@vivinkv28/strapi-2fa-admin-plugin 0.1.9 → 0.1.12

package/README.md

@@ -122,6 +122,20 @@ host-patch/
 
 These are the files you can copy into your Strapi project to get the same admin OTP UI pattern.
 
+If you want to view the same host patch files on GitHub, use:
+
+- [host-patch folder](https://github.com/vivinkv6/strapi-admin-2fa-plugin/tree/master/host-patch)
+- [apply-strapi-admin-2fa-patch.js](https://github.com/vivinkv6/strapi-admin-2fa-plugin/blob/master/host-patch/apply-strapi-admin-2fa-patch.js)
+- [services/auth.js](https://github.com/vivinkv6/strapi-admin-2fa-plugin/blob/master/host-patch/strapi-admin-2fa-patch/services/auth.js)
+- [services/auth.mjs](https://github.com/vivinkv6/strapi-admin-2fa-plugin/blob/master/host-patch/strapi-admin-2fa-patch/services/auth.mjs)
+- [pages/Auth/components/Login.js](https://github.com/vivinkv6/strapi-admin-2fa-plugin/blob/master/host-patch/strapi-admin-2fa-patch/pages/Auth/components/Login.js)
+- [pages/Auth/components/Login.mjs](https://github.com/vivinkv6/strapi-admin-2fa-plugin/blob/master/host-patch/strapi-admin-2fa-patch/pages/Auth/components/Login.mjs)
+
+That gives users both options:
+
+- install from npm and copy the bundled files
+- inspect the admin UI source directly on GitHub before integrating it
+
 ## What The UI Patch Does
 
 The bundled host patch changes the Strapi admin login flow to:

package/dist/server/index.js

@@ -19149,21 +19149,21 @@ class ForbiddenError extends ApplicationError$1 {
     this.message = message;
   }
 }
-class UnauthorizedError extends ApplicationError$1 {
+let UnauthorizedError$1 = class UnauthorizedError extends ApplicationError$1 {
   constructor(message = "Unauthorized", details) {
     super(message, details);
     this.name = "UnauthorizedError";
     this.message = message;
   }
-}
-class RateLimitError extends ApplicationError$1 {
+};
+let RateLimitError$1 = class RateLimitError extends ApplicationError$1 {
   constructor(message = "Too many requests, please try again later.", details) {
     super(message, details);
     this.name = "RateLimitError";
     this.message = message;
     this.details = details || {};
   }
-}
+};
 class PayloadTooLargeError extends ApplicationError$1 {
   constructor(message = "Entity too large", details) {
     super(message, details);
@@ -19196,8 +19196,8 @@ const errors$1 = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineProp
   PaginationError,
   PayloadTooLargeError,
   PolicyError,
-  RateLimitError,
-  UnauthorizedError,
+  RateLimitError: RateLimitError$1,
+  UnauthorizedError: UnauthorizedError$1,
   ValidationError: ValidationError$1,
   YupValidationError
 }, Symbol.toStringTag, { value: "Module" }));
@@ -43795,7 +43795,7 @@ const require$$1 = /* @__PURE__ */ getAugmentedNamespace(dist);
 const crypto = require$$1__default$1.default;
 const { errors } = require$$1;
 const sessionAuth = strapiSessionAuth;
-const { ApplicationError: ApplicationError2, ValidationError: ValidationError3 } = errors;
+const { ApplicationError: ApplicationError2, RateLimitError: RateLimitError2, UnauthorizedError: UnauthorizedError2, ValidationError: ValidationError3 } = errors;
 const STORE_NAME = "admin-otp-login";
 const STORE_KEY_PREFIX = "challenge:";
 const RATE_LIMIT_KEY_PREFIX = "rate-limit:";
@@ -43914,11 +43914,11 @@ const deleteChallenge = async (store, challengeId) => {
 const getChallenge = async (store, challengeId) => {
   const challenge = await store.get({ key: getStoreKey(challengeId) });
   if (!challenge) {
-    throw new ApplicationError2("OTP session not found. Please log in again.");
+    throw new UnauthorizedError2("OTP session not found. Please log in again.");
   }
   if (new Date(challenge.expiresAt).getTime() <= Date.now()) {
     await deleteChallenge(store, challengeId);
-    throw new ApplicationError2("OTP expired. Please log in again.");
+    throw new UnauthorizedError2("OTP expired. Please log in again.");
   }
   return challenge;
 };
@@ -43941,7 +43941,7 @@ const registerRateLimitHit = async (store, config2, action, scope, identifier) =
     return;
   }
   if (existing.count >= limit) {
-    throw new ApplicationError2("Too many authentication attempts. Please wait a few minutes and try again.");
+    throw new RateLimitError2("Too many authentication attempts. Please wait a few minutes and try again.");
   }
   await store.set({
     key,
@@ -44020,7 +44020,7 @@ var auth$1 = () => ({
     });
     logDuration(config2, "checkCredentials", credentialsStartedAt);
     if (!user) {
-      throw new ApplicationError2(info?.message ?? "Invalid credentials");
+      throw new UnauthorizedError2(info?.message ?? "Invalid credentials");
     }
     const challengeId = crypto.randomUUID();
     const code = createOtpCode(config2.otpDigits);
@@ -44069,7 +44069,7 @@ var auth$1 = () => ({
     await registerRateLimitHit(store, config2, "resend", "email", current.email);
     if (current.resendCount >= config2.maxResends) {
       await deleteChallenge(store, challengeId);
-      throw new ApplicationError2("Maximum OTP resend attempts exceeded. Please log in again.");
+      throw new RateLimitError2("Maximum OTP resend attempts exceeded. Please log in again.");
     }
     const code = createOtpCode(config2.otpDigits);
     const salt = crypto.randomBytes(16).toString("hex");
@@ -44112,7 +44112,7 @@ var auth$1 = () => ({
     await registerRateLimitHit(store, config2, "verify", "email", challenge.email);
     if (challenge.attempts >= config2.maxAttempts) {
       await deleteChallenge(store, challengeId);
-      throw new ApplicationError2("Maximum OTP attempts exceeded. Please log in again.");
+      throw new RateLimitError2("Maximum OTP attempts exceeded. Please log in again.");
     }
     const hashStartedAt = now();
     const computedHash = await createOtpHash(challengeId, code, challenge.salt);
@@ -44125,7 +44125,7 @@ var auth$1 = () => ({
       const nextAttempts = challenge.attempts + 1;
       if (nextAttempts >= config2.maxAttempts) {
         await deleteChallenge(store, challengeId);
-        throw new ApplicationError2("Maximum OTP attempts exceeded. Please log in again.");
+        throw new RateLimitError2("Maximum OTP attempts exceeded. Please log in again.");
       }
       const storeStartedAt = now();
       await store.set({
@@ -44139,7 +44139,7 @@ var auth$1 = () => ({
         challengeId,
         attempts: nextAttempts
       });
-      throw new ApplicationError2("Invalid OTP code");
+      throw new UnauthorizedError2("Invalid OTP code");
     }
     const deleteStartedAt = now();
     await deleteChallenge(store, challengeId);

package/dist/server/index.mjs

@@ -19135,21 +19135,21 @@ class ForbiddenError extends ApplicationError$1 {
     this.message = message;
   }
 }
-class UnauthorizedError extends ApplicationError$1 {
+let UnauthorizedError$1 = class UnauthorizedError extends ApplicationError$1 {
   constructor(message = "Unauthorized", details) {
     super(message, details);
     this.name = "UnauthorizedError";
     this.message = message;
   }
-}
-class RateLimitError extends ApplicationError$1 {
+};
+let RateLimitError$1 = class RateLimitError extends ApplicationError$1 {
   constructor(message = "Too many requests, please try again later.", details) {
     super(message, details);
     this.name = "RateLimitError";
     this.message = message;
     this.details = details || {};
   }
-}
+};
 class PayloadTooLargeError extends ApplicationError$1 {
   constructor(message = "Entity too large", details) {
     super(message, details);
@@ -19182,8 +19182,8 @@ const errors$1 = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineProp
   PaginationError,
   PayloadTooLargeError,
   PolicyError,
-  RateLimitError,
-  UnauthorizedError,
+  RateLimitError: RateLimitError$1,
+  UnauthorizedError: UnauthorizedError$1,
   ValidationError: ValidationError$1,
   YupValidationError
 }, Symbol.toStringTag, { value: "Module" }));
@@ -43781,7 +43781,7 @@ const require$$1 = /* @__PURE__ */ getAugmentedNamespace(dist);
 const crypto = require$$1$2;
 const { errors } = require$$1;
 const sessionAuth = strapiSessionAuth;
-const { ApplicationError: ApplicationError2, ValidationError: ValidationError3 } = errors;
+const { ApplicationError: ApplicationError2, RateLimitError: RateLimitError2, UnauthorizedError: UnauthorizedError2, ValidationError: ValidationError3 } = errors;
 const STORE_NAME = "admin-otp-login";
 const STORE_KEY_PREFIX = "challenge:";
 const RATE_LIMIT_KEY_PREFIX = "rate-limit:";
@@ -43900,11 +43900,11 @@ const deleteChallenge = async (store, challengeId) => {
 const getChallenge = async (store, challengeId) => {
   const challenge = await store.get({ key: getStoreKey(challengeId) });
   if (!challenge) {
-    throw new ApplicationError2("OTP session not found. Please log in again.");
+    throw new UnauthorizedError2("OTP session not found. Please log in again.");
   }
   if (new Date(challenge.expiresAt).getTime() <= Date.now()) {
     await deleteChallenge(store, challengeId);
-    throw new ApplicationError2("OTP expired. Please log in again.");
+    throw new UnauthorizedError2("OTP expired. Please log in again.");
   }
   return challenge;
 };
@@ -43927,7 +43927,7 @@ const registerRateLimitHit = async (store, config2, action, scope, identifier) =
     return;
   }
   if (existing.count >= limit) {
-    throw new ApplicationError2("Too many authentication attempts. Please wait a few minutes and try again.");
+    throw new RateLimitError2("Too many authentication attempts. Please wait a few minutes and try again.");
   }
   await store.set({
     key,
@@ -44006,7 +44006,7 @@ var auth$1 = () => ({
     });
     logDuration(config2, "checkCredentials", credentialsStartedAt);
     if (!user) {
-      throw new ApplicationError2(info?.message ?? "Invalid credentials");
+      throw new UnauthorizedError2(info?.message ?? "Invalid credentials");
     }
     const challengeId = crypto.randomUUID();
     const code = createOtpCode(config2.otpDigits);
@@ -44055,7 +44055,7 @@ var auth$1 = () => ({
     await registerRateLimitHit(store, config2, "resend", "email", current.email);
     if (current.resendCount >= config2.maxResends) {
       await deleteChallenge(store, challengeId);
-      throw new ApplicationError2("Maximum OTP resend attempts exceeded. Please log in again.");
+      throw new RateLimitError2("Maximum OTP resend attempts exceeded. Please log in again.");
     }
     const code = createOtpCode(config2.otpDigits);
     const salt = crypto.randomBytes(16).toString("hex");
@@ -44098,7 +44098,7 @@ var auth$1 = () => ({
     await registerRateLimitHit(store, config2, "verify", "email", challenge.email);
     if (challenge.attempts >= config2.maxAttempts) {
       await deleteChallenge(store, challengeId);
-      throw new ApplicationError2("Maximum OTP attempts exceeded. Please log in again.");
+      throw new RateLimitError2("Maximum OTP attempts exceeded. Please log in again.");
     }
     const hashStartedAt = now();
     const computedHash = await createOtpHash(challengeId, code, challenge.salt);
@@ -44111,7 +44111,7 @@ var auth$1 = () => ({
       const nextAttempts = challenge.attempts + 1;
       if (nextAttempts >= config2.maxAttempts) {
         await deleteChallenge(store, challengeId);
-        throw new ApplicationError2("Maximum OTP attempts exceeded. Please log in again.");
+        throw new RateLimitError2("Maximum OTP attempts exceeded. Please log in again.");
       }
       const storeStartedAt = now();
       await store.set({
@@ -44125,7 +44125,7 @@ var auth$1 = () => ({
         challengeId,
         attempts: nextAttempts
       });
-      throw new ApplicationError2("Invalid OTP code");
+      throw new UnauthorizedError2("Invalid OTP code");
     }
     const deleteStartedAt = now();
     await deleteChallenge(store, challengeId);

package/host-patch/strapi-admin-2fa-patch/pages/Auth/components/Login.js

@@ -35,8 +35,23 @@ function _interopNamespaceDefault(e) {
   return Object.freeze(n);
 }
 
-var React__namespace = /*#__PURE__*/_interopNamespaceDefault(React);
-var yup__namespace = /*#__PURE__*/_interopNamespaceDefault(yup);
+var React__namespace = /*#__PURE__*/_interopNamespaceDefault(React);
+var yup__namespace = /*#__PURE__*/_interopNamespaceDefault(yup);
+
+const getApiErrorMessage = (error, fallback = 'Something went wrong')=>{
+    if (!error || typeof error !== 'object') {
+        return fallback;
+    }
+    const candidates = [
+        error?.data?.error?.message,
+        error?.data?.message,
+        error?.error?.message,
+        error?.message,
+        typeof error?.error === 'string' ? error.error : undefined
+    ];
+    const message = candidates.find((value)=>typeof value === 'string' && value.trim().length > 0);
+    return message ?? fallback;
+};
 
 const OTP_LENGTH = 6;
 const OTP_DIGIT_INPUT_STYLE = {
@@ -240,18 +255,18 @@ const Login = ({ children })=>{
     React__namespace.useEffect(()=>{
         document.title = 'Admin Dashboard';
     }, []);
-    const handleLogin = async (body)=>{
-        setApiError(undefined);
-        const res = await adminLoginWithOtp({
-            ...body,
-            deviceId: deviceId.getOrCreateDeviceId()
-        });
-        if ('error' in res) {
-            const message = res.error.message ?? 'Something went wrong';
-            if (camelCase(message).toLowerCase() === 'usernotactive') {
-                navigate('/auth/oops');
-                return;
-            }
+    const handleLogin = async (body)=>{
+        setApiError(undefined);
+        const res = await adminLoginWithOtp({
+            ...body,
+            deviceId: deviceId.getOrCreateDeviceId()
+        });
+        if ('error' in res) {
+            const message = getApiErrorMessage(res.error);
+            if (camelCase(message).toLowerCase() === 'usernotactive') {
+                navigate('/auth/oops');
+                return;
+            }
             setApiError(message);
         } else {
             setOtpStep({
@@ -267,15 +282,15 @@ const Login = ({ children })=>{
             return;
         }
         setApiError(undefined);
-        const res = await verifyAdminLoginOtp({
-            challengeId: otpStep.challengeId,
-            code
-        });
-        if ('error' in res) {
-            setApiError(res.error.message ?? 'Something went wrong');
-        } else {
-            toggleNotification({
-                type: 'success',
+        const res = await verifyAdminLoginOtp({
+            challengeId: otpStep.challengeId,
+            code
+        });
+        if ('error' in res) {
+            setApiError(getApiErrorMessage(res.error));
+        } else {
+            toggleNotification({
+                type: 'success',
                 title: formatMessage({
                     id: 'Auth.notification.authenticated.title',
                     defaultMessage: 'Successfully authenticated'
@@ -295,14 +310,14 @@ const Login = ({ children })=>{
             return;
         }
         setApiError(undefined);
-        const res = await resendAdminLoginOtp({
-            challengeId: otpStep.challengeId
-        });
-        if ('error' in res) {
-            setApiError(res.error.message ?? 'Something went wrong');
-        } else {
-            setOtpStep({
-                ...otpStep,
+        const res = await resendAdminLoginOtp({
+            challengeId: otpStep.challengeId
+        });
+        if ('error' in res) {
+            setApiError(getApiErrorMessage(res.error));
+        } else {
+            setOtpStep({
+                ...otpStep,
                 expiresAt: res.data.expiresAt,
                 maskedEmail: res.data.maskedEmail
             });

package/host-patch/strapi-admin-2fa-patch/pages/Auth/components/Login.mjs

@@ -13,8 +13,23 @@ import { useTypedDispatch } from '../../../core/store/hooks.mjs';
 import { useNotification } from '../../../features/Notifications.mjs';
 import { login as loginAction } from '../../../reducer.mjs';
 import { useAdminLoginWithOtpMutation, useVerifyAdminLoginOtpMutation, useResendAdminLoginOtpMutation } from '../../../services/auth.mjs';
-import { getOrCreateDeviceId } from '../../../utils/deviceId.mjs';
-import { translatedErrors as errorsTrads } from '../../../utils/translatedErrors.mjs';
+import { getOrCreateDeviceId } from '../../../utils/deviceId.mjs';
+import { translatedErrors as errorsTrads } from '../../../utils/translatedErrors.mjs';
+
+const getApiErrorMessage = (error, fallback = 'Something went wrong')=>{
+    if (!error || typeof error !== 'object') {
+        return fallback;
+    }
+    const candidates = [
+        error?.data?.error?.message,
+        error?.data?.message,
+        error?.error?.message,
+        error?.message,
+        typeof error?.error === 'string' ? error.error : undefined
+    ];
+    const message = candidates.find((value)=>typeof value === 'string' && value.trim().length > 0);
+    return message ?? fallback;
+};
 
 const OTP_LENGTH = 6;
 const OTP_DIGIT_INPUT_STYLE = {
@@ -218,18 +233,18 @@ const Login = ({ children })=>{
     React.useEffect(()=>{
         document.title = 'Admin Dashboard';
     }, []);
-    const handleLogin = async (body)=>{
-        setApiError(undefined);
-        const res = await adminLoginWithOtp({
-            ...body,
-            deviceId: getOrCreateDeviceId()
-        });
-        if ('error' in res) {
-            const message = res.error.message ?? 'Something went wrong';
-            if (camelCase(message).toLowerCase() === 'usernotactive') {
-                navigate('/auth/oops');
-                return;
-            }
+    const handleLogin = async (body)=>{
+        setApiError(undefined);
+        const res = await adminLoginWithOtp({
+            ...body,
+            deviceId: getOrCreateDeviceId()
+        });
+        if ('error' in res) {
+            const message = getApiErrorMessage(res.error);
+            if (camelCase(message).toLowerCase() === 'usernotactive') {
+                navigate('/auth/oops');
+                return;
+            }
             setApiError(message);
         } else {
             setOtpStep({
@@ -245,15 +260,15 @@ const Login = ({ children })=>{
             return;
         }
         setApiError(undefined);
-        const res = await verifyAdminLoginOtp({
-            challengeId: otpStep.challengeId,
-            code
-        });
-        if ('error' in res) {
-            setApiError(res.error.message ?? 'Something went wrong');
-        } else {
-            toggleNotification({
-                type: 'success',
+        const res = await verifyAdminLoginOtp({
+            challengeId: otpStep.challengeId,
+            code
+        });
+        if ('error' in res) {
+            setApiError(getApiErrorMessage(res.error));
+        } else {
+            toggleNotification({
+                type: 'success',
                 title: formatMessage({
                     id: 'Auth.notification.authenticated.title',
                     defaultMessage: 'Successfully authenticated'
@@ -273,14 +288,14 @@ const Login = ({ children })=>{
             return;
         }
         setApiError(undefined);
-        const res = await resendAdminLoginOtp({
-            challengeId: otpStep.challengeId
-        });
-        if ('error' in res) {
-            setApiError(res.error.message ?? 'Something went wrong');
-        } else {
-            setOtpStep({
-                ...otpStep,
+        const res = await resendAdminLoginOtp({
+            challengeId: otpStep.challengeId
+        });
+        if ('error' in res) {
+            setApiError(getApiErrorMessage(res.error));
+        } else {
+            setOtpStep({
+                ...otpStep,
                 expiresAt: res.data.expiresAt,
                 maskedEmail: res.data.maskedEmail
             });

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@vivinkv28/strapi-2fa-admin-plugin",
-  "version": "0.1.9",
+  "version": "0.1.12",
   "description": "Reusable Strapi admin 2FA plugin",
   "type": "commonjs",
   "keywords": [