@webbio/strapi-plugin-page-builder 0.9.7-platform → 0.9.8-authentication

package/server/services/private-content/graphql/resolvers/findOnePage.ts

@@ -0,0 +1,40 @@
+import { omit } from 'lodash/fp';
+import { sanitize } from '@strapi/utils';
+import { PAGE_UID } from '../../../../../shared/utils/constants';
+import { ForbiddenError as ApolloForbiddenError } from 'apollo-server-koa';
+
+export const page = {
+	async resolve(parent, args, ctx) {
+		const uid = PAGE_UID;
+		const { toEntityResponse } = strapi.plugin('graphql').service('format').returnTypes;
+		const { transformArgs } = strapi.plugin('graphql').service('builders').utils;
+		const populatedArgs = { ...args, populate: { platform: true } };
+		const transformedArgs = transformArgs(populatedArgs, strapi.contentType(PAGE_UID));
+		const sanitizedQuery = await sanitize.contentAPI.query(populatedArgs, strapi.contentType(PAGE_UID));
+		const value = await strapi.entityService!.findOne(uid, args.id, omit('id', sanitizedQuery));
+		// @ts-ignore Strapi types are the best
+		if (!value?.platform?.isPrivate && !value.isPrivate) {
+			return toEntityResponse(value, { args: transformedArgs, resourceUID: uid });
+		}
+
+		if (
+			// @ts-ignore Strapi types are the best
+			(value?.platform?.isPrivate === true && ctx.koaContext.req.headers.authorization) ||
+			(value?.isPrivate === true && ctx.koaContext.req.headers.authorization)
+		) {
+			const auth = ctx.koaContext.req.headers.authorization;
+			const token = auth.split(' ');
+
+			const jwtService = strapi.plugin('users-permissions').service('jwt');
+			const decodedToken = await jwtService.verify(token[1]);
+			if (decodedToken) {
+				const user = ctx.state.user;
+				// @ts-ignore Strapi types are the best
+				if (user?.platform?.id === value?.platform?.id) {
+					return toEntityResponse(value, { args: transformedArgs, resourceUID: uid });
+				}
+			}
+		}
+		return new ApolloForbiddenError('Forbidden access');
+	}
+};

package/server/services/private-content/graphql/resolvers/findPage.ts

@@ -0,0 +1,45 @@
+import { sanitize } from '@strapi/utils';
+import { PAGE_UID } from '../../../../../shared/utils/constants';
+
+export const pages = {
+	async resolve(parent, args, ctx) {
+		const uid = PAGE_UID;
+		const { toEntityResponseCollection } = strapi.plugin('graphql').service('format').returnTypes;
+		const { transformArgs } = strapi.plugin('graphql').service('builders').utils;
+		const populatedArgs = { ...args, populate: { platform: true } };
+		const transformedArgs = transformArgs(populatedArgs, strapi.contentType(PAGE_UID));
+		const sanitizedQuery = await sanitize.contentAPI.query(populatedArgs, strapi.contentType(PAGE_UID));
+		const value = await strapi.entityService!.findMany(uid, sanitizedQuery);
+
+		const user = ctx.state.user;
+
+		if (user && ctx.koaContext.req.headers.authorization) {
+			const auth = ctx.koaContext.req.headers.authorization;
+			const token = auth.split(' ');
+			const jwtService = strapi.plugin('users-permissions').service('jwt');
+			const decodedToken = await jwtService.verify(token[1]);
+			if (decodedToken) {
+				// @ts-ignore
+				const filteredItems = value.filter((item) => {
+					// @ts-ignore
+					if (item.platform.isPrivate === true && user.platform.id === item.platform.id) {
+						return item;
+					}
+					if (item.isPrivate === true && user.platform.id === item.platform.id) {
+						return item;
+					}
+					// @ts-ignore
+					if (item.platform.isPrivate !== true && item.isPrivate !== true) {
+						return item;
+					}
+				});
+				return toEntityResponseCollection(filteredItems, { args: transformedArgs, resourceUID: uid });
+			}
+		}
+
+		// @ts-ignore
+		const filteredItems = value.filter((item) => item.platform.isPrivate !== true && item.isPrivate !== true);
+
+		return toEntityResponseCollection(filteredItems, { args: transformedArgs, resourceUID: uid });
+	}
+};

package/server/services/private-content/graphql/resolvers/forgot-password.ts

@@ -0,0 +1,26 @@
+import { errors } from '@strapi/utils';
+import { USER_MODEL } from '../../constants';
+import { validateForgotPasswordSchema } from '../../schemas';
+const { UnauthorizedError } = errors;
+
+export const platformForgotPassword = {
+	async resolve(parent, args, context) {
+		await validateForgotPasswordSchema(args.input);
+
+		const { email, platformId } = args.input;
+
+		const user = await strapi.query(USER_MODEL).findOne({
+			populate: { platform: { populate: { platformMails: { populate: true } } } },
+			where: {
+				email: email.toLowerCase(),
+				platform: {
+					id: platformId
+				}
+			}
+		});
+		await strapi.service('plugin::page-builder.email').sendForgotPasswordMail(user);
+		return {
+			message: 'Email has been sent'
+		};
+	}
+};

package/server/services/private-content/graphql/resolvers/login.ts

@@ -0,0 +1,51 @@
+import { errors, sanitize } from '@strapi/utils';
+import { USER_MODEL } from '../../constants';
+import { validateLoginSchema } from '../../schemas';
+const { UnauthorizedError } = errors;
+
+export const platformLogin = {
+	async resolve(parent, args, context) {
+		await validateLoginSchema(args.input);
+
+		const { email, password, platformId } = args.input;
+
+		const user = await strapi.query(USER_MODEL).findOne({
+			where: {
+				email: email.toLowerCase(),
+				platform: {
+					id: platformId
+				}
+			}
+		});
+
+		if (user == null) {
+			throw new UnauthorizedError('Invalid email or password');
+		}
+
+		const isPasswordValid = await strapi
+			.service('plugin::users-permissions.user')
+			.validatePassword(password, user.password);
+
+		if (isPasswordValid === false) {
+			throw new UnauthorizedError('Invalid email or password');
+		}
+
+		if (user.confirmed === false) {
+			throw new UnauthorizedError('Email is not confirmed');
+		}
+
+		if (user.activateUser === false) {
+			throw new UnauthorizedError('Account is not activated');
+		}
+
+		const sanitizedUser = sanitize.contentAPI.output(user, strapi.getModel(USER_MODEL), {
+			auth: false
+		});
+		const jwt = await strapi.service('plugin::users-permissions.jwt').issue({ id: user.id, platformId: platformId });
+
+		return {
+			user: sanitizedUser,
+			jwt
+		};
+	}
+};

package/server/services/private-content/graphql/resolvers/register.ts

@@ -0,0 +1,68 @@
+import { sanitize } from '@strapi/utils';
+import { errors } from '@strapi/utils';
+import { USER_MODEL } from '../../constants';
+import { validateRegisterSchema } from '../../schemas';
+const { ApplicationError } = errors;
+
+export const platformRegister = {
+	async resolve(parent, args, context) {
+		const pluginStore = await strapi.store({ type: 'plugin', name: 'users-permissions' });
+		const settings: any = await pluginStore.get({ key: 'advanced' });
+
+		await validateRegisterSchema(args.input);
+
+		const { email, platformId } = args.input;
+
+		const role = await strapi
+			.query('plugin::users-permissions.role')
+			.findOne({ where: { type: settings.default_role } });
+
+		if (!role) {
+			throw new ApplicationError('Impossible to find the default role');
+		}
+		const conflictingUserCount = await strapi.query(USER_MODEL).count({
+			where: {
+				$and: [
+					{
+						email
+					},
+					{
+						platform: {
+							id: platformId
+						}
+					}
+				]
+			}
+		});
+
+		if (conflictingUserCount > 0) {
+			throw new ApplicationError('Email is already taken');
+		}
+
+		const userData = {
+			...args.input,
+			role: role.id,
+			categories: args.input.categories,
+			platform: platformId,
+			email: email.toLowerCase(),
+			provider: 'local',
+			confirmed: false,
+			activateUser: false
+		};
+
+		const createdUser = await strapi.entityService.create(USER_MODEL, {
+			data: userData
+		});
+
+		const userModel = strapi.getModel(USER_MODEL);
+		const sanitizedUser = sanitize.contentAPI.output(createdUser, userModel, {
+			auth: false
+		});
+
+		await strapi.service('plugin::page-builder.email').sendConfirmationEmail(createdUser);
+
+		return {
+			user: sanitizedUser
+		};
+	}
+};

package/server/services/private-content/graphql/resolvers/reset-password.ts

@@ -0,0 +1,44 @@
+import { sanitize } from '@strapi/utils';
+import { USER_MODEL } from '../../constants';
+import { validateResetPasswordSchema } from '../../schemas';
+
+export const platformResetPassword = {
+	async resolve(parent, args, context) {
+		await validateResetPasswordSchema(args.input);
+
+		const { password, resetPasswordToken } = args.input;
+
+		const jwtService = strapi.plugin('users-permissions').service('jwt');
+		const decodedToken = await jwtService.verify(resetPasswordToken);
+
+		if (decodedToken) {
+			const user = await strapi.query(USER_MODEL).findOne({
+				where: {
+					id: decodedToken.userId,
+					resetPasswordToken: resetPasswordToken
+				}
+			});
+			if (user && user.resetPasswordToken && user.resetPasswordToken === resetPasswordToken) {
+				if (password) {
+					await strapi.entityService.update(USER_MODEL, user.id, {
+						data: {
+							// @ts-ignore
+							password: password,
+							resetPasswordToken: null
+						}
+					});
+				}
+
+				const userModel = strapi.getModel(USER_MODEL);
+				const sanitizedUser = sanitize.contentAPI.output(user, userModel, {
+					auth: false
+				});
+				return {
+					user: sanitizedUser
+				};
+			}
+		}
+
+		throw new Error('Time of token has expired request a new password change');
+	}
+};

package/server/services/private-content/graphql/types/index.ts

@@ -0,0 +1,98 @@
+export const LoginInput = `
+input LoginInput {
+  email: String!
+  password: String!
+  platformId: ID!
+}
+`;
+
+export const ForgotPasswordInput = `
+input ForgotPasswordInput {
+  email: String!
+  platformId: ID!
+}`;
+
+export const RegisterInput = `
+input RegisterInput {
+  email: String!
+  password: String!
+  firstName: String
+  lastName: String
+  company: String
+  jobTitle: String
+  address: String
+  postalCode: String
+  city: String
+  country: String
+  phone: String
+  subscribeToNewsletter: Boolean
+  categories: [ID]
+  platformId: ID!
+}
+`;
+
+export const LoginResponse = `
+type LoginResponse {
+  jwt: String
+  user: User
+}
+`;
+
+export const RegisterResponse = `
+type RegisterResponse {
+  user: User
+}
+`;
+
+export const ForgotPasswordResponse = `
+type ForgotPasswordResponse {
+  message: String
+}
+`;
+
+export const User = `
+type User {
+  id: ID!
+  email: String!
+  confirmed: Boolean
+  blocked: Boolean
+  activated: Boolean
+  platformId: ID!
+}
+`;
+
+export const ResetPassword = `
+type ResetPassword {
+  jwt: String
+  email: String
+}
+`;
+export const ResetPasswordInput = `
+input ResetPasswordInput {
+  password: String!
+  passwordConfirmation: String!
+  resetPasswordToken: String!
+}
+`;
+
+export const ResetPasswordResponse = `
+type ResetPasswordResponse {
+  user: User
+}
+`;
+
+export const Mutations = `
+type Mutation {
+  platformLogin(input: LoginInput!): LoginResponse
+  platformRegister(input: RegisterInput!): RegisterResponse
+  platformForgotPassword(input: ForgotPasswordInput!): ForgotPasswordResponse
+  platformResetPassword(input: ResetPasswordInput!): ResetPasswordResponse
+}
+`;
+
+export const Queries = `
+type Query {
+  page(id: ID, locale: I18NLocaleCode): PageEntityResponse
+  pages(filters: PageFiltersInput pagination: PaginationArg = {} sort: [String] = [] publicationState: PublicationState = LIVE locale: I18NLocaleCode): PageEntityResponseCollection
+}
+`;

package/server/services/private-content/index.ts

@@ -0,0 +1,84 @@
+import { getConfig } from '../../utils/strapi';
+import { extendControllers, extendUser } from './user';
+import { extendGraphQL } from './graphql';
+import { extendPlatform } from './platform';
+import { extendPage } from './page';
+
+export default {
+	async enablePrivateContent() {
+		if (this.isPrivateContentEnabled) {
+			await strapi.services?.['plugin::page-builder.builder']?.buildComponents();
+			extendUser();
+			extendControllers();
+			extendGraphQL();
+			extendPlatform();
+			extendPage();
+		}
+	},
+	isPrivateContentEnabled(): boolean {
+		const pageBuilderConfig = getConfig();
+		return pageBuilderConfig?.privateContent === true;
+	},
+	async activateUser(token: string) {
+		const jwtService = strapi.plugin('users-permissions').service('jwt');
+		const decodedToken = await jwtService.verify(token);
+
+		if (decodedToken) {
+			const user = await strapi.query('plugin::users-permissions.user').findOne({
+				where: {
+					id: decodedToken.userId,
+					platform: {
+						id: decodedToken.platformId
+					}
+				}
+			});
+			if (!user.confirmed && user.confirmationToken && user.confirmationToken === token) {
+				await strapi.entityService.update('plugin::users-permissions.user', user.id, {
+					// @ts-ignore
+					data: { confirmed: true, confirmationToken: null }
+				});
+				await strapi.service('plugin::page-builder.email').sendAdminMail(user);
+
+				return ' User has been created';
+			}
+			throw new Error('User already activated');
+		}
+	},
+	async removeInactiveUsers() {
+		const oneDayAgo = new Date();
+		oneDayAgo.setHours(oneDayAgo.getHours() - 24);
+
+		const usersToDelete = await (
+			await strapi.query('plugin::users-permissions.user').findMany({
+				where: {
+					$and: [
+						{
+							confirmed: {
+								$eq: false
+							}
+						},
+						{
+							createdAt: {
+								$lt: oneDayAgo
+							}
+						}
+					]
+				}
+			})
+		).map((user) => {
+			return user.id;
+		});
+
+		try {
+			await strapi.query('plugin::users-permissions.user').deleteMany({
+				where: {
+					id: {
+						$in: usersToDelete
+					}
+				}
+			});
+		} catch (error) {
+			console.log(error);
+		}
+	}
+};

package/server/services/private-content/mail-template/txtMail.email.template.text.ts

@@ -0,0 +1,7 @@
+import Handlebars from 'handlebars';
+import { IMail } from './txtMail.interface';
+
+export const txtEmail = (mailData: IMail) => {
+	const template = Handlebars.compile(mailData.text);
+	return template(mailData);
+};

package/server/services/private-content/mail-template/txtMail.interface.ts

@@ -0,0 +1,7 @@
+export interface IMail {
+	email: string;
+	firstName: string;
+	lastName: string;
+	text: string;
+	confirmationUrl?: string;
+}

package/server/services/private-content/page.ts

@@ -0,0 +1,14 @@
+import { PAGE_UID } from '../../../shared/utils/constants';
+
+export const extendPage = () => {
+	const pageContentType = strapi.contentType(PAGE_UID);
+	pageContentType.attributes = {
+		...pageContentType.attributes,
+		isProtected: {
+			type: 'boolean',
+			required: false,
+			default: false
+		}
+	};
+	delete pageContentType.attributes.username;
+};

package/server/services/private-content/platform.ts

@@ -0,0 +1,14 @@
+import { PLATFORM_UID } from '../../../shared/utils/constants';
+
+export const extendPlatform = () => {
+	const platformContentType = strapi.contentType(PLATFORM_UID);
+	platformContentType.attributes = {
+		...platformContentType.attributes,
+		isProtected: {
+			type: 'boolean',
+			required: false,
+			default: false
+		}
+	};
+	delete platformContentType.attributes.username;
+};

package/server/services/private-content/schemas/index.ts

@@ -0,0 +1,28 @@
+import { validateYupSchema, yup } from '@strapi/utils';
+
+const registerSchema = yup.object({
+	email: yup.string().email().required(),
+	password: yup.string().required(),
+	platformId: yup.number().required()
+});
+
+export const loginSchema = yup.object({
+	email: yup.string().email().required(),
+	password: yup.string().required(),
+	platformId: yup.number().required()
+});
+
+export const forgotPasswordSchema = yup.object({
+	email: yup.string().email().required(),
+	platformId: yup.number().required()
+});
+
+export const resetPasswordSchema = yup.object({
+	password: yup.string().required(),
+	resetPasswordToken: yup.string().required()
+});
+
+export const validateRegisterSchema = async (input: any) => validateYupSchema(input, registerSchema);
+export const validateLoginSchema = async (input: any) => validateYupSchema(input, loginSchema);
+export const validateForgotPasswordSchema = async (input: any) => validateYupSchema(input, forgotPasswordSchema);
+export const validateResetPasswordSchema = async (input: any) => validateYupSchema(input, resetPasswordSchema);