strapi-identity 0.4.0 → 0.4.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/dist/server/index.js +6 -4
  2. package/dist/server/index.mjs +6 -4
  3. package/package.json +1 -1
package/dist/server/index.js CHANGED
@@ -9663,7 +9663,8 @@ const replaceLogin = (route2, secret2, domain) => {
9663
9663
  };
9664
9664
  const newToken = jwt.sign(newPayload, secret2, { expiresIn: "5m" });
9665
9665
  const expires = new Date(Date.now() + 5 * 60 * 1e3);
9666
- const opt = { domain, httpOnly: false, overwrite: true, secure: ctx.request.secure, expires };
9666
+ const secure = strapi.config.get("admin.auth.cookie.secure") ?? process.env.NODE_ENV === "production";
9667
+ const opt = { domain, httpOnly: false, overwrite: true, secure, expires };
9667
9668
  ctx.cookies.set("strapi_admin_mfa", newToken, opt);
9668
9669
  ctx.body.data = { data: {}, error: null };
9669
9670
  });
@@ -9716,7 +9717,7 @@ const registerMiddlewares = (server) => {
9716
9717
  "/strapi-identity/setup-email"
9717
9718
  ];
9718
9719
  const isAllowed = allowedPaths.includes(ctx.path) || // Static assets (JS, CSS, images, fonts, sourcemaps)
9719
- /\.(mjs|js|css|png|jpg|jpeg|gif|svg|ico|woff2?|ttf|eot|map)(\?.*)?$/.test(ctx.path) || ctx.path.startsWith("/admin/@");
9720
+ /\.(mjs|js|css|png|jpg|jpeg|gif|svg|ico|woff2?|ttf|eot|map)(\?.*)?$/.test(ctx.path) || ctx.path.startsWith("/admin/@") || ctx.path.startsWith("/admin/src/");
9720
9721
  if (!isAllowed) console.log(ctx.path);
9721
9722
  if (!isAllowed) {
9722
9723
  if (ctx.accepts("html") && ctx.path.startsWith("/admin")) {
@@ -9954,19 +9955,20 @@ const controller = ({ strapi: strapi2 }) => ({
9954
9955
  ).generateRefreshToken(payload.userId, payload.deviceId, {
9955
9956
  type: payload.rememberMe ? "refresh" : "session"
9956
9957
  });
9958
+ const secure = strapi2.config.get("admin.auth.cookie.secure") ?? process.env.NODE_ENV === "production";
9957
9959
  ctx.cookies.set(
9958
9960
  "strapi_admin_refresh",
9959
9961
  refreshToken,
9960
9962
  buildCookieOptionsWithExpiry(
9961
9963
  payload.rememberMe ? "refresh" : "session",
9962
9964
  absoluteExpiresAt,
9963
- ctx.request.secure
9965
+ secure
9964
9966
  )
9965
9967
  );
9966
9968
  const accessResult = await sessionManager("admin").generateAccessToken(refreshToken);
9967
9969
  const { token: accessToken } = accessResult;
9968
9970
  const domain = strapi2.config.get("admin.auth.domain");
9969
- const opt = { httpOnly: false, secure: ctx.request.secure, overwrite: true, domain };
9971
+ const opt = { httpOnly: false, secure, overwrite: true, domain };
9970
9972
  ctx.cookies.set("jwtToken", accessToken, opt);
9971
9973
  ctx.cookies.set("strapi_admin_mfa", null, { expires: /* @__PURE__ */ new Date(0) });
9972
9974
  ctx.status = 200;
package/dist/server/index.mjs CHANGED
@@ -9656,7 +9656,8 @@ const replaceLogin = (route2, secret2, domain) => {
9656
9656
  };
9657
9657
  const newToken = jwt.sign(newPayload, secret2, { expiresIn: "5m" });
9658
9658
  const expires = new Date(Date.now() + 5 * 60 * 1e3);
9659
- const opt = { domain, httpOnly: false, overwrite: true, secure: ctx.request.secure, expires };
9659
+ const secure = strapi.config.get("admin.auth.cookie.secure") ?? process.env.NODE_ENV === "production";
9660
+ const opt = { domain, httpOnly: false, overwrite: true, secure, expires };
9660
9661
  ctx.cookies.set("strapi_admin_mfa", newToken, opt);
9661
9662
  ctx.body.data = { data: {}, error: null };
9662
9663
  });
@@ -9709,7 +9710,7 @@ const registerMiddlewares = (server) => {
9709
9710
  "/strapi-identity/setup-email"
9710
9711
  ];
9711
9712
  const isAllowed = allowedPaths.includes(ctx.path) || // Static assets (JS, CSS, images, fonts, sourcemaps)
9712
- /\.(mjs|js|css|png|jpg|jpeg|gif|svg|ico|woff2?|ttf|eot|map)(\?.*)?$/.test(ctx.path) || ctx.path.startsWith("/admin/@");
9713
+ /\.(mjs|js|css|png|jpg|jpeg|gif|svg|ico|woff2?|ttf|eot|map)(\?.*)?$/.test(ctx.path) || ctx.path.startsWith("/admin/@") || ctx.path.startsWith("/admin/src/");
9713
9714
  if (!isAllowed) console.log(ctx.path);
9714
9715
  if (!isAllowed) {
9715
9716
  if (ctx.accepts("html") && ctx.path.startsWith("/admin")) {
@@ -9947,19 +9948,20 @@ const controller = ({ strapi: strapi2 }) => ({
9947
9948
  ).generateRefreshToken(payload.userId, payload.deviceId, {
9948
9949
  type: payload.rememberMe ? "refresh" : "session"
9949
9950
  });
9951
+ const secure = strapi2.config.get("admin.auth.cookie.secure") ?? process.env.NODE_ENV === "production";
9950
9952
  ctx.cookies.set(
9951
9953
  "strapi_admin_refresh",
9952
9954
  refreshToken,
9953
9955
  buildCookieOptionsWithExpiry(
9954
9956
  payload.rememberMe ? "refresh" : "session",
9955
9957
  absoluteExpiresAt,
9956
- ctx.request.secure
9958
+ secure
9957
9959
  )
9958
9960
  );
9959
9961
  const accessResult = await sessionManager("admin").generateAccessToken(refreshToken);
9960
9962
  const { token: accessToken } = accessResult;
9961
9963
  const domain = strapi2.config.get("admin.auth.domain");
9962
- const opt = { httpOnly: false, secure: ctx.request.secure, overwrite: true, domain };
9964
+ const opt = { httpOnly: false, secure, overwrite: true, domain };
9963
9965
  ctx.cookies.set("jwtToken", accessToken, opt);
9964
9966
  ctx.cookies.set("strapi_admin_mfa", null, { expires: /* @__PURE__ */ new Date(0) });
9965
9967
  ctx.status = 200;
package/package.json CHANGED
@@ -1,5 +1,5 @@
1
1
  {
2
- "version": "0.4.0",
2
+ "version": "0.4.2",
3
3
  "keywords": [
4
4
  "strapi",
5
5
  "plugin",