefix: ''
163
163
  }
164
+ },
165
+ {
166
+ method: 'GET',
167
+ path: '/auth/sessions',
168
+ handler: 'auth.getSessions',
169
+ config: {
170
+ prefix: ''
171
+ }
172
+ },
173
+ {
174
+ method: 'DELETE',
175
+ path: '/auth/sessions/:sessionId',
176
+ handler: 'auth.revokeSession',
177
+ config: {
178
+ prefix: ''
179
+ }
164
180
  }
165
181
  ];
166
182
  };
@@ -1 +1 @@
1
- {"version":3,"file":"auth.js","sources":["../../../../server/routes/content-api/auth.js"],"sourcesContent":["'use strict';\n\nconst { UsersPermissionsRouteValidator } = require('./validation');\n\nmodule.exports = (strapi) => {\n const validator = new UsersPermissionsRouteValidator(strapi);\n\n return [\n {\n method: 'GET',\n path: '/connect/(.*)',\n handler: 'auth.connect',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n },\n {\n method: 'POST',\n path: '/auth/local',\n handler: 'auth.callback',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.loginBodySchema },\n },\n response: validator.authResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/local/register',\n handler: 'auth.register',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.registerBodySchema },\n },\n response: validator.authRegisterResponseSchema,\n },\n {\n method: 'GET',\n path: '/auth/:provider/callback',\n handler: 'auth.callback',\n config: {\n prefix: '',\n },\n request: {\n params: {\n provider: validator.providerParam,\n },\n },\n response: validator.authResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/forgot-password',\n handler: 'auth.forgotPassword',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.forgotPasswordBodySchema },\n },\n response: validator.forgotPasswordResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/reset-password',\n handler: 'auth.resetPassword',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.resetPasswordBodySchema },\n },\n response: validator.authResponseSchema,\n },\n {\n method: 'GET',\n path: '/auth/email-confirmation',\n handler: 'auth.emailConfirmation',\n config: {\n prefix: '',\n },\n },\n {\n method: 'POST',\n path: '/auth/send-email-confirmation',\n handler: 'auth.sendEmailConfirmation',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.sendEmailConfirmationBodySchema },\n },\n response: validator.sendEmailConfirmationResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/change-password',\n handler: 'auth.changePassword',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.changePasswordBodySchema },\n },\n response: validator.authResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/refresh',\n handler: 'auth.refresh',\n config: { prefix: '' },\n },\n {\n method: 'POST',\n path: '/auth/logout',\n handler: 'auth.logout',\n config: { prefix: '' },\n },\n ];\n};\n"],"names":["UsersPermissionsRouteValidator","require$$0","auth","strapi","validator","method","path","handler","config","middlewares","prefix","request","body","loginBodySchema","response","authResponseSchema","registerBodySchema","authRegisterResponseSchema","params","provider","providerParam","forgotPasswordBodySchema","forgotPasswordResponseSchema","resetPasswordBodySchema","sendEmailConfirmationBodySchema","sendEmailConfirmationResponseSchema","changePasswordBodySchema"],"mappings":";;;;;;;;;IAEA,MAAM,EAAEA,8BAA8B,EAAE,GAAGC,oBAAAA,EAAAA;AAE3CC,IAAAA,IAAAA,GAAiB,CAACC,MAAAA,GAAAA;QAChB,MAAMC,SAAAA,GAAY,IAAIJ,8BAAAA,CAA+BG,MAAAA,CAAAA;QAErD,OAAO;AACL,YAAA;gBACEE,MAAAA,EAAQ,KAAA;gBACRC,IAAAA,EAAM,eAAA;gBACNC,OAAAA,EAAS,cAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB;AACA,aAAA;AACI,YAAA;gBACEL,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,aAAA;gBACNC,OAAAA,EAAS,eAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUS;AAAe;AAC7D,iBAAA;AACMC,gBAAAA,QAAAA,EAAUV,UAAUW;AAC1B,aAAA;AACI,YAAA;gBACEV,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,sBAAA;gBACNC,OAAAA,EAAS,eAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUY;AAAkB;AAChE,iBAAA;AACMF,gBAAAA,QAAAA,EAAUV,UAAUa;AAC1B,aAAA;AACI,YAAA;gBACEZ,MAAAA,EAAQ,KAAA;gBACRC,IAAAA,EAAM,0BAAA;gBACNC,OAAAA,EAAS,eAAA;gBACTC,MAAAA,EAAQ;oBACNE,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPO,MAAAA,EAAQ;AACNC,wBAAAA,QAAAA,EAAUf,UAAUgB;AAC9B;AACA,iBAAA;AACMN,gBAAAA,QAAAA,EAAUV,UAAUW;AAC1B,aAAA;AACI,YAAA;gBACEV,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,uBAAA;gBACNC,OAAAA,EAAS,qBAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUiB;AAAwB;AACtE,iBAAA;AACMP,gBAAAA,QAAAA,EAAUV,UAAUkB;AAC1B,aAAA;AACI,YAAA;gBACEjB,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,sBAAA;gBACNC,OAAAA,EAAS,oBAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUmB;AAAuB;AACrE,iBAAA;AACMT,gBAAAA,QAAAA,EAAUV,UAAUW;AAC1B,aAAA;AACI,YAAA;gBACEV,MAAAA,EAAQ,KAAA;gBACRC,IAAAA,EAAM,0BAAA;gBACNC,OAAAA,EAAS,wBAAA;gBACTC,MAAAA,EAAQ;oBACNE,MAAAA,EAAQ;AAChB;AACA,aAAA;AACI,YAAA;gBACEL,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,+BAAA;gBACNC,OAAAA,EAAS,4BAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUoB;AAA+B;AAC7E,iBAAA;AACMV,gBAAAA,QAAAA,EAAUV,UAAUqB;AAC1B,aAAA;AACI,YAAA;gBACEpB,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,uBAAA;gBACNC,OAAAA,EAAS,qBAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUsB;AAAwB;AACtE,iBAAA;AACMZ,gBAAAA,QAAAA,EAAUV,UAAUW;AAC1B,aAAA;AACI,YAAA;gBACEV,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,eAAA;gBACNC,OAAAA,EAAS,cAAA;gBACTC,MAAAA,EAAQ;oBAAEE,MAAAA,EAAQ;AAAE;AAC1B,aAAA;AACI,YAAA;gBACEL,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,cAAA;gBACNC,OAAAA,EAAS,aAAA;gBACTC,MAAAA,EAAQ;oBAAEE,MAAAA,EAAQ;AAAE;AAC1B;AACG,SAAA;AACH,IAAA,CAAA;;;;;;"}
1
+ {"version":3,"file":"auth.js","sources":["../../../../server/routes/content-api/auth.js"],"sourcesContent":["'use strict';\n\nconst { UsersPermissionsRouteValidator } = require('./validation');\n\nmodule.exports = (strapi) => {\n const validator = new UsersPermissionsRouteValidator(strapi);\n\n return [\n {\n method: 'GET',\n path: '/connect/(.*)',\n handler: 'auth.connect',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n },\n {\n method: 'POST',\n path: '/auth/local',\n handler: 'auth.callback',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.loginBodySchema },\n },\n response: validator.authResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/local/register',\n handler: 'auth.register',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.registerBodySchema },\n },\n response: validator.authRegisterResponseSchema,\n },\n {\n method: 'GET',\n path: '/auth/:provider/callback',\n handler: 'auth.callback',\n config: {\n prefix: '',\n },\n request: {\n params: {\n provider: validator.providerParam,\n },\n },\n response: validator.authResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/forgot-password',\n handler: 'auth.forgotPassword',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.forgotPasswordBodySchema },\n },\n response: validator.forgotPasswordResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/reset-password',\n handler: 'auth.resetPassword',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.resetPasswordBodySchema },\n },\n response: validator.authResponseSchema,\n },\n {\n method: 'GET',\n path: '/auth/email-confirmation',\n handler: 'auth.emailConfirmation',\n config: {\n prefix: '',\n },\n },\n {\n method: 'POST',\n path: '/auth/send-email-confirmation',\n handler: 'auth.sendEmailConfirmation',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.sendEmailConfirmationBodySchema },\n },\n response: validator.sendEmailConfirmationResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/change-password',\n handler: 'auth.changePassword',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.changePasswordBodySchema },\n },\n response: validator.authResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/refresh',\n handler: 'auth.refresh',\n config: { prefix: '' },\n },\n {\n method: 'POST',\n path: '/auth/logout',\n handler: 'auth.logout',\n config: { prefix: '' },\n },\n {\n method: 'GET',\n path: '/auth/sessions',\n handler: 'auth.getSessions',\n config: { prefix: '' },\n },\n {\n method: 'DELETE',\n path: '/auth/sessions/:sessionId',\n handler: 'auth.revokeSession',\n config: { prefix: '' },\n },\n ];\n};\n"],"names":["UsersPermissionsRouteValidator","require$$0","auth","strapi","validator","method","path","handler","config","middlewares","prefix","request","body","loginBodySchema","response","authResponseSchema","registerBodySchema","authRegisterResponseSchema","params","provider","providerParam","forgotPasswordBodySchema","forgotPasswordResponseSchema","resetPasswordBodySchema","sendEmailConfirmationBodySchema","sendEmailConfirmationResponseSchema","changePasswordBodySchema"],"mappings":";;;;;;;;;IAEA,MAAM,EAAEA,8BAA8B,EAAE,GAAGC,oBAAAA,EAAAA;AAE3CC,IAAAA,IAAAA,GAAiB,CAACC,MAAAA,GAAAA;QAChB,MAAMC,SAAAA,GAAY,IAAIJ,8BAAAA,CAA+BG,MAAAA,CAAAA;QAErD,OAAO;AACL,YAAA;gBACEE,MAAAA,EAAQ,KAAA;gBACRC,IAAAA,EAAM,eAAA;gBACNC,OAAAA,EAAS,cAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB;AACA,aAAA;AACI,YAAA;gBACEL,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,aAAA;gBACNC,OAAAA,EAAS,eAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUS;AAAe;AAC7D,iBAAA;AACMC,gBAAAA,QAAAA,EAAUV,UAAUW;AAC1B,aAAA;AACI,YAAA;gBACEV,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,sBAAA;gBACNC,OAAAA,EAAS,eAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUY;AAAkB;AAChE,iBAAA;AACMF,gBAAAA,QAAAA,EAAUV,UAAUa;AAC1B,aAAA;AACI,YAAA;gBACEZ,MAAAA,EAAQ,KAAA;gBACRC,IAAAA,EAAM,0BAAA;gBACNC,OAAAA,EAAS,eAAA;gBACTC,MAAAA,EAAQ;oBACNE,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPO,MAAAA,EAAQ;AACNC,wBAAAA,QAAAA,EAAUf,UAAUgB;AAC9B;AACA,iBAAA;AACMN,gBAAAA,QAAAA,EAAUV,UAAUW;AAC1B,aAAA;AACI,YAAA;gBACEV,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,uBAAA;gBACNC,OAAAA,EAAS,qBAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUiB;AAAwB;AACtE,iBAAA;AACMP,gBAAAA,QAAAA,EAAUV,UAAUkB;AAC1B,aAAA;AACI,YAAA;gBACEjB,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,sBAAA;gBACNC,OAAAA,EAAS,oBAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUmB;AAAuB;AACrE,iBAAA;AACMT,gBAAAA,QAAAA,EAAUV,UAAUW;AAC1B,aAAA;AACI,YAAA;gBACEV,MAAAA,EAAQ,KAAA;gBACRC,IAAAA,EAAM,0BAAA;gBACNC,OAAAA,EAAS,wBAAA;gBACTC,MAAAA,EAAQ;oBACNE,MAAAA,EAAQ;AAChB;AACA,aAAA;AACI,YAAA;gBACEL,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,+BAAA;gBACNC,OAAAA,EAAS,4BAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUoB;AAA+B;AAC7E,iBAAA;AACMV,gBAAAA,QAAAA,EAAUV,UAAUqB;AAC1B,aAAA;AACI,YAAA;gBACEpB,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,uBAAA;gBACNC,OAAAA,EAAS,qBAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUsB;AAAwB;AACtE,iBAAA;AACMZ,gBAAAA,QAAAA,EAAUV,UAAUW;AAC1B,aAAA;AACI,YAAA;gBACEV,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,eAAA;gBACNC,OAAAA,EAAS,cAAA;gBACTC,MAAAA,EAAQ;oBAAEE,MAAAA,EAAQ;AAAE;AAC1B,aAAA;AACI,YAAA;gBACEL,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,cAAA;gBACNC,OAAAA,EAAS,aAAA;gBACTC,MAAAA,EAAQ;oBAAEE,MAAAA,EAAQ;AAAE;AAC1B,aAAA;AACI,YAAA;gBACEL,MAAAA,EAAQ,KAAA;gBACRC,IAAAA,EAAM,gBAAA;gBACNC,OAAAA,EAAS,kBAAA;gBACTC,MAAAA,EAAQ;oBAAEE,MAAAA,EAAQ;AAAE;AAC1B,aAAA;AACI,YAAA;gBACEL,MAAAA,EAAQ,QAAA;gBACRC,IAAAA,EAAM,2BAAA;gBACNC,OAAAA,EAAS,oBAAA;gBACTC,MAAAA,EAAQ;oBAAEE,MAAAA,EAAQ;AAAE;AAC1B;AACG,SAAA;AACH,IAAA,CAAA;;;;;;"}
@@ -159,6 +159,22 @@ function requireAuth() {
159
159
  config: {
160
160
  prefix: ''
161
161
  }
162
+ },
163
+ {
164
+ method: 'GET',
165
+ path: '/auth/sessions',
166
+ handler: 'auth.getSessions',
167
+ config: {
168
+ prefix: ''
169
+ }
170
+ },
171
+ {
172
+ method: 'DELETE',
173
+ path: '/auth/sessions/:sessionId',
174
+ handler: 'auth.revokeSession',
175
+ config: {
176
+ prefix: ''
177
+ }
162
178
  }
163
179
  ];
164
180
  };
@@ -1 +1 @@
1
- {"version":3,"file":"auth.mjs","sources":["../../../../server/routes/content-api/auth.js"],"sourcesContent":["'use strict';\n\nconst { UsersPermissionsRouteValidator } = require('./validation');\n\nmodule.exports = (strapi) => {\n const validator = new UsersPermissionsRouteValidator(strapi);\n\n return [\n {\n method: 'GET',\n path: '/connect/(.*)',\n handler: 'auth.connect',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n },\n {\n method: 'POST',\n path: '/auth/local',\n handler: 'auth.callback',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.loginBodySchema },\n },\n response: validator.authResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/local/register',\n handler: 'auth.register',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.registerBodySchema },\n },\n response: validator.authRegisterResponseSchema,\n },\n {\n method: 'GET',\n path: '/auth/:provider/callback',\n handler: 'auth.callback',\n config: {\n prefix: '',\n },\n request: {\n params: {\n provider: validator.providerParam,\n },\n },\n response: validator.authResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/forgot-password',\n handler: 'auth.forgotPassword',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.forgotPasswordBodySchema },\n },\n response: validator.forgotPasswordResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/reset-password',\n handler: 'auth.resetPassword',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.resetPasswordBodySchema },\n },\n response: validator.authResponseSchema,\n },\n {\n method: 'GET',\n path: '/auth/email-confirmation',\n handler: 'auth.emailConfirmation',\n config: {\n prefix: '',\n },\n },\n {\n method: 'POST',\n path: '/auth/send-email-confirmation',\n handler: 'auth.sendEmailConfirmation',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.sendEmailConfirmationBodySchema },\n },\n response: validator.sendEmailConfirmationResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/change-password',\n handler: 'auth.changePassword',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.changePasswordBodySchema },\n },\n response: validator.authResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/refresh',\n handler: 'auth.refresh',\n config: { prefix: '' },\n },\n {\n method: 'POST',\n path: '/auth/logout',\n handler: 'auth.logout',\n config: { prefix: '' },\n },\n ];\n};\n"],"names":["UsersPermissionsRouteValidator","require$$0","auth","strapi","validator","method","path","handler","config","middlewares","prefix","request","body","loginBodySchema","response","authResponseSchema","registerBodySchema","authRegisterResponseSchema","params","provider","providerParam","forgotPasswordBodySchema","forgotPasswordResponseSchema","resetPasswordBodySchema","sendEmailConfirmationBodySchema","sendEmailConfirmationResponseSchema","changePasswordBodySchema"],"mappings":";;;;;;;IAEA,MAAM,EAAEA,8BAA8B,EAAE,GAAGC,iBAAAA,EAAAA;AAE3CC,IAAAA,IAAAA,GAAiB,CAACC,MAAAA,GAAAA;QAChB,MAAMC,SAAAA,GAAY,IAAIJ,8BAAAA,CAA+BG,MAAAA,CAAAA;QAErD,OAAO;AACL,YAAA;gBACEE,MAAAA,EAAQ,KAAA;gBACRC,IAAAA,EAAM,eAAA;gBACNC,OAAAA,EAAS,cAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB;AACA,aAAA;AACI,YAAA;gBACEL,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,aAAA;gBACNC,OAAAA,EAAS,eAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUS;AAAe;AAC7D,iBAAA;AACMC,gBAAAA,QAAAA,EAAUV,UAAUW;AAC1B,aAAA;AACI,YAAA;gBACEV,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,sBAAA;gBACNC,OAAAA,EAAS,eAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUY;AAAkB;AAChE,iBAAA;AACMF,gBAAAA,QAAAA,EAAUV,UAAUa;AAC1B,aAAA;AACI,YAAA;gBACEZ,MAAAA,EAAQ,KAAA;gBACRC,IAAAA,EAAM,0BAAA;gBACNC,OAAAA,EAAS,eAAA;gBACTC,MAAAA,EAAQ;oBACNE,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPO,MAAAA,EAAQ;AACNC,wBAAAA,QAAAA,EAAUf,UAAUgB;AAC9B;AACA,iBAAA;AACMN,gBAAAA,QAAAA,EAAUV,UAAUW;AAC1B,aAAA;AACI,YAAA;gBACEV,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,uBAAA;gBACNC,OAAAA,EAAS,qBAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUiB;AAAwB;AACtE,iBAAA;AACMP,gBAAAA,QAAAA,EAAUV,UAAUkB;AAC1B,aAAA;AACI,YAAA;gBACEjB,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,sBAAA;gBACNC,OAAAA,EAAS,oBAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUmB;AAAuB;AACrE,iBAAA;AACMT,gBAAAA,QAAAA,EAAUV,UAAUW;AAC1B,aAAA;AACI,YAAA;gBACEV,MAAAA,EAAQ,KAAA;gBACRC,IAAAA,EAAM,0BAAA;gBACNC,OAAAA,EAAS,wBAAA;gBACTC,MAAAA,EAAQ;oBACNE,MAAAA,EAAQ;AAChB;AACA,aAAA;AACI,YAAA;gBACEL,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,+BAAA;gBACNC,OAAAA,EAAS,4BAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUoB;AAA+B;AAC7E,iBAAA;AACMV,gBAAAA,QAAAA,EAAUV,UAAUqB;AAC1B,aAAA;AACI,YAAA;gBACEpB,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,uBAAA;gBACNC,OAAAA,EAAS,qBAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUsB;AAAwB;AACtE,iBAAA;AACMZ,gBAAAA,QAAAA,EAAUV,UAAUW;AAC1B,aAAA;AACI,YAAA;gBACEV,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,eAAA;gBACNC,OAAAA,EAAS,cAAA;gBACTC,MAAAA,EAAQ;oBAAEE,MAAAA,EAAQ;AAAE;AAC1B,aAAA;AACI,YAAA;gBACEL,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,cAAA;gBACNC,OAAAA,EAAS,aAAA;gBACTC,MAAAA,EAAQ;oBAAEE,MAAAA,EAAQ;AAAE;AAC1B;AACG,SAAA;AACH,IAAA,CAAA;;;;;;"}
1
+ {"version":3,"file":"auth.mjs","sources":["../../../../server/routes/content-api/auth.js"],"sourcesContent":["'use strict';\n\nconst { UsersPermissionsRouteValidator } = require('./validation');\n\nmodule.exports = (strapi) => {\n const validator = new UsersPermissionsRouteValidator(strapi);\n\n return [\n {\n method: 'GET',\n path: '/connect/(.*)',\n handler: 'auth.connect',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n },\n {\n method: 'POST',\n path: '/auth/local',\n handler: 'auth.callback',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.loginBodySchema },\n },\n response: validator.authResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/local/register',\n handler: 'auth.register',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.registerBodySchema },\n },\n response: validator.authRegisterResponseSchema,\n },\n {\n method: 'GET',\n path: '/auth/:provider/callback',\n handler: 'auth.callback',\n config: {\n prefix: '',\n },\n request: {\n params: {\n provider: validator.providerParam,\n },\n },\n response: validator.authResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/forgot-password',\n handler: 'auth.forgotPassword',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.forgotPasswordBodySchema },\n },\n response: validator.forgotPasswordResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/reset-password',\n handler: 'auth.resetPassword',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.resetPasswordBodySchema },\n },\n response: validator.authResponseSchema,\n },\n {\n method: 'GET',\n path: '/auth/email-confirmation',\n handler: 'auth.emailConfirmation',\n config: {\n prefix: '',\n },\n },\n {\n method: 'POST',\n path: '/auth/send-email-confirmation',\n handler: 'auth.sendEmailConfirmation',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.sendEmailConfirmationBodySchema },\n },\n response: validator.sendEmailConfirmationResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/change-password',\n handler: 'auth.changePassword',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.changePasswordBodySchema },\n },\n response: validator.authResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/refresh',\n handler: 'auth.refresh',\n config: { prefix: '' },\n },\n {\n method: 'POST',\n path: '/auth/logout',\n handler: 'auth.logout',\n config: { prefix: '' },\n },\n {\n method: 'GET',\n path: '/auth/sessions',\n handler: 'auth.getSessions',\n config: { prefix: '' },\n },\n {\n method: 'DELETE',\n path: '/auth/sessions/:sessionId',\n handler: 'auth.revokeSession',\n config: { prefix: '' },\n },\n ];\n};\n"],"names":["UsersPermissionsRouteValidator","require$$0","auth","strapi","validator","method","path","handler","config","middlewares","prefix","request","body","loginBodySchema","response","authResponseSchema","registerBodySchema","authRegisterResponseSchema","params","provider","providerParam","forgotPasswordBodySchema","forgotPasswordResponseSchema","resetPasswordBodySchema","sendEmailConfirmationBodySchema","sendEmailConfirmationResponseSchema","changePasswordBodySchema"],"mappings":";;;;;;;IAEA,MAAM,EAAEA,8BAA8B,EAAE,GAAGC,iBAAAA,EAAAA;AAE3CC,IAAAA,IAAAA,GAAiB,CAACC,MAAAA,GAAAA;QAChB,MAAMC,SAAAA,GAAY,IAAIJ,8BAAAA,CAA+BG,MAAAA,CAAAA;QAErD,OAAO;AACL,YAAA;gBACEE,MAAAA,EAAQ,KAAA;gBACRC,IAAAA,EAAM,eAAA;gBACNC,OAAAA,EAAS,cAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB;AACA,aAAA;AACI,YAAA;gBACEL,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,aAAA;gBACNC,OAAAA,EAAS,eAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUS;AAAe;AAC7D,iBAAA;AACMC,gBAAAA,QAAAA,EAAUV,UAAUW;AAC1B,aAAA;AACI,YAAA;gBACEV,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,sBAAA;gBACNC,OAAAA,EAAS,eAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUY;AAAkB;AAChE,iBAAA;AACMF,gBAAAA,QAAAA,EAAUV,UAAUa;AAC1B,aAAA;AACI,YAAA;gBACEZ,MAAAA,EAAQ,KAAA;gBACRC,IAAAA,EAAM,0BAAA;gBACNC,OAAAA,EAAS,eAAA;gBACTC,MAAAA,EAAQ;oBACNE,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPO,MAAAA,EAAQ;AACNC,wBAAAA,QAAAA,EAAUf,UAAUgB;AAC9B;AACA,iBAAA;AACMN,gBAAAA,QAAAA,EAAUV,UAAUW;AAC1B,aAAA;AACI,YAAA;gBACEV,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,uBAAA;gBACNC,OAAAA,EAAS,qBAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUiB;AAAwB;AACtE,iBAAA;AACMP,gBAAAA,QAAAA,EAAUV,UAAUkB;AAC1B,aAAA;AACI,YAAA;gBACEjB,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,sBAAA;gBACNC,OAAAA,EAAS,oBAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUmB;AAAuB;AACrE,iBAAA;AACMT,gBAAAA,QAAAA,EAAUV,UAAUW;AAC1B,aAAA;AACI,YAAA;gBACEV,MAAAA,EAAQ,KAAA;gBACRC,IAAAA,EAAM,0BAAA;gBACNC,OAAAA,EAAS,wBAAA;gBACTC,MAAAA,EAAQ;oBACNE,MAAAA,EAAQ;AAChB;AACA,aAAA;AACI,YAAA;gBACEL,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,+BAAA;gBACNC,OAAAA,EAAS,4BAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUoB;AAA+B;AAC7E,iBAAA;AACMV,gBAAAA,QAAAA,EAAUV,UAAUqB;AAC1B,aAAA;AACI,YAAA;gBACEpB,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,uBAAA;gBACNC,OAAAA,EAAS,qBAAA;gBACTC,MAAAA,EAAQ;oBACNC,WAAAA,EAAa;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBR,UAAUsB;AAAwB;AACtE,iBAAA;AACMZ,gBAAAA,QAAAA,EAAUV,UAAUW;AAC1B,aAAA;AACI,YAAA;gBACEV,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,eAAA;gBACNC,OAAAA,EAAS,cAAA;gBACTC,MAAAA,EAAQ;oBAAEE,MAAAA,EAAQ;AAAE;AAC1B,aAAA;AACI,YAAA;gBACEL,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,cAAA;gBACNC,OAAAA,EAAS,aAAA;gBACTC,MAAAA,EAAQ;oBAAEE,MAAAA,EAAQ;AAAE;AAC1B,aAAA;AACI,YAAA;gBACEL,MAAAA,EAAQ,KAAA;gBACRC,IAAAA,EAAM,gBAAA;gBACNC,OAAAA,EAAS,kBAAA;gBACTC,MAAAA,EAAQ;oBAAEE,MAAAA,EAAQ;AAAE;AAC1B,aAAA;AACI,YAAA;gBACEL,MAAAA,EAAQ,QAAA;gBACRC,IAAAA,EAAM,2BAAA;gBACNC,OAAAA,EAAS,oBAAA;gBACTC,MAAAA,EAAQ;oBAAEE,MAAAA,EAAQ;AAAE;AAC1B;AACG,SAAA;AACH,IAAA,CAAA;;;;;;"}
@@ -15,6 +15,33 @@ function requireValidation() {
15
15
  hasRequiredValidation = 1;
16
16
  const { AbstractRouteValidator } = require$$1__default.default;
17
17
  const z = require$$1__default$1.default;
18
+ // A single role relation entry, referenced by numeric `id` (legacy) or by
19
+ // `documentId` (the v5 default), but must carry at least one of them. The
20
+ // detailed rules (min one role on create, cannot remove the last role on
21
+ // update) stay in the Yup controller validator.
22
+ const roleRelationEntry = z.object({
23
+ id: z.union([
24
+ z.number(),
25
+ z.string()
26
+ ]).optional(),
27
+ documentId: z.string().optional()
28
+ }).refine((entry)=>entry.id != null || entry.documentId != null, {
29
+ message: 'Relation entry must include an id or documentId'
30
+ });
31
+ // The `role` relation input: shorthand scalar (numeric id or documentId) or the
32
+ // longhand connect/disconnect object, matching every other v5 relation. The
33
+ // object form must carry at least one of connect/disconnect (an empty object is
34
+ // a no-op and almost certainly a mistake).
35
+ const roleRelationInput = z.union([
36
+ z.number(),
37
+ z.string(),
38
+ z.object({
39
+ connect: z.array(roleRelationEntry).optional(),
40
+ disconnect: z.array(roleRelationEntry).optional()
41
+ }).refine((input)=>input.connect != null || input.disconnect != null, {
42
+ message: 'Relation input must include connect or disconnect'
43
+ })
44
+ ]);
18
45
  class UsersPermissionsRouteValidator extends AbstractRouteValidator {
19
46
  get userSchema() {
20
47
  return z.object({
@@ -171,7 +198,7 @@ function requireValidation() {
171
198
  username: z.string(),
172
199
  email: z.email(),
173
200
  password: z.string(),
174
- role: z.number().optional()
201
+ role: roleRelationInput.optional()
175
202
  });
176
203
  }
177
204
  get updateUserBodySchema() {
@@ -179,7 +206,7 @@ function requireValidation() {
179
206
  username: z.string().optional(),
180
207
  email: z.email().optional(),
181
208
  password: z.string().optional(),
182
- role: z.number().optional()
209
+ role: roleRelationInput.optional()
183
210
  });
184
211
  }
185
212
  get createRoleBodySchema() {
@@ -1 +1 @@
1
- {"version":3,"file":"validation.js","sources":["../../../../server/routes/content-api/validation.js"],"sourcesContent":["'use strict';\n\nconst { AbstractRouteValidator } = require('@strapi/utils');\nconst z = require('zod/v4');\n\nclass UsersPermissionsRouteValidator extends AbstractRouteValidator {\n constructor(strapi) {\n super();\n this._strapi = strapi;\n }\n\n get userSchema() {\n return z.object({\n id: z.number(),\n documentId: z.string(),\n username: z.string(),\n email: z.string(),\n provider: z.string(),\n confirmed: z.boolean(),\n blocked: z.boolean(),\n role: z\n .union([\n z.number(),\n z.object({\n id: z.number(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n createdAt: z.string(),\n updatedAt: z.string(),\n }),\n ])\n .optional(),\n createdAt: z.string(),\n updatedAt: z.string(),\n publishedAt: z.string(),\n });\n }\n\n get roleSchema() {\n return z.object({\n id: z.number(),\n documentId: z.string(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n createdAt: z.string(),\n updatedAt: z.string(),\n publishedAt: z.string(),\n nb_users: z.number().optional(),\n permissions: z\n .record(\n z.string(), // plugin name\n z.object({\n controllers: z.record(\n z.string(), // controller name\n z.record(\n z.string(), // action name\n z.object({\n enabled: z.boolean(),\n policy: z.string(),\n })\n )\n ),\n })\n )\n .optional(),\n users: z.array(z.unknown()).optional(),\n });\n }\n\n get permissionSchema() {\n return z.object({\n id: z.number(),\n action: z.string(),\n role: z.object({\n id: z.number(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n }),\n createdAt: z.string(),\n updatedAt: z.string(),\n });\n }\n\n get authResponseSchema() {\n return z.object({\n jwt: z.string(),\n refreshToken: z.string().optional(),\n user: this.userSchema,\n });\n }\n\n get authResponseWithoutJwtSchema() {\n return z.object({\n user: this.userSchema,\n });\n }\n\n get authRegisterResponseSchema() {\n return z.union([this.authResponseSchema, this.authResponseWithoutJwtSchema]);\n }\n\n get forgotPasswordResponseSchema() {\n return z.object({\n ok: z.boolean(),\n });\n }\n\n get sendEmailConfirmationResponseSchema() {\n return z.object({\n email: z.string(),\n sent: z.boolean(),\n });\n }\n\n get rolesResponseSchema() {\n return z.object({\n roles: z.array(this.roleSchema),\n });\n }\n\n get roleResponseSchema() {\n return z.object({\n role: this.roleSchema,\n });\n }\n\n get roleSuccessResponseSchema() {\n return z.object({\n ok: z.boolean(),\n });\n }\n\n get permissionsResponseSchema() {\n return z.object({\n permissions: z.record(\n z.string(), // plugin name\n z.object({\n controllers: z.record(\n z.string(), // controller name\n z.record(\n z.string(), // action name\n z.object({\n enabled: z.boolean(),\n policy: z.string(),\n })\n )\n ),\n })\n ),\n });\n }\n\n get loginBodySchema() {\n return z.object({\n identifier: z.string(),\n password: z.string(),\n });\n }\n\n get registerBodySchema() {\n return z.object({\n username: z.string(),\n email: z.email(),\n password: z.string(),\n });\n }\n\n get forgotPasswordBodySchema() {\n return z.object({\n email: z.email(),\n });\n }\n\n get resetPasswordBodySchema() {\n return z.object({\n code: z.string(),\n password: z.string(),\n passwordConfirmation: z.string(),\n });\n }\n\n get changePasswordBodySchema() {\n return z.object({\n currentPassword: z.string(),\n password: z.string(),\n passwordConfirmation: z.string(),\n });\n }\n\n get sendEmailConfirmationBodySchema() {\n return z.object({\n email: z.email(),\n });\n }\n\n get createUserBodySchema() {\n return z.object({\n username: z.string(),\n email: z.email(),\n password: z.string(),\n role: z.number().optional(),\n });\n }\n\n get updateUserBodySchema() {\n return z.object({\n username: z.string().optional(),\n email: z.email().optional(),\n password: z.string().optional(),\n role: z.number().optional(),\n });\n }\n\n get createRoleBodySchema() {\n return z.object({\n name: z.string(),\n description: z.string().optional(),\n type: z.string(),\n permissions: z.record(z.string(), z.unknown()).optional(),\n });\n }\n\n get updateRoleBodySchema() {\n return z.object({\n name: z.string().optional(),\n description: z.string().optional(),\n type: z.string().optional(),\n permissions: z.record(z.string(), z.unknown()).optional(),\n });\n }\n\n get userIdParam() {\n return z.string();\n }\n\n get roleIdParam() {\n return z.string();\n }\n\n get providerParam() {\n return z.string();\n }\n}\n\nmodule.exports = {\n UsersPermissionsRouteValidator,\n};\n"],"names":["AbstractRouteValidator","require$$0","z","require$$1","UsersPermissionsRouteValidator","userSchema","object","id","number","documentId","string","username","email","provider","confirmed","boolean","blocked","role","union","name","description","nullable","type","createdAt","updatedAt","optional","publishedAt","roleSchema","nb_users","permissions","record","controllers","enabled","policy","users","array","unknown","permissionSchema","action","authResponseSchema","jwt","refreshToken","user","authResponseWithoutJwtSchema","authRegisterResponseSchema","forgotPasswordResponseSchema","ok","sendEmailConfirmationResponseSchema","sent","rolesResponseSchema","roles","roleResponseSchema","roleSuccessResponseSchema","permissionsResponseSchema","loginBodySchema","identifier","password","registerBodySchema","forgotPasswordBodySchema","resetPasswordBodySchema","code","passwordConfirmation","changePasswordBodySchema","currentPassword","sendEmailConfirmationBodySchema","createUserBodySchema","updateUserBodySchema","createRoleBodySchema","updateRoleBodySchema","userIdParam","roleIdParam","providerParam","strapi","_strapi","validation"],"mappings":";;;;;;;;;;;;;;;IAEA,MAAM,EAAEA,sBAAsB,EAAE,GAAGC,2BAAAA;AACnC,IAAA,MAAMC,CAAAA,GAAIC,6BAAAA;AAEV,IAAA,MAAMC,8BAAAA,SAAuCJ,sBAAAA,CAAAA;AAM3C,QAAA,IAAIK,UAAAA,GAAa;YACf,OAAOH,CAAAA,CAAEI,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIL,EAAEM,MAAM,EAAA;AACZC,gBAAAA,UAAAA,EAAYP,EAAEQ,MAAM,EAAA;AACpBC,gBAAAA,QAAAA,EAAUT,EAAEQ,MAAM,EAAA;AAClBE,gBAAAA,KAAAA,EAAOV,EAAEQ,MAAM,EAAA;AACfG,gBAAAA,QAAAA,EAAUX,EAAEQ,MAAM,EAAA;AAClBI,gBAAAA,SAAAA,EAAWZ,EAAEa,OAAO,EAAA;AACpBC,gBAAAA,OAAAA,EAASd,EAAEa,OAAO,EAAA;gBAClBE,IAAAA,EAAMf,CAAAA,CACHgB,KAAK,CAAC;AACLhB,oBAAAA,CAAAA,CAAEM,MAAM,EAAA;AACRN,oBAAAA,CAAAA,CAAEI,MAAM,CAAC;AACPC,wBAAAA,EAAAA,EAAIL,EAAEM,MAAM,EAAA;AACZW,wBAAAA,IAAAA,EAAMjB,EAAEQ,MAAM,EAAA;wBACdU,WAAAA,EAAalB,CAAAA,CAAEQ,MAAM,EAAA,CAAGW,QAAQ,EAAA;AAChCC,wBAAAA,IAAAA,EAAMpB,EAAEQ,MAAM,EAAA;AACda,wBAAAA,SAAAA,EAAWrB,EAAEQ,MAAM,EAAA;AACnBc,wBAAAA,SAAAA,EAAWtB,EAAEQ,MAAM;AAC/B,qBAAA;AACS,iBAAA,CAAA,CACAe,QAAQ,EAAA;AACXF,gBAAAA,SAAAA,EAAWrB,EAAEQ,MAAM,EAAA;AACnBc,gBAAAA,SAAAA,EAAWtB,EAAEQ,MAAM,EAAA;AACnBgB,gBAAAA,WAAAA,EAAaxB,EAAEQ,MAAM;AAC3B,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIiB,UAAAA,GAAa;YACf,OAAOzB,CAAAA,CAAEI,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIL,EAAEM,MAAM,EAAA;AACZC,gBAAAA,UAAAA,EAAYP,EAAEQ,MAAM,EAAA;AACpBS,gBAAAA,IAAAA,EAAMjB,EAAEQ,MAAM,EAAA;gBACdU,WAAAA,EAAalB,CAAAA,CAAEQ,MAAM,EAAA,CAAGW,QAAQ,EAAA;AAChCC,gBAAAA,IAAAA,EAAMpB,EAAEQ,MAAM,EAAA;AACda,gBAAAA,SAAAA,EAAWrB,EAAEQ,MAAM,EAAA;AACnBc,gBAAAA,SAAAA,EAAWtB,EAAEQ,MAAM,EAAA;AACnBgB,gBAAAA,WAAAA,EAAaxB,EAAEQ,MAAM,EAAA;gBACrBkB,QAAAA,EAAU1B,CAAAA,CAAEM,MAAM,EAAA,CAAGiB,QAAQ,EAAA;gBAC7BI,WAAAA,EAAa3B,CAAAA,CACV4B,MAAM,CACL5B,CAAAA,CAAEQ,MAAM,EAAA,EACRR,CAAAA,CAAEI,MAAM,CAAC;AACPyB,oBAAAA,WAAAA,EAAa7B,CAAAA,CAAE4B,MAAM,CACnB5B,CAAAA,CAAEQ,MAAM,EAAA,EACRR,CAAAA,CAAE4B,MAAM,CACN5B,CAAAA,CAAEQ,MAAM,EAAA,EACRR,CAAAA,CAAEI,MAAM,CAAC;AACP0B,wBAAAA,OAAAA,EAAS9B,EAAEa,OAAO,EAAA;AAClBkB,wBAAAA,MAAAA,EAAQ/B,EAAEQ,MAAM;AAClC,qBAAA,CAAA,CAAA;AAGA,iBAAA,CAAA,CAAA,CAESe,QAAQ,EAAA;AACXS,gBAAAA,KAAAA,EAAOhC,EAAEiC,KAAK,CAACjC,CAAAA,CAAEkC,OAAO,IAAIX,QAAQ;AAC1C,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIY,gBAAAA,GAAmB;YACrB,OAAOnC,CAAAA,CAAEI,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIL,EAAEM,MAAM,EAAA;AACZ8B,gBAAAA,MAAAA,EAAQpC,EAAEQ,MAAM,EAAA;gBAChBO,IAAAA,EAAMf,CAAAA,CAAEI,MAAM,CAAC;AACbC,oBAAAA,EAAAA,EAAIL,EAAEM,MAAM,EAAA;AACZW,oBAAAA,IAAAA,EAAMjB,EAAEQ,MAAM,EAAA;oBACdU,WAAAA,EAAalB,CAAAA,CAAEQ,MAAM,EAAA,CAAGW,QAAQ,EAAA;AAChCC,oBAAAA,IAAAA,EAAMpB,EAAEQ,MAAM;AACtB,iBAAA,CAAA;AACMa,gBAAAA,SAAAA,EAAWrB,EAAEQ,MAAM,EAAA;AACnBc,gBAAAA,SAAAA,EAAWtB,EAAEQ,MAAM;AACzB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI6B,kBAAAA,GAAqB;YACvB,OAAOrC,CAAAA,CAAEI,MAAM,CAAC;AACdkC,gBAAAA,GAAAA,EAAKtC,EAAEQ,MAAM,EAAA;gBACb+B,YAAAA,EAAcvC,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBACjCiB,IAAAA,EAAM,IAAI,CAACrC;AACjB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIsC,4BAAAA,GAA+B;YACjC,OAAOzC,CAAAA,CAAEI,MAAM,CAAC;gBACdoC,IAAAA,EAAM,IAAI,CAACrC;AACjB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIuC,0BAAAA,GAA6B;YAC/B,OAAO1C,CAAAA,CAAEgB,KAAK,CAAC;AAAC,gBAAA,IAAI,CAACqB,kBAAkB;AAAE,gBAAA,IAAI,CAACI;AAA6B,aAAA,CAAA;AAC/E,QAAA;AAEE,QAAA,IAAIE,4BAAAA,GAA+B;YACjC,OAAO3C,CAAAA,CAAEI,MAAM,CAAC;AACdwC,gBAAAA,EAAAA,EAAI5C,EAAEa,OAAO;AACnB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIgC,mCAAAA,GAAsC;YACxC,OAAO7C,CAAAA,CAAEI,MAAM,CAAC;AACdM,gBAAAA,KAAAA,EAAOV,EAAEQ,MAAM,EAAA;AACfsC,gBAAAA,IAAAA,EAAM9C,EAAEa,OAAO;AACrB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIkC,mBAAAA,GAAsB;YACxB,OAAO/C,CAAAA,CAAEI,MAAM,CAAC;AACd4C,gBAAAA,KAAAA,EAAOhD,CAAAA,CAAEiC,KAAK,CAAC,IAAI,CAACR,UAAU;AACpC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIwB,kBAAAA,GAAqB;YACvB,OAAOjD,CAAAA,CAAEI,MAAM,CAAC;gBACdW,IAAAA,EAAM,IAAI,CAACU;AACjB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIyB,yBAAAA,GAA4B;YAC9B,OAAOlD,CAAAA,CAAEI,MAAM,CAAC;AACdwC,gBAAAA,EAAAA,EAAI5C,EAAEa,OAAO;AACnB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIsC,yBAAAA,GAA4B;YAC9B,OAAOnD,CAAAA,CAAEI,MAAM,CAAC;gBACduB,WAAAA,EAAa3B,CAAAA,CAAE4B,MAAM,CACnB5B,CAAAA,CAAEQ,MAAM,EAAA,EACRR,CAAAA,CAAEI,MAAM,CAAC;AACPyB,oBAAAA,WAAAA,EAAa7B,CAAAA,CAAE4B,MAAM,CACnB5B,CAAAA,CAAEQ,MAAM,EAAA,EACRR,CAAAA,CAAE4B,MAAM,CACN5B,CAAAA,CAAEQ,MAAM,EAAA,EACRR,CAAAA,CAAEI,MAAM,CAAC;AACP0B,wBAAAA,OAAAA,EAAS9B,EAAEa,OAAO,EAAA;AAClBkB,wBAAAA,MAAAA,EAAQ/B,EAAEQ,MAAM;AAChC,qBAAA,CAAA,CAAA;AAGA,iBAAA,CAAA;AAEA,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI4C,eAAAA,GAAkB;YACpB,OAAOpD,CAAAA,CAAEI,MAAM,CAAC;AACdiD,gBAAAA,UAAAA,EAAYrD,EAAEQ,MAAM,EAAA;AACpB8C,gBAAAA,QAAAA,EAAUtD,EAAEQ,MAAM;AACxB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI+C,kBAAAA,GAAqB;YACvB,OAAOvD,CAAAA,CAAEI,MAAM,CAAC;AACdK,gBAAAA,QAAAA,EAAUT,EAAEQ,MAAM,EAAA;AAClBE,gBAAAA,KAAAA,EAAOV,EAAEU,KAAK,EAAA;AACd4C,gBAAAA,QAAAA,EAAUtD,EAAEQ,MAAM;AACxB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIgD,wBAAAA,GAA2B;YAC7B,OAAOxD,CAAAA,CAAEI,MAAM,CAAC;AACdM,gBAAAA,KAAAA,EAAOV,EAAEU,KAAK;AACpB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI+C,uBAAAA,GAA0B;YAC5B,OAAOzD,CAAAA,CAAEI,MAAM,CAAC;AACdsD,gBAAAA,IAAAA,EAAM1D,EAAEQ,MAAM,EAAA;AACd8C,gBAAAA,QAAAA,EAAUtD,EAAEQ,MAAM,EAAA;AAClBmD,gBAAAA,oBAAAA,EAAsB3D,EAAEQ,MAAM;AACpC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIoD,wBAAAA,GAA2B;YAC7B,OAAO5D,CAAAA,CAAEI,MAAM,CAAC;AACdyD,gBAAAA,eAAAA,EAAiB7D,EAAEQ,MAAM,EAAA;AACzB8C,gBAAAA,QAAAA,EAAUtD,EAAEQ,MAAM,EAAA;AAClBmD,gBAAAA,oBAAAA,EAAsB3D,EAAEQ,MAAM;AACpC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIsD,+BAAAA,GAAkC;YACpC,OAAO9D,CAAAA,CAAEI,MAAM,CAAC;AACdM,gBAAAA,KAAAA,EAAOV,EAAEU,KAAK;AACpB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIqD,oBAAAA,GAAuB;YACzB,OAAO/D,CAAAA,CAAEI,MAAM,CAAC;AACdK,gBAAAA,QAAAA,EAAUT,EAAEQ,MAAM,EAAA;AAClBE,gBAAAA,KAAAA,EAAOV,EAAEU,KAAK,EAAA;AACd4C,gBAAAA,QAAAA,EAAUtD,EAAEQ,MAAM,EAAA;gBAClBO,IAAAA,EAAMf,CAAAA,CAAEM,MAAM,EAAA,CAAGiB,QAAQ;AAC/B,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIyC,oBAAAA,GAAuB;YACzB,OAAOhE,CAAAA,CAAEI,MAAM,CAAC;gBACdK,QAAAA,EAAUT,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBAC7Bb,KAAAA,EAAOV,CAAAA,CAAEU,KAAK,EAAA,CAAGa,QAAQ,EAAA;gBACzB+B,QAAAA,EAAUtD,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBAC7BR,IAAAA,EAAMf,CAAAA,CAAEM,MAAM,EAAA,CAAGiB,QAAQ;AAC/B,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI0C,oBAAAA,GAAuB;YACzB,OAAOjE,CAAAA,CAAEI,MAAM,CAAC;AACda,gBAAAA,IAAAA,EAAMjB,EAAEQ,MAAM,EAAA;gBACdU,WAAAA,EAAalB,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;AAChCH,gBAAAA,IAAAA,EAAMpB,EAAEQ,MAAM,EAAA;gBACdmB,WAAAA,EAAa3B,CAAAA,CAAE4B,MAAM,CAAC5B,CAAAA,CAAEQ,MAAM,EAAA,EAAIR,CAAAA,CAAEkC,OAAO,EAAA,CAAA,CAAIX,QAAQ;AAC7D,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI2C,oBAAAA,GAAuB;YACzB,OAAOlE,CAAAA,CAAEI,MAAM,CAAC;gBACda,IAAAA,EAAMjB,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBACzBL,WAAAA,EAAalB,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBAChCH,IAAAA,EAAMpB,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBACzBI,WAAAA,EAAa3B,CAAAA,CAAE4B,MAAM,CAAC5B,CAAAA,CAAEQ,MAAM,EAAA,EAAIR,CAAAA,CAAEkC,OAAO,EAAA,CAAA,CAAIX,QAAQ;AAC7D,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI4C,WAAAA,GAAc;AAChB,YAAA,OAAOnE,EAAEQ,MAAM,EAAA;AACnB,QAAA;AAEE,QAAA,IAAI4D,WAAAA,GAAc;AAChB,YAAA,OAAOpE,EAAEQ,MAAM,EAAA;AACnB,QAAA;AAEE,QAAA,IAAI6D,aAAAA,GAAgB;AAClB,YAAA,OAAOrE,EAAEQ,MAAM,EAAA;AACnB,QAAA;AA9OE,QAAA,WAAA,CAAY8D,MAAM,CAAE;YAClB,KAAK,EAAA;YACL,IAAI,CAACC,OAAO,GAAGD,MAAAA;AACnB,QAAA;AA4OA;IAEAE,UAAAA,GAAiB;AACftE,QAAAA;AACF,KAAA;;;;;;"}
1
+ {"version":3,"file":"validation.js","sources":["../../../../server/routes/content-api/validation.js"],"sourcesContent":["'use strict';\n\nconst { AbstractRouteValidator } = require('@strapi/utils');\nconst z = require('zod/v4');\n\n// A single role relation entry, referenced by numeric `id` (legacy) or by\n// `documentId` (the v5 default), but must carry at least one of them. The\n// detailed rules (min one role on create, cannot remove the last role on\n// update) stay in the Yup controller validator.\nconst roleRelationEntry = z\n .object({\n id: z.union([z.number(), z.string()]).optional(),\n documentId: z.string().optional(),\n })\n .refine((entry) => entry.id != null || entry.documentId != null, {\n message: 'Relation entry must include an id or documentId',\n });\n\n// The `role` relation input: shorthand scalar (numeric id or documentId) or the\n// longhand connect/disconnect object, matching every other v5 relation. The\n// object form must carry at least one of connect/disconnect (an empty object is\n// a no-op and almost certainly a mistake).\nconst roleRelationInput = z.union([\n z.number(),\n z.string(),\n z\n .object({\n connect: z.array(roleRelationEntry).optional(),\n disconnect: z.array(roleRelationEntry).optional(),\n })\n .refine((input) => input.connect != null || input.disconnect != null, {\n message: 'Relation input must include connect or disconnect',\n }),\n]);\n\nclass UsersPermissionsRouteValidator extends AbstractRouteValidator {\n constructor(strapi) {\n super();\n this._strapi = strapi;\n }\n\n get userSchema() {\n return z.object({\n id: z.number(),\n documentId: z.string(),\n username: z.string(),\n email: z.string(),\n provider: z.string(),\n confirmed: z.boolean(),\n blocked: z.boolean(),\n role: z\n .union([\n z.number(),\n z.object({\n id: z.number(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n createdAt: z.string(),\n updatedAt: z.string(),\n }),\n ])\n .optional(),\n createdAt: z.string(),\n updatedAt: z.string(),\n publishedAt: z.string(),\n });\n }\n\n get roleSchema() {\n return z.object({\n id: z.number(),\n documentId: z.string(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n createdAt: z.string(),\n updatedAt: z.string(),\n publishedAt: z.string(),\n nb_users: z.number().optional(),\n permissions: z\n .record(\n z.string(), // plugin name\n z.object({\n controllers: z.record(\n z.string(), // controller name\n z.record(\n z.string(), // action name\n z.object({\n enabled: z.boolean(),\n policy: z.string(),\n })\n )\n ),\n })\n )\n .optional(),\n users: z.array(z.unknown()).optional(),\n });\n }\n\n get permissionSchema() {\n return z.object({\n id: z.number(),\n action: z.string(),\n role: z.object({\n id: z.number(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n }),\n createdAt: z.string(),\n updatedAt: z.string(),\n });\n }\n\n get authResponseSchema() {\n return z.object({\n jwt: z.string(),\n refreshToken: z.string().optional(),\n user: this.userSchema,\n });\n }\n\n get authResponseWithoutJwtSchema() {\n return z.object({\n user: this.userSchema,\n });\n }\n\n get authRegisterResponseSchema() {\n return z.union([this.authResponseSchema, this.authResponseWithoutJwtSchema]);\n }\n\n get forgotPasswordResponseSchema() {\n return z.object({\n ok: z.boolean(),\n });\n }\n\n get sendEmailConfirmationResponseSchema() {\n return z.object({\n email: z.string(),\n sent: z.boolean(),\n });\n }\n\n get rolesResponseSchema() {\n return z.object({\n roles: z.array(this.roleSchema),\n });\n }\n\n get roleResponseSchema() {\n return z.object({\n role: this.roleSchema,\n });\n }\n\n get roleSuccessResponseSchema() {\n return z.object({\n ok: z.boolean(),\n });\n }\n\n get permissionsResponseSchema() {\n return z.object({\n permissions: z.record(\n z.string(), // plugin name\n z.object({\n controllers: z.record(\n z.string(), // controller name\n z.record(\n z.string(), // action name\n z.object({\n enabled: z.boolean(),\n policy: z.string(),\n })\n )\n ),\n })\n ),\n });\n }\n\n get loginBodySchema() {\n return z.object({\n identifier: z.string(),\n password: z.string(),\n });\n }\n\n get registerBodySchema() {\n return z.object({\n username: z.string(),\n email: z.email(),\n password: z.string(),\n });\n }\n\n get forgotPasswordBodySchema() {\n return z.object({\n email: z.email(),\n });\n }\n\n get resetPasswordBodySchema() {\n return z.object({\n code: z.string(),\n password: z.string(),\n passwordConfirmation: z.string(),\n });\n }\n\n get changePasswordBodySchema() {\n return z.object({\n currentPassword: z.string(),\n password: z.string(),\n passwordConfirmation: z.string(),\n });\n }\n\n get sendEmailConfirmationBodySchema() {\n return z.object({\n email: z.email(),\n });\n }\n\n get createUserBodySchema() {\n return z.object({\n username: z.string(),\n email: z.email(),\n password: z.string(),\n role: roleRelationInput.optional(),\n });\n }\n\n get updateUserBodySchema() {\n return z.object({\n username: z.string().optional(),\n email: z.email().optional(),\n password: z.string().optional(),\n role: roleRelationInput.optional(),\n });\n }\n\n get createRoleBodySchema() {\n return z.object({\n name: z.string(),\n description: z.string().optional(),\n type: z.string(),\n permissions: z.record(z.string(), z.unknown()).optional(),\n });\n }\n\n get updateRoleBodySchema() {\n return z.object({\n name: z.string().optional(),\n description: z.string().optional(),\n type: z.string().optional(),\n permissions: z.record(z.string(), z.unknown()).optional(),\n });\n }\n\n get userIdParam() {\n return z.string();\n }\n\n get roleIdParam() {\n return z.string();\n }\n\n get providerParam() {\n return z.string();\n }\n}\n\nmodule.exports = {\n UsersPermissionsRouteValidator,\n};\n"],"names":["AbstractRouteValidator","require$$0","z","require$$1","roleRelationEntry","object","id","union","number","string","optional","documentId","refine","entry","message","roleRelationInput","connect","array","disconnect","input","UsersPermissionsRouteValidator","userSchema","username","email","provider","confirmed","boolean","blocked","role","name","description","nullable","type","createdAt","updatedAt","publishedAt","roleSchema","nb_users","permissions","record","controllers","enabled","policy","users","unknown","permissionSchema","action","authResponseSchema","jwt","refreshToken","user","authResponseWithoutJwtSchema","authRegisterResponseSchema","forgotPasswordResponseSchema","ok","sendEmailConfirmationResponseSchema","sent","rolesResponseSchema","roles","roleResponseSchema","roleSuccessResponseSchema","permissionsResponseSchema","loginBodySchema","identifier","password","registerBodySchema","forgotPasswordBodySchema","resetPasswordBodySchema","code","passwordConfirmation","changePasswordBodySchema","currentPassword","sendEmailConfirmationBodySchema","createUserBodySchema","updateUserBodySchema","createRoleBodySchema","updateRoleBodySchema","userIdParam","roleIdParam","providerParam","strapi","_strapi","validation"],"mappings":";;;;;;;;;;;;;;;IAEA,MAAM,EAAEA,sBAAsB,EAAE,GAAGC,2BAAAA;AACnC,IAAA,MAAMC,CAAAA,GAAIC,6BAAAA;;;;;IAMV,MAAMC,iBAAAA,GAAoBF,CAAAA,CACvBG,MAAM,CAAC;QACNC,EAAAA,EAAIJ,CAAAA,CAAEK,KAAK,CAAC;AAACL,YAAAA,CAAAA,CAAEM,MAAM,EAAA;AAAIN,YAAAA,CAAAA,CAAEO,MAAM;AAAG,SAAA,CAAA,CAAEC,QAAQ,EAAA;QAC9CC,UAAAA,EAAYT,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ;KACnC,CAAA,CACGE,MAAM,CAAC,CAACC,KAAAA,GAAUA,KAAAA,CAAMP,EAAE,IAAI,IAAA,IAAQO,KAAAA,CAAMF,UAAU,IAAI,IAAA,EAAM;QAC/DG,OAAAA,EAAS;AACb,KAAA,CAAA;;;;;IAMA,MAAMC,iBAAAA,GAAoBb,CAAAA,CAAEK,KAAK,CAAC;AAChCL,QAAAA,CAAAA,CAAEM,MAAM,EAAA;AACRN,QAAAA,CAAAA,CAAEO,MAAM,EAAA;AACRP,QAAAA,CAAAA,CACGG,MAAM,CAAC;AACNW,YAAAA,OAAAA,EAASd,CAAAA,CAAEe,KAAK,CAACb,iBAAAA,CAAAA,CAAmBM,QAAQ,EAAA;AAC5CQ,YAAAA,UAAAA,EAAYhB,CAAAA,CAAEe,KAAK,CAACb,iBAAAA,CAAAA,CAAmBM,QAAQ;SACrD,CAAA,CACKE,MAAM,CAAC,CAACO,KAAAA,GAAUA,KAAAA,CAAMH,OAAO,IAAI,IAAA,IAAQG,KAAAA,CAAMD,UAAU,IAAI,IAAA,EAAM;YACpEJ,OAAAA,EAAS;AACf,SAAA;AACC,KAAA,CAAA;AAED,IAAA,MAAMM,8BAAAA,SAAuCpB,sBAAAA,CAAAA;AAM3C,QAAA,IAAIqB,UAAAA,GAAa;YACf,OAAOnB,CAAAA,CAAEG,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIJ,EAAEM,MAAM,EAAA;AACZG,gBAAAA,UAAAA,EAAYT,EAAEO,MAAM,EAAA;AACpBa,gBAAAA,QAAAA,EAAUpB,EAAEO,MAAM,EAAA;AAClBc,gBAAAA,KAAAA,EAAOrB,EAAEO,MAAM,EAAA;AACfe,gBAAAA,QAAAA,EAAUtB,EAAEO,MAAM,EAAA;AAClBgB,gBAAAA,SAAAA,EAAWvB,EAAEwB,OAAO,EAAA;AACpBC,gBAAAA,OAAAA,EAASzB,EAAEwB,OAAO,EAAA;gBAClBE,IAAAA,EAAM1B,CAAAA,CACHK,KAAK,CAAC;AACLL,oBAAAA,CAAAA,CAAEM,MAAM,EAAA;AACRN,oBAAAA,CAAAA,CAAEG,MAAM,CAAC;AACPC,wBAAAA,EAAAA,EAAIJ,EAAEM,MAAM,EAAA;AACZqB,wBAAAA,IAAAA,EAAM3B,EAAEO,MAAM,EAAA;wBACdqB,WAAAA,EAAa5B,CAAAA,CAAEO,MAAM,EAAA,CAAGsB,QAAQ,EAAA;AAChCC,wBAAAA,IAAAA,EAAM9B,EAAEO,MAAM,EAAA;AACdwB,wBAAAA,SAAAA,EAAW/B,EAAEO,MAAM,EAAA;AACnByB,wBAAAA,SAAAA,EAAWhC,EAAEO,MAAM;AAC/B,qBAAA;AACS,iBAAA,CAAA,CACAC,QAAQ,EAAA;AACXuB,gBAAAA,SAAAA,EAAW/B,EAAEO,MAAM,EAAA;AACnByB,gBAAAA,SAAAA,EAAWhC,EAAEO,MAAM,EAAA;AACnB0B,gBAAAA,WAAAA,EAAajC,EAAEO,MAAM;AAC3B,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI2B,UAAAA,GAAa;YACf,OAAOlC,CAAAA,CAAEG,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIJ,EAAEM,MAAM,EAAA;AACZG,gBAAAA,UAAAA,EAAYT,EAAEO,MAAM,EAAA;AACpBoB,gBAAAA,IAAAA,EAAM3B,EAAEO,MAAM,EAAA;gBACdqB,WAAAA,EAAa5B,CAAAA,CAAEO,MAAM,EAAA,CAAGsB,QAAQ,EAAA;AAChCC,gBAAAA,IAAAA,EAAM9B,EAAEO,MAAM,EAAA;AACdwB,gBAAAA,SAAAA,EAAW/B,EAAEO,MAAM,EAAA;AACnByB,gBAAAA,SAAAA,EAAWhC,EAAEO,MAAM,EAAA;AACnB0B,gBAAAA,WAAAA,EAAajC,EAAEO,MAAM,EAAA;gBACrB4B,QAAAA,EAAUnC,CAAAA,CAAEM,MAAM,EAAA,CAAGE,QAAQ,EAAA;gBAC7B4B,WAAAA,EAAapC,CAAAA,CACVqC,MAAM,CACLrC,CAAAA,CAAEO,MAAM,EAAA,EACRP,CAAAA,CAAEG,MAAM,CAAC;AACPmC,oBAAAA,WAAAA,EAAatC,CAAAA,CAAEqC,MAAM,CACnBrC,CAAAA,CAAEO,MAAM,EAAA,EACRP,CAAAA,CAAEqC,MAAM,CACNrC,CAAAA,CAAEO,MAAM,EAAA,EACRP,CAAAA,CAAEG,MAAM,CAAC;AACPoC,wBAAAA,OAAAA,EAASvC,EAAEwB,OAAO,EAAA;AAClBgB,wBAAAA,MAAAA,EAAQxC,EAAEO,MAAM;AAClC,qBAAA,CAAA,CAAA;AAGA,iBAAA,CAAA,CAAA,CAESC,QAAQ,EAAA;AACXiC,gBAAAA,KAAAA,EAAOzC,EAAEe,KAAK,CAACf,CAAAA,CAAE0C,OAAO,IAAIlC,QAAQ;AAC1C,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAImC,gBAAAA,GAAmB;YACrB,OAAO3C,CAAAA,CAAEG,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIJ,EAAEM,MAAM,EAAA;AACZsC,gBAAAA,MAAAA,EAAQ5C,EAAEO,MAAM,EAAA;gBAChBmB,IAAAA,EAAM1B,CAAAA,CAAEG,MAAM,CAAC;AACbC,oBAAAA,EAAAA,EAAIJ,EAAEM,MAAM,EAAA;AACZqB,oBAAAA,IAAAA,EAAM3B,EAAEO,MAAM,EAAA;oBACdqB,WAAAA,EAAa5B,CAAAA,CAAEO,MAAM,EAAA,CAAGsB,QAAQ,EAAA;AAChCC,oBAAAA,IAAAA,EAAM9B,EAAEO,MAAM;AACtB,iBAAA,CAAA;AACMwB,gBAAAA,SAAAA,EAAW/B,EAAEO,MAAM,EAAA;AACnByB,gBAAAA,SAAAA,EAAWhC,EAAEO,MAAM;AACzB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIsC,kBAAAA,GAAqB;YACvB,OAAO7C,CAAAA,CAAEG,MAAM,CAAC;AACd2C,gBAAAA,GAAAA,EAAK9C,EAAEO,MAAM,EAAA;gBACbwC,YAAAA,EAAc/C,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;gBACjCwC,IAAAA,EAAM,IAAI,CAAC7B;AACjB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI8B,4BAAAA,GAA+B;YACjC,OAAOjD,CAAAA,CAAEG,MAAM,CAAC;gBACd6C,IAAAA,EAAM,IAAI,CAAC7B;AACjB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI+B,0BAAAA,GAA6B;YAC/B,OAAOlD,CAAAA,CAAEK,KAAK,CAAC;AAAC,gBAAA,IAAI,CAACwC,kBAAkB;AAAE,gBAAA,IAAI,CAACI;AAA6B,aAAA,CAAA;AAC/E,QAAA;AAEE,QAAA,IAAIE,4BAAAA,GAA+B;YACjC,OAAOnD,CAAAA,CAAEG,MAAM,CAAC;AACdiD,gBAAAA,EAAAA,EAAIpD,EAAEwB,OAAO;AACnB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI6B,mCAAAA,GAAsC;YACxC,OAAOrD,CAAAA,CAAEG,MAAM,CAAC;AACdkB,gBAAAA,KAAAA,EAAOrB,EAAEO,MAAM,EAAA;AACf+C,gBAAAA,IAAAA,EAAMtD,EAAEwB,OAAO;AACrB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI+B,mBAAAA,GAAsB;YACxB,OAAOvD,CAAAA,CAAEG,MAAM,CAAC;AACdqD,gBAAAA,KAAAA,EAAOxD,CAAAA,CAAEe,KAAK,CAAC,IAAI,CAACmB,UAAU;AACpC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIuB,kBAAAA,GAAqB;YACvB,OAAOzD,CAAAA,CAAEG,MAAM,CAAC;gBACduB,IAAAA,EAAM,IAAI,CAACQ;AACjB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIwB,yBAAAA,GAA4B;YAC9B,OAAO1D,CAAAA,CAAEG,MAAM,CAAC;AACdiD,gBAAAA,EAAAA,EAAIpD,EAAEwB,OAAO;AACnB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAImC,yBAAAA,GAA4B;YAC9B,OAAO3D,CAAAA,CAAEG,MAAM,CAAC;gBACdiC,WAAAA,EAAapC,CAAAA,CAAEqC,MAAM,CACnBrC,CAAAA,CAAEO,MAAM,EAAA,EACRP,CAAAA,CAAEG,MAAM,CAAC;AACPmC,oBAAAA,WAAAA,EAAatC,CAAAA,CAAEqC,MAAM,CACnBrC,CAAAA,CAAEO,MAAM,EAAA,EACRP,CAAAA,CAAEqC,MAAM,CACNrC,CAAAA,CAAEO,MAAM,EAAA,EACRP,CAAAA,CAAEG,MAAM,CAAC;AACPoC,wBAAAA,OAAAA,EAASvC,EAAEwB,OAAO,EAAA;AAClBgB,wBAAAA,MAAAA,EAAQxC,EAAEO,MAAM;AAChC,qBAAA,CAAA,CAAA;AAGA,iBAAA,CAAA;AAEA,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIqD,eAAAA,GAAkB;YACpB,OAAO5D,CAAAA,CAAEG,MAAM,CAAC;AACd0D,gBAAAA,UAAAA,EAAY7D,EAAEO,MAAM,EAAA;AACpBuD,gBAAAA,QAAAA,EAAU9D,EAAEO,MAAM;AACxB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIwD,kBAAAA,GAAqB;YACvB,OAAO/D,CAAAA,CAAEG,MAAM,CAAC;AACdiB,gBAAAA,QAAAA,EAAUpB,EAAEO,MAAM,EAAA;AAClBc,gBAAAA,KAAAA,EAAOrB,EAAEqB,KAAK,EAAA;AACdyC,gBAAAA,QAAAA,EAAU9D,EAAEO,MAAM;AACxB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIyD,wBAAAA,GAA2B;YAC7B,OAAOhE,CAAAA,CAAEG,MAAM,CAAC;AACdkB,gBAAAA,KAAAA,EAAOrB,EAAEqB,KAAK;AACpB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI4C,uBAAAA,GAA0B;YAC5B,OAAOjE,CAAAA,CAAEG,MAAM,CAAC;AACd+D,gBAAAA,IAAAA,EAAMlE,EAAEO,MAAM,EAAA;AACduD,gBAAAA,QAAAA,EAAU9D,EAAEO,MAAM,EAAA;AAClB4D,gBAAAA,oBAAAA,EAAsBnE,EAAEO,MAAM;AACpC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI6D,wBAAAA,GAA2B;YAC7B,OAAOpE,CAAAA,CAAEG,MAAM,CAAC;AACdkE,gBAAAA,eAAAA,EAAiBrE,EAAEO,MAAM,EAAA;AACzBuD,gBAAAA,QAAAA,EAAU9D,EAAEO,MAAM,EAAA;AAClB4D,gBAAAA,oBAAAA,EAAsBnE,EAAEO,MAAM;AACpC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI+D,+BAAAA,GAAkC;YACpC,OAAOtE,CAAAA,CAAEG,MAAM,CAAC;AACdkB,gBAAAA,KAAAA,EAAOrB,EAAEqB,KAAK;AACpB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIkD,oBAAAA,GAAuB;YACzB,OAAOvE,CAAAA,CAAEG,MAAM,CAAC;AACdiB,gBAAAA,QAAAA,EAAUpB,EAAEO,MAAM,EAAA;AAClBc,gBAAAA,KAAAA,EAAOrB,EAAEqB,KAAK,EAAA;AACdyC,gBAAAA,QAAAA,EAAU9D,EAAEO,MAAM,EAAA;AAClBmB,gBAAAA,IAAAA,EAAMb,kBAAkBL,QAAQ;AACtC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIgE,oBAAAA,GAAuB;YACzB,OAAOxE,CAAAA,CAAEG,MAAM,CAAC;gBACdiB,QAAAA,EAAUpB,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;gBAC7Ba,KAAAA,EAAOrB,CAAAA,CAAEqB,KAAK,EAAA,CAAGb,QAAQ,EAAA;gBACzBsD,QAAAA,EAAU9D,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;AAC7BkB,gBAAAA,IAAAA,EAAMb,kBAAkBL,QAAQ;AACtC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIiE,oBAAAA,GAAuB;YACzB,OAAOzE,CAAAA,CAAEG,MAAM,CAAC;AACdwB,gBAAAA,IAAAA,EAAM3B,EAAEO,MAAM,EAAA;gBACdqB,WAAAA,EAAa5B,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;AAChCsB,gBAAAA,IAAAA,EAAM9B,EAAEO,MAAM,EAAA;gBACd6B,WAAAA,EAAapC,CAAAA,CAAEqC,MAAM,CAACrC,CAAAA,CAAEO,MAAM,EAAA,EAAIP,CAAAA,CAAE0C,OAAO,EAAA,CAAA,CAAIlC,QAAQ;AAC7D,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIkE,oBAAAA,GAAuB;YACzB,OAAO1E,CAAAA,CAAEG,MAAM,CAAC;gBACdwB,IAAAA,EAAM3B,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;gBACzBoB,WAAAA,EAAa5B,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;gBAChCsB,IAAAA,EAAM9B,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;gBACzB4B,WAAAA,EAAapC,CAAAA,CAAEqC,MAAM,CAACrC,CAAAA,CAAEO,MAAM,EAAA,EAAIP,CAAAA,CAAE0C,OAAO,EAAA,CAAA,CAAIlC,QAAQ;AAC7D,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAImE,WAAAA,GAAc;AAChB,YAAA,OAAO3E,EAAEO,MAAM,EAAA;AACnB,QAAA;AAEE,QAAA,IAAIqE,WAAAA,GAAc;AAChB,YAAA,OAAO5E,EAAEO,MAAM,EAAA;AACnB,QAAA;AAEE,QAAA,IAAIsE,aAAAA,GAAgB;AAClB,YAAA,OAAO7E,EAAEO,MAAM,EAAA;AACnB,QAAA;AA9OE,QAAA,WAAA,CAAYuE,MAAM,CAAE;YAClB,KAAK,EAAA;YACL,IAAI,CAACC,OAAO,GAAGD,MAAAA;AACnB,QAAA;AA4OA;IAEAE,UAAAA,GAAiB;AACf9D,QAAAA;AACF,KAAA;;;;;;"}
@@ -8,6 +8,33 @@ function requireValidation() {
8
8
  hasRequiredValidation = 1;
9
9
  const { AbstractRouteValidator } = require$$1;
10
10
  const z = require$$1$1;
11
+ // A single role relation entry, referenced by numeric `id` (legacy) or by
12
+ // `documentId` (the v5 default), but must carry at least one of them. The
13
+ // detailed rules (min one role on create, cannot remove the last role on
14
+ // update) stay in the Yup controller validator.
15
+ const roleRelationEntry = z.object({
16
+ id: z.union([
17
+ z.number(),
18
+ z.string()
19
+ ]).optional(),
20
+ documentId: z.string().optional()
21
+ }).refine((entry)=>entry.id != null || entry.documentId != null, {
22
+ message: 'Relation entry must include an id or documentId'
23
+ });
24
+ // The `role` relation input: shorthand scalar (numeric id or documentId) or the
25
+ // longhand connect/disconnect object, matching every other v5 relation. The
26
+ // object form must carry at least one of connect/disconnect (an empty object is
27
+ // a no-op and almost certainly a mistake).
28
+ const roleRelationInput = z.union([
29
+ z.number(),
30
+ z.string(),
31
+ z.object({
32
+ connect: z.array(roleRelationEntry).optional(),
33
+ disconnect: z.array(roleRelationEntry).optional()
34
+ }).refine((input)=>input.connect != null || input.disconnect != null, {
35
+ message: 'Relation input must include connect or disconnect'
36
+ })
37
+ ]);
11
38
  class UsersPermissionsRouteValidator extends AbstractRouteValidator {
12
39
  get userSchema() {
13
40
  return z.object({
@@ -164,7 +191,7 @@ function requireValidation() {
164
191
  username: z.string(),
165
192
  email: z.email(),
166
193
  password: z.string(),
167
- role: z.number().optional()
194
+ role: roleRelationInput.optional()
168
195
  });
169
196
  }
170
197
  get updateUserBodySchema() {
@@ -172,7 +199,7 @@ function requireValidation() {
172
199
  username: z.string().optional(),
173
200
  email: z.email().optional(),
174
201
  password: z.string().optional(),
175
- role: z.number().optional()
202
+ role: roleRelationInput.optional()
176
203
  });
177
204
  }
178
205
  get createRoleBodySchema() {
@@ -1 +1 @@
1
- {"version":3,"file":"validation.mjs","sources":["../../../../server/routes/content-api/validation.js"],"sourcesContent":["'use strict';\n\nconst { AbstractRouteValidator } = require('@strapi/utils');\nconst z = require('zod/v4');\n\nclass UsersPermissionsRouteValidator extends AbstractRouteValidator {\n constructor(strapi) {\n super();\n this._strapi = strapi;\n }\n\n get userSchema() {\n return z.object({\n id: z.number(),\n documentId: z.string(),\n username: z.string(),\n email: z.string(),\n provider: z.string(),\n confirmed: z.boolean(),\n blocked: z.boolean(),\n role: z\n .union([\n z.number(),\n z.object({\n id: z.number(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n createdAt: z.string(),\n updatedAt: z.string(),\n }),\n ])\n .optional(),\n createdAt: z.string(),\n updatedAt: z.string(),\n publishedAt: z.string(),\n });\n }\n\n get roleSchema() {\n return z.object({\n id: z.number(),\n documentId: z.string(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n createdAt: z.string(),\n updatedAt: z.string(),\n publishedAt: z.string(),\n nb_users: z.number().optional(),\n permissions: z\n .record(\n z.string(), // plugin name\n z.object({\n controllers: z.record(\n z.string(), // controller name\n z.record(\n z.string(), // action name\n z.object({\n enabled: z.boolean(),\n policy: z.string(),\n })\n )\n ),\n })\n )\n .optional(),\n users: z.array(z.unknown()).optional(),\n });\n }\n\n get permissionSchema() {\n return z.object({\n id: z.number(),\n action: z.string(),\n role: z.object({\n id: z.number(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n }),\n createdAt: z.string(),\n updatedAt: z.string(),\n });\n }\n\n get authResponseSchema() {\n return z.object({\n jwt: z.string(),\n refreshToken: z.string().optional(),\n user: this.userSchema,\n });\n }\n\n get authResponseWithoutJwtSchema() {\n return z.object({\n user: this.userSchema,\n });\n }\n\n get authRegisterResponseSchema() {\n return z.union([this.authResponseSchema, this.authResponseWithoutJwtSchema]);\n }\n\n get forgotPasswordResponseSchema() {\n return z.object({\n ok: z.boolean(),\n });\n }\n\n get sendEmailConfirmationResponseSchema() {\n return z.object({\n email: z.string(),\n sent: z.boolean(),\n });\n }\n\n get rolesResponseSchema() {\n return z.object({\n roles: z.array(this.roleSchema),\n });\n }\n\n get roleResponseSchema() {\n return z.object({\n role: this.roleSchema,\n });\n }\n\n get roleSuccessResponseSchema() {\n return z.object({\n ok: z.boolean(),\n });\n }\n\n get permissionsResponseSchema() {\n return z.object({\n permissions: z.record(\n z.string(), // plugin name\n z.object({\n controllers: z.record(\n z.string(), // controller name\n z.record(\n z.string(), // action name\n z.object({\n enabled: z.boolean(),\n policy: z.string(),\n })\n )\n ),\n })\n ),\n });\n }\n\n get loginBodySchema() {\n return z.object({\n identifier: z.string(),\n password: z.string(),\n });\n }\n\n get registerBodySchema() {\n return z.object({\n username: z.string(),\n email: z.email(),\n password: z.string(),\n });\n }\n\n get forgotPasswordBodySchema() {\n return z.object({\n email: z.email(),\n });\n }\n\n get resetPasswordBodySchema() {\n return z.object({\n code: z.string(),\n password: z.string(),\n passwordConfirmation: z.string(),\n });\n }\n\n get changePasswordBodySchema() {\n return z.object({\n currentPassword: z.string(),\n password: z.string(),\n passwordConfirmation: z.string(),\n });\n }\n\n get sendEmailConfirmationBodySchema() {\n return z.object({\n email: z.email(),\n });\n }\n\n get createUserBodySchema() {\n return z.object({\n username: z.string(),\n email: z.email(),\n password: z.string(),\n role: z.number().optional(),\n });\n }\n\n get updateUserBodySchema() {\n return z.object({\n username: z.string().optional(),\n email: z.email().optional(),\n password: z.string().optional(),\n role: z.number().optional(),\n });\n }\n\n get createRoleBodySchema() {\n return z.object({\n name: z.string(),\n description: z.string().optional(),\n type: z.string(),\n permissions: z.record(z.string(), z.unknown()).optional(),\n });\n }\n\n get updateRoleBodySchema() {\n return z.object({\n name: z.string().optional(),\n description: z.string().optional(),\n type: z.string().optional(),\n permissions: z.record(z.string(), z.unknown()).optional(),\n });\n }\n\n get userIdParam() {\n return z.string();\n }\n\n get roleIdParam() {\n return z.string();\n }\n\n get providerParam() {\n return z.string();\n }\n}\n\nmodule.exports = {\n UsersPermissionsRouteValidator,\n};\n"],"names":["AbstractRouteValidator","require$$0","z","require$$1","UsersPermissionsRouteValidator","userSchema","object","id","number","documentId","string","username","email","provider","confirmed","boolean","blocked","role","union","name","description","nullable","type","createdAt","updatedAt","optional","publishedAt","roleSchema","nb_users","permissions","record","controllers","enabled","policy","users","array","unknown","permissionSchema","action","authResponseSchema","jwt","refreshToken","user","authResponseWithoutJwtSchema","authRegisterResponseSchema","forgotPasswordResponseSchema","ok","sendEmailConfirmationResponseSchema","sent","rolesResponseSchema","roles","roleResponseSchema","roleSuccessResponseSchema","permissionsResponseSchema","loginBodySchema","identifier","password","registerBodySchema","forgotPasswordBodySchema","resetPasswordBodySchema","code","passwordConfirmation","changePasswordBodySchema","currentPassword","sendEmailConfirmationBodySchema","createUserBodySchema","updateUserBodySchema","createRoleBodySchema","updateRoleBodySchema","userIdParam","roleIdParam","providerParam","strapi","_strapi","validation"],"mappings":";;;;;;;;IAEA,MAAM,EAAEA,sBAAsB,EAAE,GAAGC,UAAAA;AACnC,IAAA,MAAMC,CAAAA,GAAIC,YAAAA;AAEV,IAAA,MAAMC,8BAAAA,SAAuCJ,sBAAAA,CAAAA;AAM3C,QAAA,IAAIK,UAAAA,GAAa;YACf,OAAOH,CAAAA,CAAEI,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIL,EAAEM,MAAM,EAAA;AACZC,gBAAAA,UAAAA,EAAYP,EAAEQ,MAAM,EAAA;AACpBC,gBAAAA,QAAAA,EAAUT,EAAEQ,MAAM,EAAA;AAClBE,gBAAAA,KAAAA,EAAOV,EAAEQ,MAAM,EAAA;AACfG,gBAAAA,QAAAA,EAAUX,EAAEQ,MAAM,EAAA;AAClBI,gBAAAA,SAAAA,EAAWZ,EAAEa,OAAO,EAAA;AACpBC,gBAAAA,OAAAA,EAASd,EAAEa,OAAO,EAAA;gBAClBE,IAAAA,EAAMf,CAAAA,CACHgB,KAAK,CAAC;AACLhB,oBAAAA,CAAAA,CAAEM,MAAM,EAAA;AACRN,oBAAAA,CAAAA,CAAEI,MAAM,CAAC;AACPC,wBAAAA,EAAAA,EAAIL,EAAEM,MAAM,EAAA;AACZW,wBAAAA,IAAAA,EAAMjB,EAAEQ,MAAM,EAAA;wBACdU,WAAAA,EAAalB,CAAAA,CAAEQ,MAAM,EAAA,CAAGW,QAAQ,EAAA;AAChCC,wBAAAA,IAAAA,EAAMpB,EAAEQ,MAAM,EAAA;AACda,wBAAAA,SAAAA,EAAWrB,EAAEQ,MAAM,EAAA;AACnBc,wBAAAA,SAAAA,EAAWtB,EAAEQ,MAAM;AAC/B,qBAAA;AACS,iBAAA,CAAA,CACAe,QAAQ,EAAA;AACXF,gBAAAA,SAAAA,EAAWrB,EAAEQ,MAAM,EAAA;AACnBc,gBAAAA,SAAAA,EAAWtB,EAAEQ,MAAM,EAAA;AACnBgB,gBAAAA,WAAAA,EAAaxB,EAAEQ,MAAM;AAC3B,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIiB,UAAAA,GAAa;YACf,OAAOzB,CAAAA,CAAEI,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIL,EAAEM,MAAM,EAAA;AACZC,gBAAAA,UAAAA,EAAYP,EAAEQ,MAAM,EAAA;AACpBS,gBAAAA,IAAAA,EAAMjB,EAAEQ,MAAM,EAAA;gBACdU,WAAAA,EAAalB,CAAAA,CAAEQ,MAAM,EAAA,CAAGW,QAAQ,EAAA;AAChCC,gBAAAA,IAAAA,EAAMpB,EAAEQ,MAAM,EAAA;AACda,gBAAAA,SAAAA,EAAWrB,EAAEQ,MAAM,EAAA;AACnBc,gBAAAA,SAAAA,EAAWtB,EAAEQ,MAAM,EAAA;AACnBgB,gBAAAA,WAAAA,EAAaxB,EAAEQ,MAAM,EAAA;gBACrBkB,QAAAA,EAAU1B,CAAAA,CAAEM,MAAM,EAAA,CAAGiB,QAAQ,EAAA;gBAC7BI,WAAAA,EAAa3B,CAAAA,CACV4B,MAAM,CACL5B,CAAAA,CAAEQ,MAAM,EAAA,EACRR,CAAAA,CAAEI,MAAM,CAAC;AACPyB,oBAAAA,WAAAA,EAAa7B,CAAAA,CAAE4B,MAAM,CACnB5B,CAAAA,CAAEQ,MAAM,EAAA,EACRR,CAAAA,CAAE4B,MAAM,CACN5B,CAAAA,CAAEQ,MAAM,EAAA,EACRR,CAAAA,CAAEI,MAAM,CAAC;AACP0B,wBAAAA,OAAAA,EAAS9B,EAAEa,OAAO,EAAA;AAClBkB,wBAAAA,MAAAA,EAAQ/B,EAAEQ,MAAM;AAClC,qBAAA,CAAA,CAAA;AAGA,iBAAA,CAAA,CAAA,CAESe,QAAQ,EAAA;AACXS,gBAAAA,KAAAA,EAAOhC,EAAEiC,KAAK,CAACjC,CAAAA,CAAEkC,OAAO,IAAIX,QAAQ;AAC1C,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIY,gBAAAA,GAAmB;YACrB,OAAOnC,CAAAA,CAAEI,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIL,EAAEM,MAAM,EAAA;AACZ8B,gBAAAA,MAAAA,EAAQpC,EAAEQ,MAAM,EAAA;gBAChBO,IAAAA,EAAMf,CAAAA,CAAEI,MAAM,CAAC;AACbC,oBAAAA,EAAAA,EAAIL,EAAEM,MAAM,EAAA;AACZW,oBAAAA,IAAAA,EAAMjB,EAAEQ,MAAM,EAAA;oBACdU,WAAAA,EAAalB,CAAAA,CAAEQ,MAAM,EAAA,CAAGW,QAAQ,EAAA;AAChCC,oBAAAA,IAAAA,EAAMpB,EAAEQ,MAAM;AACtB,iBAAA,CAAA;AACMa,gBAAAA,SAAAA,EAAWrB,EAAEQ,MAAM,EAAA;AACnBc,gBAAAA,SAAAA,EAAWtB,EAAEQ,MAAM;AACzB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI6B,kBAAAA,GAAqB;YACvB,OAAOrC,CAAAA,CAAEI,MAAM,CAAC;AACdkC,gBAAAA,GAAAA,EAAKtC,EAAEQ,MAAM,EAAA;gBACb+B,YAAAA,EAAcvC,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBACjCiB,IAAAA,EAAM,IAAI,CAACrC;AACjB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIsC,4BAAAA,GAA+B;YACjC,OAAOzC,CAAAA,CAAEI,MAAM,CAAC;gBACdoC,IAAAA,EAAM,IAAI,CAACrC;AACjB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIuC,0BAAAA,GAA6B;YAC/B,OAAO1C,CAAAA,CAAEgB,KAAK,CAAC;AAAC,gBAAA,IAAI,CAACqB,kBAAkB;AAAE,gBAAA,IAAI,CAACI;AAA6B,aAAA,CAAA;AAC/E,QAAA;AAEE,QAAA,IAAIE,4BAAAA,GAA+B;YACjC,OAAO3C,CAAAA,CAAEI,MAAM,CAAC;AACdwC,gBAAAA,EAAAA,EAAI5C,EAAEa,OAAO;AACnB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIgC,mCAAAA,GAAsC;YACxC,OAAO7C,CAAAA,CAAEI,MAAM,CAAC;AACdM,gBAAAA,KAAAA,EAAOV,EAAEQ,MAAM,EAAA;AACfsC,gBAAAA,IAAAA,EAAM9C,EAAEa,OAAO;AACrB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIkC,mBAAAA,GAAsB;YACxB,OAAO/C,CAAAA,CAAEI,MAAM,CAAC;AACd4C,gBAAAA,KAAAA,EAAOhD,CAAAA,CAAEiC,KAAK,CAAC,IAAI,CAACR,UAAU;AACpC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIwB,kBAAAA,GAAqB;YACvB,OAAOjD,CAAAA,CAAEI,MAAM,CAAC;gBACdW,IAAAA,EAAM,IAAI,CAACU;AACjB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIyB,yBAAAA,GAA4B;YAC9B,OAAOlD,CAAAA,CAAEI,MAAM,CAAC;AACdwC,gBAAAA,EAAAA,EAAI5C,EAAEa,OAAO;AACnB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIsC,yBAAAA,GAA4B;YAC9B,OAAOnD,CAAAA,CAAEI,MAAM,CAAC;gBACduB,WAAAA,EAAa3B,CAAAA,CAAE4B,MAAM,CACnB5B,CAAAA,CAAEQ,MAAM,EAAA,EACRR,CAAAA,CAAEI,MAAM,CAAC;AACPyB,oBAAAA,WAAAA,EAAa7B,CAAAA,CAAE4B,MAAM,CACnB5B,CAAAA,CAAEQ,MAAM,EAAA,EACRR,CAAAA,CAAE4B,MAAM,CACN5B,CAAAA,CAAEQ,MAAM,EAAA,EACRR,CAAAA,CAAEI,MAAM,CAAC;AACP0B,wBAAAA,OAAAA,EAAS9B,EAAEa,OAAO,EAAA;AAClBkB,wBAAAA,MAAAA,EAAQ/B,EAAEQ,MAAM;AAChC,qBAAA,CAAA,CAAA;AAGA,iBAAA,CAAA;AAEA,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI4C,eAAAA,GAAkB;YACpB,OAAOpD,CAAAA,CAAEI,MAAM,CAAC;AACdiD,gBAAAA,UAAAA,EAAYrD,EAAEQ,MAAM,EAAA;AACpB8C,gBAAAA,QAAAA,EAAUtD,EAAEQ,MAAM;AACxB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI+C,kBAAAA,GAAqB;YACvB,OAAOvD,CAAAA,CAAEI,MAAM,CAAC;AACdK,gBAAAA,QAAAA,EAAUT,EAAEQ,MAAM,EAAA;AAClBE,gBAAAA,KAAAA,EAAOV,EAAEU,KAAK,EAAA;AACd4C,gBAAAA,QAAAA,EAAUtD,EAAEQ,MAAM;AACxB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIgD,wBAAAA,GAA2B;YAC7B,OAAOxD,CAAAA,CAAEI,MAAM,CAAC;AACdM,gBAAAA,KAAAA,EAAOV,EAAEU,KAAK;AACpB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI+C,uBAAAA,GAA0B;YAC5B,OAAOzD,CAAAA,CAAEI,MAAM,CAAC;AACdsD,gBAAAA,IAAAA,EAAM1D,EAAEQ,MAAM,EAAA;AACd8C,gBAAAA,QAAAA,EAAUtD,EAAEQ,MAAM,EAAA;AAClBmD,gBAAAA,oBAAAA,EAAsB3D,EAAEQ,MAAM;AACpC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIoD,wBAAAA,GAA2B;YAC7B,OAAO5D,CAAAA,CAAEI,MAAM,CAAC;AACdyD,gBAAAA,eAAAA,EAAiB7D,EAAEQ,MAAM,EAAA;AACzB8C,gBAAAA,QAAAA,EAAUtD,EAAEQ,MAAM,EAAA;AAClBmD,gBAAAA,oBAAAA,EAAsB3D,EAAEQ,MAAM;AACpC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIsD,+BAAAA,GAAkC;YACpC,OAAO9D,CAAAA,CAAEI,MAAM,CAAC;AACdM,gBAAAA,KAAAA,EAAOV,EAAEU,KAAK;AACpB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIqD,oBAAAA,GAAuB;YACzB,OAAO/D,CAAAA,CAAEI,MAAM,CAAC;AACdK,gBAAAA,QAAAA,EAAUT,EAAEQ,MAAM,EAAA;AAClBE,gBAAAA,KAAAA,EAAOV,EAAEU,KAAK,EAAA;AACd4C,gBAAAA,QAAAA,EAAUtD,EAAEQ,MAAM,EAAA;gBAClBO,IAAAA,EAAMf,CAAAA,CAAEM,MAAM,EAAA,CAAGiB,QAAQ;AAC/B,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIyC,oBAAAA,GAAuB;YACzB,OAAOhE,CAAAA,CAAEI,MAAM,CAAC;gBACdK,QAAAA,EAAUT,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBAC7Bb,KAAAA,EAAOV,CAAAA,CAAEU,KAAK,EAAA,CAAGa,QAAQ,EAAA;gBACzB+B,QAAAA,EAAUtD,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBAC7BR,IAAAA,EAAMf,CAAAA,CAAEM,MAAM,EAAA,CAAGiB,QAAQ;AAC/B,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI0C,oBAAAA,GAAuB;YACzB,OAAOjE,CAAAA,CAAEI,MAAM,CAAC;AACda,gBAAAA,IAAAA,EAAMjB,EAAEQ,MAAM,EAAA;gBACdU,WAAAA,EAAalB,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;AAChCH,gBAAAA,IAAAA,EAAMpB,EAAEQ,MAAM,EAAA;gBACdmB,WAAAA,EAAa3B,CAAAA,CAAE4B,MAAM,CAAC5B,CAAAA,CAAEQ,MAAM,EAAA,EAAIR,CAAAA,CAAEkC,OAAO,EAAA,CAAA,CAAIX,QAAQ;AAC7D,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI2C,oBAAAA,GAAuB;YACzB,OAAOlE,CAAAA,CAAEI,MAAM,CAAC;gBACda,IAAAA,EAAMjB,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBACzBL,WAAAA,EAAalB,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBAChCH,IAAAA,EAAMpB,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBACzBI,WAAAA,EAAa3B,CAAAA,CAAE4B,MAAM,CAAC5B,CAAAA,CAAEQ,MAAM,EAAA,EAAIR,CAAAA,CAAEkC,OAAO,EAAA,CAAA,CAAIX,QAAQ;AAC7D,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI4C,WAAAA,GAAc;AAChB,YAAA,OAAOnE,EAAEQ,MAAM,EAAA;AACnB,QAAA;AAEE,QAAA,IAAI4D,WAAAA,GAAc;AAChB,YAAA,OAAOpE,EAAEQ,MAAM,EAAA;AACnB,QAAA;AAEE,QAAA,IAAI6D,aAAAA,GAAgB;AAClB,YAAA,OAAOrE,EAAEQ,MAAM,EAAA;AACnB,QAAA;AA9OE,QAAA,WAAA,CAAY8D,MAAM,CAAE;YAClB,KAAK,EAAA;YACL,IAAI,CAACC,OAAO,GAAGD,MAAAA;AACnB,QAAA;AA4OA;IAEAE,UAAAA,GAAiB;AACftE,QAAAA;AACF,KAAA;;;;;;"}
1
+ {"version":3,"file":"validation.mjs","sources":["../../../../server/routes/content-api/validation.js"],"sourcesContent":["'use strict';\n\nconst { AbstractRouteValidator } = require('@strapi/utils');\nconst z = require('zod/v4');\n\n// A single role relation entry, referenced by numeric `id` (legacy) or by\n// `documentId` (the v5 default), but must carry at least one of them. The\n// detailed rules (min one role on create, cannot remove the last role on\n// update) stay in the Yup controller validator.\nconst roleRelationEntry = z\n .object({\n id: z.union([z.number(), z.string()]).optional(),\n documentId: z.string().optional(),\n })\n .refine((entry) => entry.id != null || entry.documentId != null, {\n message: 'Relation entry must include an id or documentId',\n });\n\n// The `role` relation input: shorthand scalar (numeric id or documentId) or the\n// longhand connect/disconnect object, matching every other v5 relation. The\n// object form must carry at least one of connect/disconnect (an empty object is\n// a no-op and almost certainly a mistake).\nconst roleRelationInput = z.union([\n z.number(),\n z.string(),\n z\n .object({\n connect: z.array(roleRelationEntry).optional(),\n disconnect: z.array(roleRelationEntry).optional(),\n })\n .refine((input) => input.connect != null || input.disconnect != null, {\n message: 'Relation input must include connect or disconnect',\n }),\n]);\n\nclass UsersPermissionsRouteValidator extends AbstractRouteValidator {\n constructor(strapi) {\n super();\n this._strapi = strapi;\n }\n\n get userSchema() {\n return z.object({\n id: z.number(),\n documentId: z.string(),\n username: z.string(),\n email: z.string(),\n provider: z.string(),\n confirmed: z.boolean(),\n blocked: z.boolean(),\n role: z\n .union([\n z.number(),\n z.object({\n id: z.number(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n createdAt: z.string(),\n updatedAt: z.string(),\n }),\n ])\n .optional(),\n createdAt: z.string(),\n updatedAt: z.string(),\n publishedAt: z.string(),\n });\n }\n\n get roleSchema() {\n return z.object({\n id: z.number(),\n documentId: z.string(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n createdAt: z.string(),\n updatedAt: z.string(),\n publishedAt: z.string(),\n nb_users: z.number().optional(),\n permissions: z\n .record(\n z.string(), // plugin name\n z.object({\n controllers: z.record(\n z.string(), // controller name\n z.record(\n z.string(), // action name\n z.object({\n enabled: z.boolean(),\n policy: z.string(),\n })\n )\n ),\n })\n )\n .optional(),\n users: z.array(z.unknown()).optional(),\n });\n }\n\n get permissionSchema() {\n return z.object({\n id: z.number(),\n action: z.string(),\n role: z.object({\n id: z.number(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n }),\n createdAt: z.string(),\n updatedAt: z.string(),\n });\n }\n\n get authResponseSchema() {\n return z.object({\n jwt: z.string(),\n refreshToken: z.string().optional(),\n user: this.userSchema,\n });\n }\n\n get authResponseWithoutJwtSchema() {\n return z.object({\n user: this.userSchema,\n });\n }\n\n get authRegisterResponseSchema() {\n return z.union([this.authResponseSchema, this.authResponseWithoutJwtSchema]);\n }\n\n get forgotPasswordResponseSchema() {\n return z.object({\n ok: z.boolean(),\n });\n }\n\n get sendEmailConfirmationResponseSchema() {\n return z.object({\n email: z.string(),\n sent: z.boolean(),\n });\n }\n\n get rolesResponseSchema() {\n return z.object({\n roles: z.array(this.roleSchema),\n });\n }\n\n get roleResponseSchema() {\n return z.object({\n role: this.roleSchema,\n });\n }\n\n get roleSuccessResponseSchema() {\n return z.object({\n ok: z.boolean(),\n });\n }\n\n get permissionsResponseSchema() {\n return z.object({\n permissions: z.record(\n z.string(), // plugin name\n z.object({\n controllers: z.record(\n z.string(), // controller name\n z.record(\n z.string(), // action name\n z.object({\n enabled: z.boolean(),\n policy: z.string(),\n })\n )\n ),\n })\n ),\n });\n }\n\n get loginBodySchema() {\n return z.object({\n identifier: z.string(),\n password: z.string(),\n });\n }\n\n get registerBodySchema() {\n return z.object({\n username: z.string(),\n email: z.email(),\n password: z.string(),\n });\n }\n\n get forgotPasswordBodySchema() {\n return z.object({\n email: z.email(),\n });\n }\n\n get resetPasswordBodySchema() {\n return z.object({\n code: z.string(),\n password: z.string(),\n passwordConfirmation: z.string(),\n });\n }\n\n get changePasswordBodySchema() {\n return z.object({\n currentPassword: z.string(),\n password: z.string(),\n passwordConfirmation: z.string(),\n });\n }\n\n get sendEmailConfirmationBodySchema() {\n return z.object({\n email: z.email(),\n });\n }\n\n get createUserBodySchema() {\n return z.object({\n username: z.string(),\n email: z.email(),\n password: z.string(),\n role: roleRelationInput.optional(),\n });\n }\n\n get updateUserBodySchema() {\n return z.object({\n username: z.string().optional(),\n email: z.email().optional(),\n password: z.string().optional(),\n role: roleRelationInput.optional(),\n });\n }\n\n get createRoleBodySchema() {\n return z.object({\n name: z.string(),\n description: z.string().optional(),\n type: z.string(),\n permissions: z.record(z.string(), z.unknown()).optional(),\n });\n }\n\n get updateRoleBodySchema() {\n return z.object({\n name: z.string().optional(),\n description: z.string().optional(),\n type: z.string().optional(),\n permissions: z.record(z.string(), z.unknown()).optional(),\n });\n }\n\n get userIdParam() {\n return z.string();\n }\n\n get roleIdParam() {\n return z.string();\n }\n\n get providerParam() {\n return z.string();\n }\n}\n\nmodule.exports = {\n UsersPermissionsRouteValidator,\n};\n"],"names":["AbstractRouteValidator","require$$0","z","require$$1","roleRelationEntry","object","id","union","number","string","optional","documentId","refine","entry","message","roleRelationInput","connect","array","disconnect","input","UsersPermissionsRouteValidator","userSchema","username","email","provider","confirmed","boolean","blocked","role","name","description","nullable","type","createdAt","updatedAt","publishedAt","roleSchema","nb_users","permissions","record","controllers","enabled","policy","users","unknown","permissionSchema","action","authResponseSchema","jwt","refreshToken","user","authResponseWithoutJwtSchema","authRegisterResponseSchema","forgotPasswordResponseSchema","ok","sendEmailConfirmationResponseSchema","sent","rolesResponseSchema","roles","roleResponseSchema","roleSuccessResponseSchema","permissionsResponseSchema","loginBodySchema","identifier","password","registerBodySchema","forgotPasswordBodySchema","resetPasswordBodySchema","code","passwordConfirmation","changePasswordBodySchema","currentPassword","sendEmailConfirmationBodySchema","createUserBodySchema","updateUserBodySchema","createRoleBodySchema","updateRoleBodySchema","userIdParam","roleIdParam","providerParam","strapi","_strapi","validation"],"mappings":";;;;;;;;IAEA,MAAM,EAAEA,sBAAsB,EAAE,GAAGC,UAAAA;AACnC,IAAA,MAAMC,CAAAA,GAAIC,YAAAA;;;;;IAMV,MAAMC,iBAAAA,GAAoBF,CAAAA,CACvBG,MAAM,CAAC;QACNC,EAAAA,EAAIJ,CAAAA,CAAEK,KAAK,CAAC;AAACL,YAAAA,CAAAA,CAAEM,MAAM,EAAA;AAAIN,YAAAA,CAAAA,CAAEO,MAAM;AAAG,SAAA,CAAA,CAAEC,QAAQ,EAAA;QAC9CC,UAAAA,EAAYT,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ;KACnC,CAAA,CACGE,MAAM,CAAC,CAACC,KAAAA,GAAUA,KAAAA,CAAMP,EAAE,IAAI,IAAA,IAAQO,KAAAA,CAAMF,UAAU,IAAI,IAAA,EAAM;QAC/DG,OAAAA,EAAS;AACb,KAAA,CAAA;;;;;IAMA,MAAMC,iBAAAA,GAAoBb,CAAAA,CAAEK,KAAK,CAAC;AAChCL,QAAAA,CAAAA,CAAEM,MAAM,EAAA;AACRN,QAAAA,CAAAA,CAAEO,MAAM,EAAA;AACRP,QAAAA,CAAAA,CACGG,MAAM,CAAC;AACNW,YAAAA,OAAAA,EAASd,CAAAA,CAAEe,KAAK,CAACb,iBAAAA,CAAAA,CAAmBM,QAAQ,EAAA;AAC5CQ,YAAAA,UAAAA,EAAYhB,CAAAA,CAAEe,KAAK,CAACb,iBAAAA,CAAAA,CAAmBM,QAAQ;SACrD,CAAA,CACKE,MAAM,CAAC,CAACO,KAAAA,GAAUA,KAAAA,CAAMH,OAAO,IAAI,IAAA,IAAQG,KAAAA,CAAMD,UAAU,IAAI,IAAA,EAAM;YACpEJ,OAAAA,EAAS;AACf,SAAA;AACC,KAAA,CAAA;AAED,IAAA,MAAMM,8BAAAA,SAAuCpB,sBAAAA,CAAAA;AAM3C,QAAA,IAAIqB,UAAAA,GAAa;YACf,OAAOnB,CAAAA,CAAEG,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIJ,EAAEM,MAAM,EAAA;AACZG,gBAAAA,UAAAA,EAAYT,EAAEO,MAAM,EAAA;AACpBa,gBAAAA,QAAAA,EAAUpB,EAAEO,MAAM,EAAA;AAClBc,gBAAAA,KAAAA,EAAOrB,EAAEO,MAAM,EAAA;AACfe,gBAAAA,QAAAA,EAAUtB,EAAEO,MAAM,EAAA;AAClBgB,gBAAAA,SAAAA,EAAWvB,EAAEwB,OAAO,EAAA;AACpBC,gBAAAA,OAAAA,EAASzB,EAAEwB,OAAO,EAAA;gBAClBE,IAAAA,EAAM1B,CAAAA,CACHK,KAAK,CAAC;AACLL,oBAAAA,CAAAA,CAAEM,MAAM,EAAA;AACRN,oBAAAA,CAAAA,CAAEG,MAAM,CAAC;AACPC,wBAAAA,EAAAA,EAAIJ,EAAEM,MAAM,EAAA;AACZqB,wBAAAA,IAAAA,EAAM3B,EAAEO,MAAM,EAAA;wBACdqB,WAAAA,EAAa5B,CAAAA,CAAEO,MAAM,EAAA,CAAGsB,QAAQ,EAAA;AAChCC,wBAAAA,IAAAA,EAAM9B,EAAEO,MAAM,EAAA;AACdwB,wBAAAA,SAAAA,EAAW/B,EAAEO,MAAM,EAAA;AACnByB,wBAAAA,SAAAA,EAAWhC,EAAEO,MAAM;AAC/B,qBAAA;AACS,iBAAA,CAAA,CACAC,QAAQ,EAAA;AACXuB,gBAAAA,SAAAA,EAAW/B,EAAEO,MAAM,EAAA;AACnByB,gBAAAA,SAAAA,EAAWhC,EAAEO,MAAM,EAAA;AACnB0B,gBAAAA,WAAAA,EAAajC,EAAEO,MAAM;AAC3B,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI2B,UAAAA,GAAa;YACf,OAAOlC,CAAAA,CAAEG,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIJ,EAAEM,MAAM,EAAA;AACZG,gBAAAA,UAAAA,EAAYT,EAAEO,MAAM,EAAA;AACpBoB,gBAAAA,IAAAA,EAAM3B,EAAEO,MAAM,EAAA;gBACdqB,WAAAA,EAAa5B,CAAAA,CAAEO,MAAM,EAAA,CAAGsB,QAAQ,EAAA;AAChCC,gBAAAA,IAAAA,EAAM9B,EAAEO,MAAM,EAAA;AACdwB,gBAAAA,SAAAA,EAAW/B,EAAEO,MAAM,EAAA;AACnByB,gBAAAA,SAAAA,EAAWhC,EAAEO,MAAM,EAAA;AACnB0B,gBAAAA,WAAAA,EAAajC,EAAEO,MAAM,EAAA;gBACrB4B,QAAAA,EAAUnC,CAAAA,CAAEM,MAAM,EAAA,CAAGE,QAAQ,EAAA;gBAC7B4B,WAAAA,EAAapC,CAAAA,CACVqC,MAAM,CACLrC,CAAAA,CAAEO,MAAM,EAAA,EACRP,CAAAA,CAAEG,MAAM,CAAC;AACPmC,oBAAAA,WAAAA,EAAatC,CAAAA,CAAEqC,MAAM,CACnBrC,CAAAA,CAAEO,MAAM,EAAA,EACRP,CAAAA,CAAEqC,MAAM,CACNrC,CAAAA,CAAEO,MAAM,EAAA,EACRP,CAAAA,CAAEG,MAAM,CAAC;AACPoC,wBAAAA,OAAAA,EAASvC,EAAEwB,OAAO,EAAA;AAClBgB,wBAAAA,MAAAA,EAAQxC,EAAEO,MAAM;AAClC,qBAAA,CAAA,CAAA;AAGA,iBAAA,CAAA,CAAA,CAESC,QAAQ,EAAA;AACXiC,gBAAAA,KAAAA,EAAOzC,EAAEe,KAAK,CAACf,CAAAA,CAAE0C,OAAO,IAAIlC,QAAQ;AAC1C,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAImC,gBAAAA,GAAmB;YACrB,OAAO3C,CAAAA,CAAEG,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIJ,EAAEM,MAAM,EAAA;AACZsC,gBAAAA,MAAAA,EAAQ5C,EAAEO,MAAM,EAAA;gBAChBmB,IAAAA,EAAM1B,CAAAA,CAAEG,MAAM,CAAC;AACbC,oBAAAA,EAAAA,EAAIJ,EAAEM,MAAM,EAAA;AACZqB,oBAAAA,IAAAA,EAAM3B,EAAEO,MAAM,EAAA;oBACdqB,WAAAA,EAAa5B,CAAAA,CAAEO,MAAM,EAAA,CAAGsB,QAAQ,EAAA;AAChCC,oBAAAA,IAAAA,EAAM9B,EAAEO,MAAM;AACtB,iBAAA,CAAA;AACMwB,gBAAAA,SAAAA,EAAW/B,EAAEO,MAAM,EAAA;AACnByB,gBAAAA,SAAAA,EAAWhC,EAAEO,MAAM;AACzB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIsC,kBAAAA,GAAqB;YACvB,OAAO7C,CAAAA,CAAEG,MAAM,CAAC;AACd2C,gBAAAA,GAAAA,EAAK9C,EAAEO,MAAM,EAAA;gBACbwC,YAAAA,EAAc/C,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;gBACjCwC,IAAAA,EAAM,IAAI,CAAC7B;AACjB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI8B,4BAAAA,GAA+B;YACjC,OAAOjD,CAAAA,CAAEG,MAAM,CAAC;gBACd6C,IAAAA,EAAM,IAAI,CAAC7B;AACjB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI+B,0BAAAA,GAA6B;YAC/B,OAAOlD,CAAAA,CAAEK,KAAK,CAAC;AAAC,gBAAA,IAAI,CAACwC,kBAAkB;AAAE,gBAAA,IAAI,CAACI;AAA6B,aAAA,CAAA;AAC/E,QAAA;AAEE,QAAA,IAAIE,4BAAAA,GAA+B;YACjC,OAAOnD,CAAAA,CAAEG,MAAM,CAAC;AACdiD,gBAAAA,EAAAA,EAAIpD,EAAEwB,OAAO;AACnB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI6B,mCAAAA,GAAsC;YACxC,OAAOrD,CAAAA,CAAEG,MAAM,CAAC;AACdkB,gBAAAA,KAAAA,EAAOrB,EAAEO,MAAM,EAAA;AACf+C,gBAAAA,IAAAA,EAAMtD,EAAEwB,OAAO;AACrB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI+B,mBAAAA,GAAsB;YACxB,OAAOvD,CAAAA,CAAEG,MAAM,CAAC;AACdqD,gBAAAA,KAAAA,EAAOxD,CAAAA,CAAEe,KAAK,CAAC,IAAI,CAACmB,UAAU;AACpC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIuB,kBAAAA,GAAqB;YACvB,OAAOzD,CAAAA,CAAEG,MAAM,CAAC;gBACduB,IAAAA,EAAM,IAAI,CAACQ;AACjB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIwB,yBAAAA,GAA4B;YAC9B,OAAO1D,CAAAA,CAAEG,MAAM,CAAC;AACdiD,gBAAAA,EAAAA,EAAIpD,EAAEwB,OAAO;AACnB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAImC,yBAAAA,GAA4B;YAC9B,OAAO3D,CAAAA,CAAEG,MAAM,CAAC;gBACdiC,WAAAA,EAAapC,CAAAA,CAAEqC,MAAM,CACnBrC,CAAAA,CAAEO,MAAM,EAAA,EACRP,CAAAA,CAAEG,MAAM,CAAC;AACPmC,oBAAAA,WAAAA,EAAatC,CAAAA,CAAEqC,MAAM,CACnBrC,CAAAA,CAAEO,MAAM,EAAA,EACRP,CAAAA,CAAEqC,MAAM,CACNrC,CAAAA,CAAEO,MAAM,EAAA,EACRP,CAAAA,CAAEG,MAAM,CAAC;AACPoC,wBAAAA,OAAAA,EAASvC,EAAEwB,OAAO,EAAA;AAClBgB,wBAAAA,MAAAA,EAAQxC,EAAEO,MAAM;AAChC,qBAAA,CAAA,CAAA;AAGA,iBAAA,CAAA;AAEA,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIqD,eAAAA,GAAkB;YACpB,OAAO5D,CAAAA,CAAEG,MAAM,CAAC;AACd0D,gBAAAA,UAAAA,EAAY7D,EAAEO,MAAM,EAAA;AACpBuD,gBAAAA,QAAAA,EAAU9D,EAAEO,MAAM;AACxB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIwD,kBAAAA,GAAqB;YACvB,OAAO/D,CAAAA,CAAEG,MAAM,CAAC;AACdiB,gBAAAA,QAAAA,EAAUpB,EAAEO,MAAM,EAAA;AAClBc,gBAAAA,KAAAA,EAAOrB,EAAEqB,KAAK,EAAA;AACdyC,gBAAAA,QAAAA,EAAU9D,EAAEO,MAAM;AACxB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIyD,wBAAAA,GAA2B;YAC7B,OAAOhE,CAAAA,CAAEG,MAAM,CAAC;AACdkB,gBAAAA,KAAAA,EAAOrB,EAAEqB,KAAK;AACpB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI4C,uBAAAA,GAA0B;YAC5B,OAAOjE,CAAAA,CAAEG,MAAM,CAAC;AACd+D,gBAAAA,IAAAA,EAAMlE,EAAEO,MAAM,EAAA;AACduD,gBAAAA,QAAAA,EAAU9D,EAAEO,MAAM,EAAA;AAClB4D,gBAAAA,oBAAAA,EAAsBnE,EAAEO,MAAM;AACpC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI6D,wBAAAA,GAA2B;YAC7B,OAAOpE,CAAAA,CAAEG,MAAM,CAAC;AACdkE,gBAAAA,eAAAA,EAAiBrE,EAAEO,MAAM,EAAA;AACzBuD,gBAAAA,QAAAA,EAAU9D,EAAEO,MAAM,EAAA;AAClB4D,gBAAAA,oBAAAA,EAAsBnE,EAAEO,MAAM;AACpC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI+D,+BAAAA,GAAkC;YACpC,OAAOtE,CAAAA,CAAEG,MAAM,CAAC;AACdkB,gBAAAA,KAAAA,EAAOrB,EAAEqB,KAAK;AACpB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIkD,oBAAAA,GAAuB;YACzB,OAAOvE,CAAAA,CAAEG,MAAM,CAAC;AACdiB,gBAAAA,QAAAA,EAAUpB,EAAEO,MAAM,EAAA;AAClBc,gBAAAA,KAAAA,EAAOrB,EAAEqB,KAAK,EAAA;AACdyC,gBAAAA,QAAAA,EAAU9D,EAAEO,MAAM,EAAA;AAClBmB,gBAAAA,IAAAA,EAAMb,kBAAkBL,QAAQ;AACtC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIgE,oBAAAA,GAAuB;YACzB,OAAOxE,CAAAA,CAAEG,MAAM,CAAC;gBACdiB,QAAAA,EAAUpB,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;gBAC7Ba,KAAAA,EAAOrB,CAAAA,CAAEqB,KAAK,EAAA,CAAGb,QAAQ,EAAA;gBACzBsD,QAAAA,EAAU9D,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;AAC7BkB,gBAAAA,IAAAA,EAAMb,kBAAkBL,QAAQ;AACtC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIiE,oBAAAA,GAAuB;YACzB,OAAOzE,CAAAA,CAAEG,MAAM,CAAC;AACdwB,gBAAAA,IAAAA,EAAM3B,EAAEO,MAAM,EAAA;gBACdqB,WAAAA,EAAa5B,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;AAChCsB,gBAAAA,IAAAA,EAAM9B,EAAEO,MAAM,EAAA;gBACd6B,WAAAA,EAAapC,CAAAA,CAAEqC,MAAM,CAACrC,CAAAA,CAAEO,MAAM,EAAA,EAAIP,CAAAA,CAAE0C,OAAO,EAAA,CAAA,CAAIlC,QAAQ;AAC7D,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIkE,oBAAAA,GAAuB;YACzB,OAAO1E,CAAAA,CAAEG,MAAM,CAAC;gBACdwB,IAAAA,EAAM3B,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;gBACzBoB,WAAAA,EAAa5B,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;gBAChCsB,IAAAA,EAAM9B,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;gBACzB4B,WAAAA,EAAapC,CAAAA,CAAEqC,MAAM,CAACrC,CAAAA,CAAEO,MAAM,EAAA,EAAIP,CAAAA,CAAE0C,OAAO,EAAA,CAAA,CAAIlC,QAAQ;AAC7D,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAImE,WAAAA,GAAc;AAChB,YAAA,OAAO3E,EAAEO,MAAM,EAAA;AACnB,QAAA;AAEE,QAAA,IAAIqE,WAAAA,GAAc;AAChB,YAAA,OAAO5E,EAAEO,MAAM,EAAA;AACnB,QAAA;AAEE,QAAA,IAAIsE,aAAAA,GAAgB;AAClB,YAAA,OAAO7E,EAAEO,MAAM,EAAA;AACnB,QAAA;AA9OE,QAAA,WAAA,CAAYuE,MAAM,CAAE;YAClB,KAAK,EAAA;YACL,IAAI,CAACC,OAAO,GAAGD,MAAAA;AACnB,QAAA;AA4OA;IAEAE,UAAAA,GAAiB;AACf9D,QAAAA;AACF,KAAA;;;;;;"}
@@ -71,18 +71,20 @@ function requireJwt() {
71
71
  if (!user) {
72
72
  throw new Error('Invalid token.');
73
73
  }
74
+ // Surface the sessionId so the strategy can flag the "current" session.
74
75
  return {
75
- id: user.id
76
+ id: user.id,
77
+ sessionId: result.payload.sessionId
76
78
  };
77
79
  }
78
80
  return new Promise((resolve, reject)=>{
79
81
  const jwtConfig = strapi.config.get('plugin::users-permissions.jwt', {});
80
- const algorithms = jwtConfig && jwtConfig.algorithm ? [
81
- jwtConfig.algorithm
82
- ] : undefined;
83
- jwt.verify(token, strapi.config.get('plugin::users-permissions.jwtSecret'), algorithms ? {
82
+ const algorithms = [
83
+ jwtConfig?.algorithm || 'HS256'
84
+ ];
85
+ jwt.verify(token, strapi.config.get('plugin::users-permissions.jwtSecret'), {
84
86
  algorithms
85
- } : {}, (err, tokenPayload = {})=>{
87
+ }, (err, tokenPayload = {})=>{
86
88
  if (err) {
87
89
  return reject(new Error('Invalid token.'));
88
90
  }
@@ -1 +1 @@
1
- {"version":3,"file":"jwt.js","sources":["../../../server/services/jwt.js"],"sourcesContent":["'use strict';\n\n/**\n * Jwt.js service\n *\n * @description: A set of functions similar to controller's actions to avoid code duplication.\n */\n\nconst _ = require('lodash');\nconst jwt = require('jsonwebtoken');\n\nmodule.exports = ({ strapi }) => ({\n getToken(ctx) {\n let token;\n\n if (ctx.request && ctx.request.header && ctx.request.header.authorization) {\n const parts = ctx.request.header.authorization.split(/\\s+/);\n\n if (parts[0].toLowerCase() !== 'bearer' || parts.length !== 2) {\n return null;\n }\n\n token = parts[1];\n } else {\n return null;\n }\n\n return this.verify(token);\n },\n\n issue(payload, jwtOptions = {}) {\n const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');\n\n if (mode === 'refresh') {\n const userId = String(payload.id ?? payload.userId ?? '');\n if (!userId) {\n throw new Error('Cannot issue token: missing user id');\n }\n\n const issueRefreshToken = async () => {\n const refresh = await strapi\n .sessionManager('users-permissions')\n .generateRefreshToken(userId, undefined, { type: 'refresh' });\n\n const access = await strapi\n .sessionManager('users-permissions')\n .generateAccessToken(refresh.token);\n if ('error' in access) {\n throw new Error('Failed to generate access token');\n }\n\n return access.token;\n };\n\n return issueRefreshToken();\n }\n\n _.defaults(jwtOptions, strapi.config.get('plugin::users-permissions.jwt'));\n return jwt.sign(\n _.clone(payload.toJSON ? payload.toJSON() : payload),\n strapi.config.get('plugin::users-permissions.jwtSecret'),\n jwtOptions\n );\n },\n\n async verify(token) {\n const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');\n\n if (mode === 'refresh') {\n // Accept only access tokens minted by the SessionManager for UP\n const result = strapi.sessionManager('users-permissions').validateAccessToken(token);\n if (!result.isValid || result.payload.type !== 'access') {\n throw new Error('Invalid token.');\n }\n\n const user = await strapi.db\n .query('plugin::users-permissions.user')\n .findOne({ where: { id: Number(result.payload.userId) || result.payload.userId } });\n if (!user) {\n throw new Error('Invalid token.');\n }\n\n return { id: user.id };\n }\n\n return new Promise((resolve, reject) => {\n const jwtConfig = strapi.config.get('plugin::users-permissions.jwt', {});\n const algorithms = jwtConfig && jwtConfig.algorithm ? [jwtConfig.algorithm] : undefined;\n\n jwt.verify(\n token,\n strapi.config.get('plugin::users-permissions.jwtSecret'),\n algorithms ? { algorithms } : {},\n (err, tokenPayload = {}) => {\n if (err) {\n return reject(new Error('Invalid token.'));\n }\n resolve(tokenPayload);\n }\n );\n });\n },\n});\n"],"names":["_","require$$0","jwt","require$$1","jwt_1","strapi","getToken","ctx","token","request","header","authorization","parts","split","toLowerCase","length","verify","issue","payload","jwtOptions","mode","config","get","userId","String","id","Error","issueRefreshToken","refresh","sessionManager","generateRefreshToken","undefined","type","access","generateAccessToken","defaults","sign","clone","toJSON","result","validateAccessToken","isValid","user","db","query","findOne","where","Number","Promise","resolve","reject","jwtConfig","algorithms","algorithm","err","tokenPayload"],"mappings":";;;;;;;;;;;;;;;AAEA;;;;AAIA,KAEA,MAAMA,CAAAA,GAAIC,2BAAAA;AACV,IAAA,MAAMC,GAAAA,GAAMC,2BAAAA;AAEZC,IAAAA,KAAAA,GAAiB,CAAC,EAAEC,MAAM,EAAE,IAAM;AAChCC,YAAAA,QAAAA,CAAAA,CAASC,GAAG,EAAA;gBACV,IAAIC,KAAAA;AAEJ,gBAAA,IAAID,GAAAA,CAAIE,OAAO,IAAIF,GAAAA,CAAIE,OAAO,CAACC,MAAM,IAAIH,GAAAA,CAAIE,OAAO,CAACC,MAAM,CAACC,aAAa,EAAE;oBACzE,MAAMC,KAAAA,GAAQL,IAAIE,OAAO,CAACC,MAAM,CAACC,aAAa,CAACE,KAAK,CAAC,KAAA,CAAA;oBAErD,IAAID,KAAK,CAAC,CAAA,CAAE,CAACE,WAAW,OAAO,QAAA,IAAYF,KAAAA,CAAMG,MAAM,KAAK,CAAA,EAAG;wBAC7D,OAAO,IAAA;AACf,oBAAA;oBAEMP,KAAAA,GAAQI,KAAK,CAAC,CAAA,CAAE;gBACtB,CAAA,MAAW;oBACL,OAAO,IAAA;AACb,gBAAA;gBAEI,OAAO,IAAI,CAACI,MAAM,CAACR,KAAAA,CAAAA;AACvB,YAAA,CAAA;AAEES,YAAAA,KAAAA,CAAAA,CAAMC,OAAO,EAAEC,UAAAA,GAAa,EAAE,EAAA;AAC5B,gBAAA,MAAMC,OAAOf,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,yCAAA,EAA2C,gBAAA,CAAA;AAE1E,gBAAA,IAAIF,SAAS,SAAA,EAAW;AACtB,oBAAA,MAAMG,SAASC,MAAAA,CAAON,OAAAA,CAAQO,EAAE,IAAIP,OAAAA,CAAQK,MAAM,IAAI,EAAA,CAAA;AACtD,oBAAA,IAAI,CAACA,MAAAA,EAAQ;AACX,wBAAA,MAAM,IAAIG,KAAAA,CAAM,qCAAA,CAAA;AACxB,oBAAA;AAEM,oBAAA,MAAMC,iBAAAA,GAAoB,UAAA;wBACxB,MAAMC,OAAAA,GAAU,MAAMvB,MAAAA,CACnBwB,cAAc,CAAC,mBAAA,CAAA,CACfC,oBAAoB,CAACP,MAAAA,EAAQQ,SAAAA,EAAW;4BAAEC,IAAAA,EAAM;AAAS,yBAAA,CAAA;wBAE5D,MAAMC,MAAAA,GAAS,MAAM5B,MAAAA,CAClBwB,cAAc,CAAC,mBAAA,CAAA,CACfK,mBAAmB,CAACN,OAAAA,CAAQpB,KAAK,CAAA;AACpC,wBAAA,IAAI,WAAWyB,MAAAA,EAAQ;AACrB,4BAAA,MAAM,IAAIP,KAAAA,CAAM,iCAAA,CAAA;AAC1B,wBAAA;AAEQ,wBAAA,OAAOO,OAAOzB,KAAK;AAC3B,oBAAA,CAAA;oBAEM,OAAOmB,iBAAAA,EAAAA;AACb,gBAAA;AAEI3B,gBAAAA,CAAAA,CAAEmC,QAAQ,CAAChB,UAAAA,EAAYd,OAAOgB,MAAM,CAACC,GAAG,CAAC,+BAAA,CAAA,CAAA;AACzC,gBAAA,OAAOpB,IAAIkC,IAAI,CACbpC,EAAEqC,KAAK,CAACnB,QAAQoB,MAAM,GAAGpB,OAAAA,CAAQoB,MAAM,KAAKpB,OAAAA,CAAAA,EAC5Cb,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,qCAAA,CAAA,EAClBH,UAAAA,CAAAA;AAEN,YAAA,CAAA;AAEE,YAAA,MAAMH,QAAOR,KAAK,EAAA;AAChB,gBAAA,MAAMY,OAAOf,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,yCAAA,EAA2C,gBAAA,CAAA;AAE1E,gBAAA,IAAIF,SAAS,SAAA,EAAW;;AAEtB,oBAAA,MAAMmB,SAASlC,MAAAA,CAAOwB,cAAc,CAAC,mBAAA,CAAA,CAAqBW,mBAAmB,CAAChC,KAAAA,CAAAA;oBAC9E,IAAI,CAAC+B,OAAOE,OAAO,IAAIF,OAAOrB,OAAO,CAACc,IAAI,KAAK,QAAA,EAAU;AACvD,wBAAA,MAAM,IAAIN,KAAAA,CAAM,gBAAA,CAAA;AACxB,oBAAA;oBAEM,MAAMgB,IAAAA,GAAO,MAAMrC,MAAAA,CAAOsC,EAAE,CACzBC,KAAK,CAAC,gCAAA,CAAA,CACNC,OAAO,CAAC;wBAAEC,KAAAA,EAAO;4BAAErB,EAAAA,EAAIsB,MAAAA,CAAOR,OAAOrB,OAAO,CAACK,MAAM,CAAA,IAAKgB,MAAAA,CAAOrB,OAAO,CAACK;AAAM;AAAE,qBAAA,CAAA;AAClF,oBAAA,IAAI,CAACmB,IAAAA,EAAM;AACT,wBAAA,MAAM,IAAIhB,KAAAA,CAAM,gBAAA,CAAA;AACxB,oBAAA;oBAEM,OAAO;AAAED,wBAAAA,EAAAA,EAAIiB,KAAKjB;;AACxB,gBAAA;gBAEI,OAAO,IAAIuB,OAAAA,CAAQ,CAACC,OAAAA,EAASC,MAAAA,GAAAA;AAC3B,oBAAA,MAAMC,YAAY9C,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,iCAAiC,EAAA,CAAA;AACrE,oBAAA,MAAM8B,UAAAA,GAAaD,SAAAA,IAAaA,SAAAA,CAAUE,SAAS,GAAG;AAACF,wBAAAA,SAAAA,CAAUE;qBAAU,GAAGtB,SAAAA;oBAE9E7B,GAAAA,CAAIc,MAAM,CACRR,KAAAA,EACAH,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,qCAAA,CAAA,EAClB8B,UAAAA,GAAa;AAAEA,wBAAAA;AAAU,qBAAA,GAAK,EAAA,EAC9B,CAACE,GAAAA,EAAKC,YAAAA,GAAe,EAAE,GAAA;AACrB,wBAAA,IAAID,GAAAA,EAAK;4BACP,OAAOJ,MAAAA,CAAO,IAAIxB,KAAAA,CAAM,gBAAA,CAAA,CAAA;AACpC,wBAAA;wBACUuB,OAAAA,CAAQM,YAAAA,CAAAA;AAClB,oBAAA,CAAA,CAAA;AAEA,gBAAA,CAAA,CAAA;AACA,YAAA;SACA,CAAA;;;;;;"}
1
+ {"version":3,"file":"jwt.js","sources":["../../../server/services/jwt.js"],"sourcesContent":["'use strict';\n\n/**\n * Jwt.js service\n *\n * @description: A set of functions similar to controller's actions to avoid code duplication.\n */\n\nconst _ = require('lodash');\nconst jwt = require('jsonwebtoken');\n\nmodule.exports = ({ strapi }) => ({\n getToken(ctx) {\n let token;\n\n if (ctx.request && ctx.request.header && ctx.request.header.authorization) {\n const parts = ctx.request.header.authorization.split(/\\s+/);\n\n if (parts[0].toLowerCase() !== 'bearer' || parts.length !== 2) {\n return null;\n }\n\n token = parts[1];\n } else {\n return null;\n }\n\n return this.verify(token);\n },\n\n issue(payload, jwtOptions = {}) {\n const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');\n\n if (mode === 'refresh') {\n const userId = String(payload.id ?? payload.userId ?? '');\n if (!userId) {\n throw new Error('Cannot issue token: missing user id');\n }\n\n const issueRefreshToken = async () => {\n const refresh = await strapi\n .sessionManager('users-permissions')\n .generateRefreshToken(userId, undefined, { type: 'refresh' });\n\n const access = await strapi\n .sessionManager('users-permissions')\n .generateAccessToken(refresh.token);\n if ('error' in access) {\n throw new Error('Failed to generate access token');\n }\n\n return access.token;\n };\n\n return issueRefreshToken();\n }\n\n _.defaults(jwtOptions, strapi.config.get('plugin::users-permissions.jwt'));\n return jwt.sign(\n _.clone(payload.toJSON ? payload.toJSON() : payload),\n strapi.config.get('plugin::users-permissions.jwtSecret'),\n jwtOptions\n );\n },\n\n async verify(token) {\n const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');\n\n if (mode === 'refresh') {\n // Accept only access tokens minted by the SessionManager for UP\n const result = strapi.sessionManager('users-permissions').validateAccessToken(token);\n if (!result.isValid || result.payload.type !== 'access') {\n throw new Error('Invalid token.');\n }\n\n const user = await strapi.db\n .query('plugin::users-permissions.user')\n .findOne({ where: { id: Number(result.payload.userId) || result.payload.userId } });\n if (!user) {\n throw new Error('Invalid token.');\n }\n\n // Surface the sessionId so the strategy can flag the \"current\" session.\n return { id: user.id, sessionId: result.payload.sessionId };\n }\n\n return new Promise((resolve, reject) => {\n const jwtConfig = strapi.config.get('plugin::users-permissions.jwt', {});\n const algorithms = [jwtConfig?.algorithm || 'HS256'];\n\n jwt.verify(\n token,\n strapi.config.get('plugin::users-permissions.jwtSecret'),\n { algorithms },\n (err, tokenPayload = {}) => {\n if (err) {\n return reject(new Error('Invalid token.'));\n }\n resolve(tokenPayload);\n }\n );\n });\n },\n});\n"],"names":["_","require$$0","jwt","require$$1","jwt_1","strapi","getToken","ctx","token","request","header","authorization","parts","split","toLowerCase","length","verify","issue","payload","jwtOptions","mode","config","get","userId","String","id","Error","issueRefreshToken","refresh","sessionManager","generateRefreshToken","undefined","type","access","generateAccessToken","defaults","sign","clone","toJSON","result","validateAccessToken","isValid","user","db","query","findOne","where","Number","sessionId","Promise","resolve","reject","jwtConfig","algorithms","algorithm","err","tokenPayload"],"mappings":";;;;;;;;;;;;;;;AAEA;;;;AAIA,KAEA,MAAMA,CAAAA,GAAIC,2BAAAA;AACV,IAAA,MAAMC,GAAAA,GAAMC,2BAAAA;AAEZC,IAAAA,KAAAA,GAAiB,CAAC,EAAEC,MAAM,EAAE,IAAM;AAChCC,YAAAA,QAAAA,CAAAA,CAASC,GAAG,EAAA;gBACV,IAAIC,KAAAA;AAEJ,gBAAA,IAAID,GAAAA,CAAIE,OAAO,IAAIF,GAAAA,CAAIE,OAAO,CAACC,MAAM,IAAIH,GAAAA,CAAIE,OAAO,CAACC,MAAM,CAACC,aAAa,EAAE;oBACzE,MAAMC,KAAAA,GAAQL,IAAIE,OAAO,CAACC,MAAM,CAACC,aAAa,CAACE,KAAK,CAAC,KAAA,CAAA;oBAErD,IAAID,KAAK,CAAC,CAAA,CAAE,CAACE,WAAW,OAAO,QAAA,IAAYF,KAAAA,CAAMG,MAAM,KAAK,CAAA,EAAG;wBAC7D,OAAO,IAAA;AACf,oBAAA;oBAEMP,KAAAA,GAAQI,KAAK,CAAC,CAAA,CAAE;gBACtB,CAAA,MAAW;oBACL,OAAO,IAAA;AACb,gBAAA;gBAEI,OAAO,IAAI,CAACI,MAAM,CAACR,KAAAA,CAAAA;AACvB,YAAA,CAAA;AAEES,YAAAA,KAAAA,CAAAA,CAAMC,OAAO,EAAEC,UAAAA,GAAa,EAAE,EAAA;AAC5B,gBAAA,MAAMC,OAAOf,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,yCAAA,EAA2C,gBAAA,CAAA;AAE1E,gBAAA,IAAIF,SAAS,SAAA,EAAW;AACtB,oBAAA,MAAMG,SAASC,MAAAA,CAAON,OAAAA,CAAQO,EAAE,IAAIP,OAAAA,CAAQK,MAAM,IAAI,EAAA,CAAA;AACtD,oBAAA,IAAI,CAACA,MAAAA,EAAQ;AACX,wBAAA,MAAM,IAAIG,KAAAA,CAAM,qCAAA,CAAA;AACxB,oBAAA;AAEM,oBAAA,MAAMC,iBAAAA,GAAoB,UAAA;wBACxB,MAAMC,OAAAA,GAAU,MAAMvB,MAAAA,CACnBwB,cAAc,CAAC,mBAAA,CAAA,CACfC,oBAAoB,CAACP,MAAAA,EAAQQ,SAAAA,EAAW;4BAAEC,IAAAA,EAAM;AAAS,yBAAA,CAAA;wBAE5D,MAAMC,MAAAA,GAAS,MAAM5B,MAAAA,CAClBwB,cAAc,CAAC,mBAAA,CAAA,CACfK,mBAAmB,CAACN,OAAAA,CAAQpB,KAAK,CAAA;AACpC,wBAAA,IAAI,WAAWyB,MAAAA,EAAQ;AACrB,4BAAA,MAAM,IAAIP,KAAAA,CAAM,iCAAA,CAAA;AAC1B,wBAAA;AAEQ,wBAAA,OAAOO,OAAOzB,KAAK;AAC3B,oBAAA,CAAA;oBAEM,OAAOmB,iBAAAA,EAAAA;AACb,gBAAA;AAEI3B,gBAAAA,CAAAA,CAAEmC,QAAQ,CAAChB,UAAAA,EAAYd,OAAOgB,MAAM,CAACC,GAAG,CAAC,+BAAA,CAAA,CAAA;AACzC,gBAAA,OAAOpB,IAAIkC,IAAI,CACbpC,EAAEqC,KAAK,CAACnB,QAAQoB,MAAM,GAAGpB,OAAAA,CAAQoB,MAAM,KAAKpB,OAAAA,CAAAA,EAC5Cb,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,qCAAA,CAAA,EAClBH,UAAAA,CAAAA;AAEN,YAAA,CAAA;AAEE,YAAA,MAAMH,QAAOR,KAAK,EAAA;AAChB,gBAAA,MAAMY,OAAOf,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,yCAAA,EAA2C,gBAAA,CAAA;AAE1E,gBAAA,IAAIF,SAAS,SAAA,EAAW;;AAEtB,oBAAA,MAAMmB,SAASlC,MAAAA,CAAOwB,cAAc,CAAC,mBAAA,CAAA,CAAqBW,mBAAmB,CAAChC,KAAAA,CAAAA;oBAC9E,IAAI,CAAC+B,OAAOE,OAAO,IAAIF,OAAOrB,OAAO,CAACc,IAAI,KAAK,QAAA,EAAU;AACvD,wBAAA,MAAM,IAAIN,KAAAA,CAAM,gBAAA,CAAA;AACxB,oBAAA;oBAEM,MAAMgB,IAAAA,GAAO,MAAMrC,MAAAA,CAAOsC,EAAE,CACzBC,KAAK,CAAC,gCAAA,CAAA,CACNC,OAAO,CAAC;wBAAEC,KAAAA,EAAO;4BAAErB,EAAAA,EAAIsB,MAAAA,CAAOR,OAAOrB,OAAO,CAACK,MAAM,CAAA,IAAKgB,MAAAA,CAAOrB,OAAO,CAACK;AAAM;AAAE,qBAAA,CAAA;AAClF,oBAAA,IAAI,CAACmB,IAAAA,EAAM;AACT,wBAAA,MAAM,IAAIhB,KAAAA,CAAM,gBAAA,CAAA;AACxB,oBAAA;;oBAGM,OAAO;AAAED,wBAAAA,EAAAA,EAAIiB,KAAKjB,EAAE;wBAAEuB,SAAAA,EAAWT,MAAAA,CAAOrB,OAAO,CAAC8B;;AACtD,gBAAA;gBAEI,OAAO,IAAIC,OAAAA,CAAQ,CAACC,OAAAA,EAASC,MAAAA,GAAAA;AAC3B,oBAAA,MAAMC,YAAY/C,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,iCAAiC,EAAA,CAAA;AACrE,oBAAA,MAAM+B,UAAAA,GAAa;AAACD,wBAAAA,SAAAA,EAAWE,SAAAA,IAAa;AAAQ,qBAAA;oBAEpDpD,GAAAA,CAAIc,MAAM,CACRR,KAAAA,EACAH,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,qCAAA,CAAA,EAClB;AAAE+B,wBAAAA;AAAU,qBAAA,EACZ,CAACE,GAAAA,EAAKC,YAAAA,GAAe,EAAE,GAAA;AACrB,wBAAA,IAAID,GAAAA,EAAK;4BACP,OAAOJ,MAAAA,CAAO,IAAIzB,KAAAA,CAAM,gBAAA,CAAA,CAAA;AACpC,wBAAA;wBACUwB,OAAAA,CAAQM,YAAAA,CAAAA;AAClB,oBAAA,CAAA,CAAA;AAEA,gBAAA,CAAA,CAAA;AACA,YAAA;SACA,CAAA;;;;;;"}
@@ -64,18 +64,20 @@ function requireJwt() {
64
64
  if (!user) {
65
65
  throw new Error('Invalid token.');
66
66
  }
67
+ // Surface the sessionId so the strategy can flag the "current" session.
67
68
  return {
68
- id: user.id
69
+ id: user.id,
70
+ sessionId: result.payload.sessionId
69
71
  };
70
72
  }
71
73
  return new Promise((resolve, reject)=>{
72
74
  const jwtConfig = strapi.config.get('plugin::users-permissions.jwt', {});
73
- const algorithms = jwtConfig && jwtConfig.algorithm ? [
74
- jwtConfig.algorithm
75
- ] : undefined;
76
- jwt.verify(token, strapi.config.get('plugin::users-permissions.jwtSecret'), algorithms ? {
75
+ const algorithms = [
76
+ jwtConfig?.algorithm || 'HS256'
77
+ ];
78
+ jwt.verify(token, strapi.config.get('plugin::users-permissions.jwtSecret'), {
77
79
  algorithms
78
- } : {}, (err, tokenPayload = {})=>{
80
+ }, (err, tokenPayload = {})=>{
79
81
  if (err) {
80
82
  return reject(new Error('Invalid token.'));
81
83
  }
@@ -1 +1 @@
1
- {"version":3,"file":"jwt.mjs","sources":["../../../server/services/jwt.js"],"sourcesContent":["'use strict';\n\n/**\n * Jwt.js service\n *\n * @description: A set of functions similar to controller's actions to avoid code duplication.\n */\n\nconst _ = require('lodash');\nconst jwt = require('jsonwebtoken');\n\nmodule.exports = ({ strapi }) => ({\n getToken(ctx) {\n let token;\n\n if (ctx.request && ctx.request.header && ctx.request.header.authorization) {\n const parts = ctx.request.header.authorization.split(/\\s+/);\n\n if (parts[0].toLowerCase() !== 'bearer' || parts.length !== 2) {\n return null;\n }\n\n token = parts[1];\n } else {\n return null;\n }\n\n return this.verify(token);\n },\n\n issue(payload, jwtOptions = {}) {\n const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');\n\n if (mode === 'refresh') {\n const userId = String(payload.id ?? payload.userId ?? '');\n if (!userId) {\n throw new Error('Cannot issue token: missing user id');\n }\n\n const issueRefreshToken = async () => {\n const refresh = await strapi\n .sessionManager('users-permissions')\n .generateRefreshToken(userId, undefined, { type: 'refresh' });\n\n const access = await strapi\n .sessionManager('users-permissions')\n .generateAccessToken(refresh.token);\n if ('error' in access) {\n throw new Error('Failed to generate access token');\n }\n\n return access.token;\n };\n\n return issueRefreshToken();\n }\n\n _.defaults(jwtOptions, strapi.config.get('plugin::users-permissions.jwt'));\n return jwt.sign(\n _.clone(payload.toJSON ? payload.toJSON() : payload),\n strapi.config.get('plugin::users-permissions.jwtSecret'),\n jwtOptions\n );\n },\n\n async verify(token) {\n const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');\n\n if (mode === 'refresh') {\n // Accept only access tokens minted by the SessionManager for UP\n const result = strapi.sessionManager('users-permissions').validateAccessToken(token);\n if (!result.isValid || result.payload.type !== 'access') {\n throw new Error('Invalid token.');\n }\n\n const user = await strapi.db\n .query('plugin::users-permissions.user')\n .findOne({ where: { id: Number(result.payload.userId) || result.payload.userId } });\n if (!user) {\n throw new Error('Invalid token.');\n }\n\n return { id: user.id };\n }\n\n return new Promise((resolve, reject) => {\n const jwtConfig = strapi.config.get('plugin::users-permissions.jwt', {});\n const algorithms = jwtConfig && jwtConfig.algorithm ? [jwtConfig.algorithm] : undefined;\n\n jwt.verify(\n token,\n strapi.config.get('plugin::users-permissions.jwtSecret'),\n algorithms ? { algorithms } : {},\n (err, tokenPayload = {}) => {\n if (err) {\n return reject(new Error('Invalid token.'));\n }\n resolve(tokenPayload);\n }\n );\n });\n },\n});\n"],"names":["_","require$$0","jwt","require$$1","jwt_1","strapi","getToken","ctx","token","request","header","authorization","parts","split","toLowerCase","length","verify","issue","payload","jwtOptions","mode","config","get","userId","String","id","Error","issueRefreshToken","refresh","sessionManager","generateRefreshToken","undefined","type","access","generateAccessToken","defaults","sign","clone","toJSON","result","validateAccessToken","isValid","user","db","query","findOne","where","Number","Promise","resolve","reject","jwtConfig","algorithms","algorithm","err","tokenPayload"],"mappings":";;;;;;;;AAEA;;;;AAIA,KAEA,MAAMA,CAAAA,GAAIC,UAAAA;AACV,IAAA,MAAMC,GAAAA,GAAMC,UAAAA;AAEZC,IAAAA,KAAAA,GAAiB,CAAC,EAAEC,MAAM,EAAE,IAAM;AAChCC,YAAAA,QAAAA,CAAAA,CAASC,GAAG,EAAA;gBACV,IAAIC,KAAAA;AAEJ,gBAAA,IAAID,GAAAA,CAAIE,OAAO,IAAIF,GAAAA,CAAIE,OAAO,CAACC,MAAM,IAAIH,GAAAA,CAAIE,OAAO,CAACC,MAAM,CAACC,aAAa,EAAE;oBACzE,MAAMC,KAAAA,GAAQL,IAAIE,OAAO,CAACC,MAAM,CAACC,aAAa,CAACE,KAAK,CAAC,KAAA,CAAA;oBAErD,IAAID,KAAK,CAAC,CAAA,CAAE,CAACE,WAAW,OAAO,QAAA,IAAYF,KAAAA,CAAMG,MAAM,KAAK,CAAA,EAAG;wBAC7D,OAAO,IAAA;AACf,oBAAA;oBAEMP,KAAAA,GAAQI,KAAK,CAAC,CAAA,CAAE;gBACtB,CAAA,MAAW;oBACL,OAAO,IAAA;AACb,gBAAA;gBAEI,OAAO,IAAI,CAACI,MAAM,CAACR,KAAAA,CAAAA;AACvB,YAAA,CAAA;AAEES,YAAAA,KAAAA,CAAAA,CAAMC,OAAO,EAAEC,UAAAA,GAAa,EAAE,EAAA;AAC5B,gBAAA,MAAMC,OAAOf,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,yCAAA,EAA2C,gBAAA,CAAA;AAE1E,gBAAA,IAAIF,SAAS,SAAA,EAAW;AACtB,oBAAA,MAAMG,SAASC,MAAAA,CAAON,OAAAA,CAAQO,EAAE,IAAIP,OAAAA,CAAQK,MAAM,IAAI,EAAA,CAAA;AACtD,oBAAA,IAAI,CAACA,MAAAA,EAAQ;AACX,wBAAA,MAAM,IAAIG,KAAAA,CAAM,qCAAA,CAAA;AACxB,oBAAA;AAEM,oBAAA,MAAMC,iBAAAA,GAAoB,UAAA;wBACxB,MAAMC,OAAAA,GAAU,MAAMvB,MAAAA,CACnBwB,cAAc,CAAC,mBAAA,CAAA,CACfC,oBAAoB,CAACP,MAAAA,EAAQQ,SAAAA,EAAW;4BAAEC,IAAAA,EAAM;AAAS,yBAAA,CAAA;wBAE5D,MAAMC,MAAAA,GAAS,MAAM5B,MAAAA,CAClBwB,cAAc,CAAC,mBAAA,CAAA,CACfK,mBAAmB,CAACN,OAAAA,CAAQpB,KAAK,CAAA;AACpC,wBAAA,IAAI,WAAWyB,MAAAA,EAAQ;AACrB,4BAAA,MAAM,IAAIP,KAAAA,CAAM,iCAAA,CAAA;AAC1B,wBAAA;AAEQ,wBAAA,OAAOO,OAAOzB,KAAK;AAC3B,oBAAA,CAAA;oBAEM,OAAOmB,iBAAAA,EAAAA;AACb,gBAAA;AAEI3B,gBAAAA,CAAAA,CAAEmC,QAAQ,CAAChB,UAAAA,EAAYd,OAAOgB,MAAM,CAACC,GAAG,CAAC,+BAAA,CAAA,CAAA;AACzC,gBAAA,OAAOpB,IAAIkC,IAAI,CACbpC,EAAEqC,KAAK,CAACnB,QAAQoB,MAAM,GAAGpB,OAAAA,CAAQoB,MAAM,KAAKpB,OAAAA,CAAAA,EAC5Cb,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,qCAAA,CAAA,EAClBH,UAAAA,CAAAA;AAEN,YAAA,CAAA;AAEE,YAAA,MAAMH,QAAOR,KAAK,EAAA;AAChB,gBAAA,MAAMY,OAAOf,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,yCAAA,EAA2C,gBAAA,CAAA;AAE1E,gBAAA,IAAIF,SAAS,SAAA,EAAW;;AAEtB,oBAAA,MAAMmB,SAASlC,MAAAA,CAAOwB,cAAc,CAAC,mBAAA,CAAA,CAAqBW,mBAAmB,CAAChC,KAAAA,CAAAA;oBAC9E,IAAI,CAAC+B,OAAOE,OAAO,IAAIF,OAAOrB,OAAO,CAACc,IAAI,KAAK,QAAA,EAAU;AACvD,wBAAA,MAAM,IAAIN,KAAAA,CAAM,gBAAA,CAAA;AACxB,oBAAA;oBAEM,MAAMgB,IAAAA,GAAO,MAAMrC,MAAAA,CAAOsC,EAAE,CACzBC,KAAK,CAAC,gCAAA,CAAA,CACNC,OAAO,CAAC;wBAAEC,KAAAA,EAAO;4BAAErB,EAAAA,EAAIsB,MAAAA,CAAOR,OAAOrB,OAAO,CAACK,MAAM,CAAA,IAAKgB,MAAAA,CAAOrB,OAAO,CAACK;AAAM;AAAE,qBAAA,CAAA;AAClF,oBAAA,IAAI,CAACmB,IAAAA,EAAM;AACT,wBAAA,MAAM,IAAIhB,KAAAA,CAAM,gBAAA,CAAA;AACxB,oBAAA;oBAEM,OAAO;AAAED,wBAAAA,EAAAA,EAAIiB,KAAKjB;;AACxB,gBAAA;gBAEI,OAAO,IAAIuB,OAAAA,CAAQ,CAACC,OAAAA,EAASC,MAAAA,GAAAA;AAC3B,oBAAA,MAAMC,YAAY9C,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,iCAAiC,EAAA,CAAA;AACrE,oBAAA,MAAM8B,UAAAA,GAAaD,SAAAA,IAAaA,SAAAA,CAAUE,SAAS,GAAG;AAACF,wBAAAA,SAAAA,CAAUE;qBAAU,GAAGtB,SAAAA;oBAE9E7B,GAAAA,CAAIc,MAAM,CACRR,KAAAA,EACAH,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,qCAAA,CAAA,EAClB8B,UAAAA,GAAa;AAAEA,wBAAAA;AAAU,qBAAA,GAAK,EAAA,EAC9B,CAACE,GAAAA,EAAKC,YAAAA,GAAe,EAAE,GAAA;AACrB,wBAAA,IAAID,GAAAA,EAAK;4BACP,OAAOJ,MAAAA,CAAO,IAAIxB,KAAAA,CAAM,gBAAA,CAAA,CAAA;AACpC,wBAAA;wBACUuB,OAAAA,CAAQM,YAAAA,CAAAA;AAClB,oBAAA,CAAA,CAAA;AAEA,gBAAA,CAAA,CAAA;AACA,YAAA;SACA,CAAA;;;;;;"}
1
+ {"version":3,"file":"jwt.mjs","sources":["../../../server/services/jwt.js"],"sourcesContent":["'use strict';\n\n/**\n * Jwt.js service\n *\n * @description: A set of functions similar to controller's actions to avoid code duplication.\n */\n\nconst _ = require('lodash');\nconst jwt = require('jsonwebtoken');\n\nmodule.exports = ({ strapi }) => ({\n getToken(ctx) {\n let token;\n\n if (ctx.request && ctx.request.header && ctx.request.header.authorization) {\n const parts = ctx.request.header.authorization.split(/\\s+/);\n\n if (parts[0].toLowerCase() !== 'bearer' || parts.length !== 2) {\n return null;\n }\n\n token = parts[1];\n } else {\n return null;\n }\n\n return this.verify(token);\n },\n\n issue(payload, jwtOptions = {}) {\n const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');\n\n if (mode === 'refresh') {\n const userId = String(payload.id ?? payload.userId ?? '');\n if (!userId) {\n throw new Error('Cannot issue token: missing user id');\n }\n\n const issueRefreshToken = async () => {\n const refresh = await strapi\n .sessionManager('users-permissions')\n .generateRefreshToken(userId, undefined, { type: 'refresh' });\n\n const access = await strapi\n .sessionManager('users-permissions')\n .generateAccessToken(refresh.token);\n if ('error' in access) {\n throw new Error('Failed to generate access token');\n }\n\n return access.token;\n };\n\n return issueRefreshToken();\n }\n\n _.defaults(jwtOptions, strapi.config.get('plugin::users-permissions.jwt'));\n return jwt.sign(\n _.clone(payload.toJSON ? payload.toJSON() : payload),\n strapi.config.get('plugin::users-permissions.jwtSecret'),\n jwtOptions\n );\n },\n\n async verify(token) {\n const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');\n\n if (mode === 'refresh') {\n // Accept only access tokens minted by the SessionManager for UP\n const result = strapi.sessionManager('users-permissions').validateAccessToken(token);\n if (!result.isValid || result.payload.type !== 'access') {\n throw new Error('Invalid token.');\n }\n\n const user = await strapi.db\n .query('plugin::users-permissions.user')\n .findOne({ where: { id: Number(result.payload.userId) || result.payload.userId } });\n if (!user) {\n throw new Error('Invalid token.');\n }\n\n // Surface the sessionId so the strategy can flag the \"current\" session.\n return { id: user.id, sessionId: result.payload.sessionId };\n }\n\n return new Promise((resolve, reject) => {\n const jwtConfig = strapi.config.get('plugin::users-permissions.jwt', {});\n const algorithms = [jwtConfig?.algorithm || 'HS256'];\n\n jwt.verify(\n token,\n strapi.config.get('plugin::users-permissions.jwtSecret'),\n { algorithms },\n (err, tokenPayload = {}) => {\n if (err) {\n return reject(new Error('Invalid token.'));\n }\n resolve(tokenPayload);\n }\n );\n });\n },\n});\n"],"names":["_","require$$0","jwt","require$$1","jwt_1","strapi","getToken","ctx","token","request","header","authorization","parts","split","toLowerCase","length","verify","issue","payload","jwtOptions","mode","config","get","userId","String","id","Error","issueRefreshToken","refresh","sessionManager","generateRefreshToken","undefined","type","access","generateAccessToken","defaults","sign","clone","toJSON","result","validateAccessToken","isValid","user","db","query","findOne","where","Number","sessionId","Promise","resolve","reject","jwtConfig","algorithms","algorithm","err","tokenPayload"],"mappings":";;;;;;;;AAEA;;;;AAIA,KAEA,MAAMA,CAAAA,GAAIC,UAAAA;AACV,IAAA,MAAMC,GAAAA,GAAMC,UAAAA;AAEZC,IAAAA,KAAAA,GAAiB,CAAC,EAAEC,MAAM,EAAE,IAAM;AAChCC,YAAAA,QAAAA,CAAAA,CAASC,GAAG,EAAA;gBACV,IAAIC,KAAAA;AAEJ,gBAAA,IAAID,GAAAA,CAAIE,OAAO,IAAIF,GAAAA,CAAIE,OAAO,CAACC,MAAM,IAAIH,GAAAA,CAAIE,OAAO,CAACC,MAAM,CAACC,aAAa,EAAE;oBACzE,MAAMC,KAAAA,GAAQL,IAAIE,OAAO,CAACC,MAAM,CAACC,aAAa,CAACE,KAAK,CAAC,KAAA,CAAA;oBAErD,IAAID,KAAK,CAAC,CAAA,CAAE,CAACE,WAAW,OAAO,QAAA,IAAYF,KAAAA,CAAMG,MAAM,KAAK,CAAA,EAAG;wBAC7D,OAAO,IAAA;AACf,oBAAA;oBAEMP,KAAAA,GAAQI,KAAK,CAAC,CAAA,CAAE;gBACtB,CAAA,MAAW;oBACL,OAAO,IAAA;AACb,gBAAA;gBAEI,OAAO,IAAI,CAACI,MAAM,CAACR,KAAAA,CAAAA;AACvB,YAAA,CAAA;AAEES,YAAAA,KAAAA,CAAAA,CAAMC,OAAO,EAAEC,UAAAA,GAAa,EAAE,EAAA;AAC5B,gBAAA,MAAMC,OAAOf,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,yCAAA,EAA2C,gBAAA,CAAA;AAE1E,gBAAA,IAAIF,SAAS,SAAA,EAAW;AACtB,oBAAA,MAAMG,SAASC,MAAAA,CAAON,OAAAA,CAAQO,EAAE,IAAIP,OAAAA,CAAQK,MAAM,IAAI,EAAA,CAAA;AACtD,oBAAA,IAAI,CAACA,MAAAA,EAAQ;AACX,wBAAA,MAAM,IAAIG,KAAAA,CAAM,qCAAA,CAAA;AACxB,oBAAA;AAEM,oBAAA,MAAMC,iBAAAA,GAAoB,UAAA;wBACxB,MAAMC,OAAAA,GAAU,MAAMvB,MAAAA,CACnBwB,cAAc,CAAC,mBAAA,CAAA,CACfC,oBAAoB,CAACP,MAAAA,EAAQQ,SAAAA,EAAW;4BAAEC,IAAAA,EAAM;AAAS,yBAAA,CAAA;wBAE5D,MAAMC,MAAAA,GAAS,MAAM5B,MAAAA,CAClBwB,cAAc,CAAC,mBAAA,CAAA,CACfK,mBAAmB,CAACN,OAAAA,CAAQpB,KAAK,CAAA;AACpC,wBAAA,IAAI,WAAWyB,MAAAA,EAAQ;AACrB,4BAAA,MAAM,IAAIP,KAAAA,CAAM,iCAAA,CAAA;AAC1B,wBAAA;AAEQ,wBAAA,OAAOO,OAAOzB,KAAK;AAC3B,oBAAA,CAAA;oBAEM,OAAOmB,iBAAAA,EAAAA;AACb,gBAAA;AAEI3B,gBAAAA,CAAAA,CAAEmC,QAAQ,CAAChB,UAAAA,EAAYd,OAAOgB,MAAM,CAACC,GAAG,CAAC,+BAAA,CAAA,CAAA;AACzC,gBAAA,OAAOpB,IAAIkC,IAAI,CACbpC,EAAEqC,KAAK,CAACnB,QAAQoB,MAAM,GAAGpB,OAAAA,CAAQoB,MAAM,KAAKpB,OAAAA,CAAAA,EAC5Cb,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,qCAAA,CAAA,EAClBH,UAAAA,CAAAA;AAEN,YAAA,CAAA;AAEE,YAAA,MAAMH,QAAOR,KAAK,EAAA;AAChB,gBAAA,MAAMY,OAAOf,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,yCAAA,EAA2C,gBAAA,CAAA;AAE1E,gBAAA,IAAIF,SAAS,SAAA,EAAW;;AAEtB,oBAAA,MAAMmB,SAASlC,MAAAA,CAAOwB,cAAc,CAAC,mBAAA,CAAA,CAAqBW,mBAAmB,CAAChC,KAAAA,CAAAA;oBAC9E,IAAI,CAAC+B,OAAOE,OAAO,IAAIF,OAAOrB,OAAO,CAACc,IAAI,KAAK,QAAA,EAAU;AACvD,wBAAA,MAAM,IAAIN,KAAAA,CAAM,gBAAA,CAAA;AACxB,oBAAA;oBAEM,MAAMgB,IAAAA,GAAO,MAAMrC,MAAAA,CAAOsC,EAAE,CACzBC,KAAK,CAAC,gCAAA,CAAA,CACNC,OAAO,CAAC;wBAAEC,KAAAA,EAAO;4BAAErB,EAAAA,EAAIsB,MAAAA,CAAOR,OAAOrB,OAAO,CAACK,MAAM,CAAA,IAAKgB,MAAAA,CAAOrB,OAAO,CAACK;AAAM;AAAE,qBAAA,CAAA;AAClF,oBAAA,IAAI,CAACmB,IAAAA,EAAM;AACT,wBAAA,MAAM,IAAIhB,KAAAA,CAAM,gBAAA,CAAA;AACxB,oBAAA;;oBAGM,OAAO;AAAED,wBAAAA,EAAAA,EAAIiB,KAAKjB,EAAE;wBAAEuB,SAAAA,EAAWT,MAAAA,CAAOrB,OAAO,CAAC8B;;AACtD,gBAAA;gBAEI,OAAO,IAAIC,OAAAA,CAAQ,CAACC,OAAAA,EAASC,MAAAA,GAAAA;AAC3B,oBAAA,MAAMC,YAAY/C,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,iCAAiC,EAAA,CAAA;AACrE,oBAAA,MAAM+B,UAAAA,GAAa;AAACD,wBAAAA,SAAAA,EAAWE,SAAAA,IAAa;AAAQ,qBAAA;oBAEpDpD,GAAAA,CAAIc,MAAM,CACRR,KAAAA,EACAH,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,qCAAA,CAAA,EAClB;AAAE+B,wBAAAA;AAAU,qBAAA,EACZ,CAACE,GAAAA,EAAKC,YAAAA,GAAe,EAAE,GAAA;AACrB,wBAAA,IAAID,GAAAA,EAAK;4BACP,OAAOJ,MAAAA,CAAO,IAAIzB,KAAAA,CAAM,gBAAA,CAAA,CAAA;AACpC,wBAAA;wBACUwB,OAAAA,CAAQM,YAAAA,CAAAA;AAClB,oBAAA,CAAA,CAAA;AAEA,gBAAA,CAAA,CAAA;AACA,YAAA;SACA,CAAA;;;;;;"}
@@ -60,6 +60,14 @@ function requireUsersPermissions() {
60
60
  action: 'plugin::users-permissions.auth.logout',
61
61
  roleType: 'authenticated'
62
62
  },
63
+ {
64
+ action: 'plugin::users-permissions.auth.getSessions',
65
+ roleType: 'authenticated'
66
+ },
67
+ {
68
+ action: 'plugin::users-permissions.auth.revokeSession',
69
+ roleType: 'authenticated'
70
+ },
63
71
  {
64
72
  action: 'plugin::users-permissions.user.me',
65
73
  roleType: 'authenticated'