strapi-identity 0.0.1 → 0.0.2-debug.1

package/README.md

@@ -21,7 +21,14 @@ Detailed Multi-Factor Authentication (MFA) plugin for Strapi v5+. Secure your St
 
 To install this plugin, you'll need to include it in your Strapi project.
 
-1. **Install the dependency** (if published to npm) or link the local plugin.
+1. **Install the dependency**:
+
+```bash
+npm install strapi-identity
+# or
+yarn add strapi-identity
+```
+
 2. **Enable the plugin** in `config/plugins.ts`:
 
 ```typescript
@@ -29,7 +36,6 @@ export default {
   // ...
   'strapi-identity': {
     enabled: true,
-    resolve: './src/plugins/strapi-identity', // If local
   },
   // ...
 };

package/dist/_chunks/{AdminReset-B7_r8Jh1.mjs → AdminReset-C7Wbxz4Z.mjs}

@@ -2,7 +2,7 @@ import { jsxs, Fragment, jsx } from "react/jsx-runtime";
 import { useState, useEffect } from "react";
 import { W as WarningAlert } from "./WarningAlert-VU011LVF.mjs";
 import { Box, Flex, Typography, Grid, Button } from "@strapi/design-system";
-import { g as getTranslation } from "./index-Df5ytRzw.mjs";
+import { g as getTranslation } from "./index-Dx9hSw6F.mjs";
 import { g as getToken } from "./tokenHelpers-DagDzpso.mjs";
 import { useIntl } from "react-intl";
 const AdminReset = ({ id }) => {

package/dist/_chunks/{AdminReset-BohoWW_F.js → AdminReset-DOOd1ZBT.js}

@@ -4,7 +4,7 @@ const jsxRuntime = require("react/jsx-runtime");
 const React = require("react");
 const WarningAlert = require("./WarningAlert-DFE5euMk.js");
 const designSystem = require("@strapi/design-system");
-const index = require("./index-CeYv7uJ3.js");
+const index = require("./index-CYdMQdCl.js");
 const tokenHelpers = require("./tokenHelpers-jtoRu0q5.js");
 const reactIntl = require("react-intl");
 const AdminReset = ({ id }) => {

package/dist/_chunks/{ProfileToggle-DIVxRCbJ.mjs → ProfileToggle-BWTNE6w1.mjs}

@@ -1,8 +1,9 @@
 import { jsx, jsxs, Fragment } from "react/jsx-runtime";
 import { useState, useEffect } from "react";
 import { Modal, Flex, Typography, Grid, Button, TextInput, Box, Field, Toggle } from "@strapi/design-system";
-import { g as getTranslation, I as InputOTP, a as InputOTPGroup, b as InputOTPSlot, c as InputOTPSeparator } from "./index-Df5ytRzw.mjs";
-import QRCode from "react-qr-code";
+import styled from "styled-components";
+import { g as getTranslation, I as InputOTP, a as InputOTPGroup, b as InputOTPSlot, c as InputOTPSeparator } from "./index-Dx9hSw6F.mjs";
+import { QRCodeCanvas } from "qrcode.react";
 import { useIntl } from "react-intl";
 import { g as getToken } from "./tokenHelpers-DagDzpso.mjs";
 function ConfirmModal({
@@ -29,25 +30,16 @@ function ConfirmModal({
         id: getTranslation("profile.recovery_codes_warning"),
         defaultMessage: "If you lose both your authenticator app and your recovery codes, you will need to contact an administrator to regain access to your account."
       }) })
-    ] }) : /* @__PURE__ */ jsxs(Fragment, { children: [
+    ] }) : /* @__PURE__ */ jsxs(Flex, { direction: "column", children: [
       /* @__PURE__ */ jsxs(Flex, { direction: "column", alignItems: "center", gap: 4, marginTop: 4, marginBottom: 4, children: [
         /* @__PURE__ */ jsx(Typography, { children: formatMessage({
           id: getTranslation("profile.scan_qr"),
           defaultMessage: "You will need an authenticator app to scan the QR code below."
         }) }),
-        /* @__PURE__ */ jsx(QRCode, { value: qrCodeUri || "" }),
+        qrCodeUri && /* @__PURE__ */ jsx(QRCodeCanvas, { value: qrCodeUri, size: 256 }),
         secret && /* @__PURE__ */ jsx(Typography, { variant: "pi", children: secret || "" })
       ] }),
-      /* @__PURE__ */ jsx(
-        "hr",
-        {
-          style: {
-            height: "1px",
-            border: "0",
-            backgroundColor: "#e5e5e5"
-          }
-        }
-      ),
+      /* @__PURE__ */ jsx(Rule, {}),
       /* @__PURE__ */ jsxs(Flex, { direction: "column", alignItems: "center", gap: 4, marginTop: 4, marginBottom: 4, children: [
         /* @__PURE__ */ jsx(Typography, { children: formatMessage({
           id: getTranslation("profile.enter_otp"),
@@ -75,6 +67,11 @@ function ConfirmModal({
     ] })
   ] }) }) });
 }
+const Rule = styled.hr`
+  height: 1px;
+  border: 0;
+  background-color: #e5e5e5;
+`;
 function RemoveModal({ open, onOpenChange, onSubmit }) {
   const { formatMessage } = useIntl();
   const [showRecovery, setShowRecovery] = useState(false);

package/dist/_chunks/{ProfileToggle-CHVH6P3j.js → ProfileToggle-CsKhueBz.js}

@@ -3,12 +3,13 @@ Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
 const jsxRuntime = require("react/jsx-runtime");
 const React = require("react");
 const designSystem = require("@strapi/design-system");
-const index = require("./index-CeYv7uJ3.js");
-const QRCode = require("react-qr-code");
+const styled = require("styled-components");
+const index = require("./index-CYdMQdCl.js");
+const qrcode_react = require("qrcode.react");
 const reactIntl = require("react-intl");
 const tokenHelpers = require("./tokenHelpers-jtoRu0q5.js");
 const _interopDefault = (e) => e && e.__esModule ? e : { default: e };
-const QRCode__default = /* @__PURE__ */ _interopDefault(QRCode);
+const styled__default = /* @__PURE__ */ _interopDefault(styled);
 function ConfirmModal({
   open,
   onOpenChange,
@@ -33,25 +34,16 @@ function ConfirmModal({
         id: index.getTranslation("profile.recovery_codes_warning"),
         defaultMessage: "If you lose both your authenticator app and your recovery codes, you will need to contact an administrator to regain access to your account."
       }) })
-    ] }) : /* @__PURE__ */ jsxRuntime.jsxs(jsxRuntime.Fragment, { children: [
+    ] }) : /* @__PURE__ */ jsxRuntime.jsxs(designSystem.Flex, { direction: "column", children: [
       /* @__PURE__ */ jsxRuntime.jsxs(designSystem.Flex, { direction: "column", alignItems: "center", gap: 4, marginTop: 4, marginBottom: 4, children: [
         /* @__PURE__ */ jsxRuntime.jsx(designSystem.Typography, { children: formatMessage({
           id: index.getTranslation("profile.scan_qr"),
           defaultMessage: "You will need an authenticator app to scan the QR code below."
         }) }),
-        /* @__PURE__ */ jsxRuntime.jsx(QRCode__default.default, { value: qrCodeUri || "" }),
+        qrCodeUri && /* @__PURE__ */ jsxRuntime.jsx(qrcode_react.QRCodeCanvas, { value: qrCodeUri, size: 256 }),
         secret && /* @__PURE__ */ jsxRuntime.jsx(designSystem.Typography, { variant: "pi", children: secret || "" })
       ] }),
-      /* @__PURE__ */ jsxRuntime.jsx(
-        "hr",
-        {
-          style: {
-            height: "1px",
-            border: "0",
-            backgroundColor: "#e5e5e5"
-          }
-        }
-      ),
+      /* @__PURE__ */ jsxRuntime.jsx(Rule, {}),
       /* @__PURE__ */ jsxRuntime.jsxs(designSystem.Flex, { direction: "column", alignItems: "center", gap: 4, marginTop: 4, marginBottom: 4, children: [
         /* @__PURE__ */ jsxRuntime.jsx(designSystem.Typography, { children: formatMessage({
           id: index.getTranslation("profile.enter_otp"),
@@ -79,6 +71,11 @@ function ConfirmModal({
     ] })
   ] }) }) });
 }
+const Rule = styled__default.default.hr`
+  height: 1px;
+  border: 0;
+  background-color: #e5e5e5;
+`;
 function RemoveModal({ open, onOpenChange, onSubmit }) {
   const { formatMessage } = reactIntl.useIntl();
   const [showRecovery, setShowRecovery] = React.useState(false);

package/dist/_chunks/{SettingsPage-IAGo8KRd.js → SettingsPage-b1nrDzRV.js}

@@ -6,7 +6,7 @@ const WarningAlert = require("./WarningAlert-DFE5euMk.js");
 const admin = require("@strapi/strapi/admin");
 const designSystem = require("@strapi/design-system");
 const icons = require("@strapi/icons");
-const index = require("./index-CeYv7uJ3.js");
+const index = require("./index-CYdMQdCl.js");
 const tokenHelpers = require("./tokenHelpers-jtoRu0q5.js");
 const reactIntl = require("react-intl");
 var commonjsGlobal = typeof globalThis !== "undefined" ? globalThis : typeof window !== "undefined" ? window : typeof global !== "undefined" ? global : typeof self !== "undefined" ? self : {};

package/dist/_chunks/{SettingsPage-C_Ke-Agb.mjs → SettingsPage-mmaTI4X1.mjs}

@@ -4,7 +4,7 @@ import { W as WarningAlert } from "./WarningAlert-VU011LVF.mjs";
 import { useNotification, Page, Layouts } from "@strapi/strapi/admin";
 import { Button, Flex, Typography, Grid, Field, Toggle, TextInput } from "@strapi/design-system";
 import { Check } from "@strapi/icons";
-import { g as getTranslation } from "./index-Df5ytRzw.mjs";
+import { g as getTranslation } from "./index-Dx9hSw6F.mjs";
 import { g as getToken } from "./tokenHelpers-DagDzpso.mjs";
 import { useIntl } from "react-intl";
 var commonjsGlobal = typeof globalThis !== "undefined" ? globalThis : typeof window !== "undefined" ? window : typeof global !== "undefined" ? global : typeof self !== "undefined" ? self : {};

package/dist/_chunks/{index-CeYv7uJ3.js → index-CYdMQdCl.js}

@@ -1391,7 +1391,7 @@ const plugin = {
       },
       id: "strapi-identity-settings",
       to: `/settings/${PLUGIN_ID}`,
-      Component: async () => Promise.resolve().then(() => require("./SettingsPage-IAGo8KRd.js")),
+      Component: async () => Promise.resolve().then(() => require("./SettingsPage-b1nrDzRV.js")),
       permissions: [
         { action: "plugin::strapi-identity.settings.read" },
         { action: "plugin::strapi-identity.settings.read" }
@@ -1403,13 +1403,13 @@ const plugin = {
       id: "profile-toggle",
       route: "/admin/me",
       selector: '#main-content form[method="put"] > :nth-child(2) > div > div > div:nth-child(2)',
-      Component: async () => Promise.resolve().then(() => require("./ProfileToggle-CHVH6P3j.js"))
+      Component: async () => Promise.resolve().then(() => require("./ProfileToggle-CsKhueBz.js"))
     });
     injections.registerRoute({
       id: "admin-reset",
       route: "/admin/settings/users/:id",
       selector: '#main-content form[method="put"] > :nth-child(2) > div > div:nth-child(2)',
-      Component: async () => Promise.resolve().then(() => require("./AdminReset-BohoWW_F.js"))
+      Component: async () => Promise.resolve().then(() => require("./AdminReset-DOOd1ZBT.js"))
     });
     InjectVerify(app);
   },

package/dist/_chunks/{index-Df5ytRzw.mjs → index-Dx9hSw6F.mjs}

@@ -1371,7 +1371,7 @@ const plugin = {
       },
       id: "strapi-identity-settings",
       to: `/settings/${PLUGIN_ID}`,
-      Component: async () => import("./SettingsPage-C_Ke-Agb.mjs"),
+      Component: async () => import("./SettingsPage-mmaTI4X1.mjs"),
       permissions: [
         { action: "plugin::strapi-identity.settings.read" },
         { action: "plugin::strapi-identity.settings.read" }
@@ -1383,13 +1383,13 @@ const plugin = {
       id: "profile-toggle",
       route: "/admin/me",
       selector: '#main-content form[method="put"] > :nth-child(2) > div > div > div:nth-child(2)',
-      Component: async () => import("./ProfileToggle-DIVxRCbJ.mjs")
+      Component: async () => import("./ProfileToggle-BWTNE6w1.mjs")
     });
     injections.registerRoute({
       id: "admin-reset",
       route: "/admin/settings/users/:id",
       selector: '#main-content form[method="put"] > :nth-child(2) > div > div:nth-child(2)',
-      Component: async () => import("./AdminReset-B7_r8Jh1.mjs")
+      Component: async () => import("./AdminReset-C7Wbxz4Z.mjs")
     });
     InjectVerify(app);
   },

package/dist/admin/index.js

@@ -1,4 +1,4 @@
 "use strict";
-const index = require("../_chunks/index-CeYv7uJ3.js");
+const index = require("../_chunks/index-CYdMQdCl.js");
 require("strapi-admin-portal");
 module.exports = index.plugin;

package/dist/admin/index.mjs

@@ -1,4 +1,4 @@
-import { p } from "../_chunks/index-Df5ytRzw.mjs";
+import { p } from "../_chunks/index-Dx9hSw6F.mjs";
 import "strapi-admin-portal";
 export {
   p as default

package/dist/server/index.js

@@ -9074,15 +9074,11 @@ const jwt = /* @__PURE__ */ getDefaultExportFromCjs(jsonwebtokenExports);
 const register = ({ strapi: strapi2 }) => {
   const adminPlugin = strapi2.admin;
   const secret2 = strapi2.config.get("admin.auth.secret");
-  const configuredSecure = strapi2.config.get("admin.auth.cookie.secure");
-  const isProduction = process.env.NODE_ENV === "production";
-  const isSecure = typeof configuredSecure === "boolean" ? configuredSecure : isProduction;
   const domain = strapi2.config.get("admin.auth.domain");
-  const cookieOptions = { httpOnly: false, secure: isSecure, overwrite: true, domain };
   const loginRoute = adminPlugin.routes.admin.routes.find(
     ({ method, path }) => method === "POST" && path === "/login"
   );
-  if (loginRoute) replaceLogin(loginRoute, secret2, cookieOptions);
+  if (loginRoute) replaceLogin(loginRoute, secret2, domain);
   strapi2.server.use(async (ctx, next) => {
     const mfaCookie = ctx.cookies.get("strapi_admin_mfa");
     if (mfaCookie && ctx.path.startsWith("/admin/auth")) {
@@ -9097,7 +9093,7 @@ const register = ({ strapi: strapi2 }) => {
     await next();
   });
 };
-const replaceLogin = (route2, secret2, cookieOptions) => {
+const replaceLogin = (route2, secret2, domain) => {
   route2.config.middlewares = route2.config.middlewares || [];
   route2.config.middlewares.push(async (ctx, next) => {
     const { deviceId, rememberMe } = ctx.request.body;
@@ -9115,7 +9111,13 @@ const replaceLogin = (route2, secret2, cookieOptions) => {
     const newPayload = { userId: payload.userId, deviceId, rememberMe, type: "mfa" };
     const newToken = jwt.sign(newPayload, secret2, { expiresIn: "5m" });
     const expires = new Date(Date.now() + 5 * 60 * 1e3);
-    ctx.cookies.set("strapi_admin_mfa", newToken, { ...cookieOptions, expires });
+    ctx.cookies.set("strapi_admin_mfa", newToken, {
+      domain,
+      httpOnly: false,
+      overwrite: true,
+      secure: ctx.request.secure,
+      expires
+    });
     ctx.body.data = { data: {}, error: null };
   });
 };
@@ -9420,13 +9422,10 @@ const controller = ({ strapi: strapi2 }) => ({
       );
       const accessResult = await sessionManager("admin").generateAccessToken(refreshToken);
       const { token: accessToken } = accessResult;
-      const configuredSecure = strapi2.config.get("admin.auth.cookie.secure");
-      const isProduction = process.env.NODE_ENV === "production";
-      const isSecure = typeof configuredSecure === "boolean" ? configuredSecure : isProduction;
       const domain = strapi2.config.get("admin.auth.domain");
       ctx.cookies.set("jwtToken", accessToken, {
         httpOnly: false,
-        secure: isSecure,
+        secure: ctx.request.secure,
         overwrite: true,
         domain
       });

package/dist/server/index.mjs

@@ -9068,15 +9068,11 @@ const jwt = /* @__PURE__ */ getDefaultExportFromCjs(jsonwebtokenExports);
 const register = ({ strapi: strapi2 }) => {
   const adminPlugin = strapi2.admin;
   const secret2 = strapi2.config.get("admin.auth.secret");
-  const configuredSecure = strapi2.config.get("admin.auth.cookie.secure");
-  const isProduction = process.env.NODE_ENV === "production";
-  const isSecure = typeof configuredSecure === "boolean" ? configuredSecure : isProduction;
   const domain = strapi2.config.get("admin.auth.domain");
-  const cookieOptions = { httpOnly: false, secure: isSecure, overwrite: true, domain };
   const loginRoute = adminPlugin.routes.admin.routes.find(
     ({ method, path }) => method === "POST" && path === "/login"
   );
-  if (loginRoute) replaceLogin(loginRoute, secret2, cookieOptions);
+  if (loginRoute) replaceLogin(loginRoute, secret2, domain);
   strapi2.server.use(async (ctx, next) => {
     const mfaCookie = ctx.cookies.get("strapi_admin_mfa");
     if (mfaCookie && ctx.path.startsWith("/admin/auth")) {
@@ -9091,7 +9087,7 @@ const register = ({ strapi: strapi2 }) => {
     await next();
   });
 };
-const replaceLogin = (route2, secret2, cookieOptions) => {
+const replaceLogin = (route2, secret2, domain) => {
   route2.config.middlewares = route2.config.middlewares || [];
   route2.config.middlewares.push(async (ctx, next) => {
     const { deviceId, rememberMe } = ctx.request.body;
@@ -9109,7 +9105,13 @@ const replaceLogin = (route2, secret2, cookieOptions) => {
     const newPayload = { userId: payload.userId, deviceId, rememberMe, type: "mfa" };
     const newToken = jwt.sign(newPayload, secret2, { expiresIn: "5m" });
     const expires = new Date(Date.now() + 5 * 60 * 1e3);
-    ctx.cookies.set("strapi_admin_mfa", newToken, { ...cookieOptions, expires });
+    ctx.cookies.set("strapi_admin_mfa", newToken, {
+      domain,
+      httpOnly: false,
+      overwrite: true,
+      secure: ctx.request.secure,
+      expires
+    });
     ctx.body.data = { data: {}, error: null };
   });
 };
@@ -9414,13 +9416,10 @@ const controller = ({ strapi: strapi2 }) => ({
       );
       const accessResult = await sessionManager("admin").generateAccessToken(refreshToken);
       const { token: accessToken } = accessResult;
-      const configuredSecure = strapi2.config.get("admin.auth.cookie.secure");
-      const isProduction = process.env.NODE_ENV === "production";
-      const isSecure = typeof configuredSecure === "boolean" ? configuredSecure : isProduction;
       const domain = strapi2.config.get("admin.auth.domain");
       ctx.cookies.set("jwtToken", accessToken, {
         httpOnly: false,
-        secure: isSecure,
+        secure: ctx.request.secure,
         overwrite: true,
         domain
       });

package/package.json

@@ -1,5 +1,5 @@
 {
-  "version": "0.0.1",
+  "version": "0.0.2-debug.1",
   "keywords": [
     "strapi",
     "plugin",
@@ -39,7 +39,7 @@
   "dependencies": {
     "input-otp": "^1.4.2",
     "otpauth": "^9.5.0",
-    "react-qr-code": "^2.0.18",
+    "qrcode.react": "^4.2.0",
     "strapi-admin-portal": "^0.0.3"
   },
   "devDependencies": {