strapi-identity 0.4.2 → 0.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (60) hide show
  1. package/dist/admin/{AdminReset-DOmsyqwQ.mjs → AdminReset-DjVX7phX.mjs} +1 -1
  2. package/dist/admin/{AdminReset-BiWQDTRv.js → AdminReset-DsKz040S.js} +1 -1
  3. package/dist/admin/{ProfileToggle-BUqs_hxZ.js → ProfileToggle-4u6WWddz.js} +1 -1
  4. package/dist/admin/{ProfileToggle-k0d-caPC.mjs → ProfileToggle-B1UK1opI.mjs} +1 -1
  5. package/dist/admin/{SettingsPage-Dm_llkYv.mjs → SettingsPage-CcHTu8-f.mjs} +1 -1
  6. package/dist/admin/{SettingsPage-DVVkN1xw.js → SettingsPage-DZDW9kNI.js} +1 -1
  7. package/dist/admin/{index-DpIJdETG.mjs → index-Bm3H4z3W.mjs} +41 -20
  8. package/dist/admin/{index-B9P8S4CX.js → index-Ce4QOU6Y.js} +41 -20
  9. package/dist/admin/index.js +1 -1
  10. package/dist/admin/index.mjs +1 -1
  11. package/dist/admin/src/components/ConfirmModal/ConfirmModal.d.ts +9 -0
  12. package/dist/admin/src/components/ConfirmModal/index.d.ts +1 -0
  13. package/dist/admin/src/components/EmailOTPModal/EmailOTPModal.d.ts +8 -0
  14. package/dist/admin/src/components/Initializer.d.ts +5 -0
  15. package/dist/admin/src/components/InputOTP.d.ts +11 -0
  16. package/dist/admin/src/components/RemoveModal/RemoveModal.d.ts +6 -0
  17. package/dist/admin/src/components/RemoveModal/index.d.ts +1 -0
  18. package/dist/admin/src/components/WarningAlert/WarningAlert.d.ts +10 -0
  19. package/dist/admin/src/components/WarningAlert/index.d.ts +1 -0
  20. package/dist/admin/src/injection/AdminReset.d.ts +4 -0
  21. package/dist/admin/src/injection/ProfileToggle.d.ts +2 -0
  22. package/dist/admin/src/pages/EnforcedPage.d.ts +13 -0
  23. package/dist/admin/src/pluginId.d.ts +1 -0
  24. package/dist/admin/src/public/VerifyPage.d.ts +12 -0
  25. package/dist/admin/src/settings/SettingsPage.d.ts +1 -0
  26. package/dist/admin/src/utils/getTranslation.d.ts +2 -0
  27. package/dist/admin/src/utils/tokenHelpers.d.ts +12 -0
  28. package/dist/server/index.js +72 -46
  29. package/dist/server/index.mjs +72 -46
  30. package/dist/server/src/bootstrap.d.ts +3 -0
  31. package/dist/server/src/config/index.d.ts +3 -0
  32. package/dist/server/src/content-types/config/index.d.ts +72 -0
  33. package/dist/server/src/content-types/config/schema.json.d.ts +72 -0
  34. package/dist/server/src/content-types/email-otp/index.d.ts +48 -0
  35. package/dist/server/src/content-types/email-otp/schema.json.d.ts +48 -0
  36. package/dist/server/src/content-types/index.d.ts +3 -0
  37. package/dist/server/src/content-types/mfa/index.d.ts +55 -0
  38. package/dist/server/src/content-types/mfa/schema.json.d.ts +55 -0
  39. package/dist/server/src/content-types/temp-mfa/index.d.ts +35 -0
  40. package/dist/server/src/content-types/temp-mfa/schema.json.d.ts +35 -0
  41. package/dist/server/src/controllers/admin.d.ts +4 -0
  42. package/dist/server/src/controllers/config.d.ts +4 -0
  43. package/dist/server/src/controllers/controller.d.ts +8 -0
  44. package/dist/server/src/controllers/index.d.ts +3 -0
  45. package/dist/server/src/destroy.d.ts +3 -0
  46. package/dist/server/src/middlewares/index.d.ts +3 -0
  47. package/dist/server/src/policies/has-mfa.d.ts +3 -0
  48. package/dist/server/src/policies/index.d.ts +3 -0
  49. package/dist/server/src/register.d.ts +3 -0
  50. package/dist/server/src/routes/admin/admin.json.d.ts +35 -0
  51. package/dist/server/src/routes/admin/config.json.d.ts +50 -0
  52. package/dist/server/src/routes/admin/index.d.ts +3 -0
  53. package/dist/server/src/routes/admin/mfa.json.d.ts +94 -0
  54. package/dist/server/src/routes/index.d.ts +3 -0
  55. package/dist/server/src/services/admin.d.ts +11 -0
  56. package/dist/server/src/services/config.d.ts +57 -0
  57. package/dist/server/src/services/email.d.ts +8 -0
  58. package/dist/server/src/services/index.d.ts +3 -0
  59. package/dist/server/src/services/mfa.d.ts +82 -0
  60. package/package.json +6 -5
package/dist/server/index.js CHANGED
@@ -9650,7 +9650,7 @@ const replaceLogin = (route2, secret2, domain) => {
9650
9650
  await strapi.service("plugin::strapi-identity.email").send(adminUser.email, otp);
9651
9651
  }
9652
9652
  } catch (err) {
9653
- console.log("Error sending login email OTP:", err);
9653
+ strapi.log.error("Error sending login email OTP");
9654
9654
  }
9655
9655
  }
9656
9656
  ctx.res.removeHeader("set-cookie");
@@ -9664,7 +9664,7 @@ const replaceLogin = (route2, secret2, domain) => {
9664
9664
  const newToken = jwt.sign(newPayload, secret2, { expiresIn: "5m" });
9665
9665
  const expires = new Date(Date.now() + 5 * 60 * 1e3);
9666
9666
  const secure = strapi.config.get("admin.auth.cookie.secure") ?? process.env.NODE_ENV === "production";
9667
- const opt = { domain, httpOnly: false, overwrite: true, secure, expires };
9667
+ const opt = { domain, httpOnly: true, overwrite: true, secure, expires };
9668
9668
  ctx.cookies.set("strapi_admin_mfa", newToken, opt);
9669
9669
  ctx.body.data = { data: {}, error: null };
9670
9670
  });
@@ -9710,7 +9710,6 @@ const registerMiddlewares = (server) => {
9710
9710
  "/admin/users/me",
9711
9711
  "/strapi-identity/status",
9712
9712
  "/strapi-identity/config",
9713
- "/strapi-identity/config/enabled",
9714
9713
  "/strapi-identity/enable",
9715
9714
  "/strapi-identity/setup",
9716
9715
  "/strapi-identity/enable-email",
@@ -9718,7 +9717,6 @@ const registerMiddlewares = (server) => {
9718
9717
  ];
9719
9718
  const isAllowed = allowedPaths.includes(ctx.path) || // Static assets (JS, CSS, images, fonts, sourcemaps)
9720
9719
  /\.(mjs|js|css|png|jpg|jpeg|gif|svg|ico|woff2?|ttf|eot|map)(\?.*)?$/.test(ctx.path) || ctx.path.startsWith("/admin/@") || ctx.path.startsWith("/admin/src/");
9721
- if (!isAllowed) console.log(ctx.path);
9722
9720
  if (!isAllowed) {
9723
9721
  if (ctx.accepts("html") && ctx.path.startsWith("/admin")) {
9724
9722
  ctx.redirect("/admin/strapi-identity/enforced");
@@ -9845,7 +9843,7 @@ const config$2 = ({ strapi: strapi2 }) => ({
9845
9843
  ctx.status = 200;
9846
9844
  ctx.body = { data: enabled, error: null };
9847
9845
  } catch (error) {
9848
- console.log("Error checking if Strapi Identity is enabled:", error);
9846
+ strapi2.log.error("Error checking if Strapi Identity is enabled");
9849
9847
  ctx.status = 500;
9850
9848
  ctx.body = { data: null, error: "Server Error" };
9851
9849
  }
@@ -9856,18 +9854,7 @@ const config$2 = ({ strapi: strapi2 }) => ({
9856
9854
  ctx.status = 200;
9857
9855
  ctx.body = { data: config2, error: null };
9858
9856
  } catch (error) {
9859
- console.log("Error getting config:", error);
9860
- ctx.status = 500;
9861
- ctx.body = { data: null, error: "Server Error" };
9862
- }
9863
- },
9864
- async getEmailStatus(ctx) {
9865
- try {
9866
- const emailService = strapi2.config.get("plugin::email");
9867
- ctx.status = 200;
9868
- ctx.body = { data: emailService, error: null };
9869
- } catch (error) {
9870
- console.log("Error getting email status:", error);
9857
+ strapi2.log.error("Error getting config");
9871
9858
  ctx.status = 500;
9872
9859
  ctx.body = { data: null, error: "Server Error" };
9873
9860
  }
@@ -9879,7 +9866,7 @@ const config$2 = ({ strapi: strapi2 }) => ({
9879
9866
  ctx.status = 200;
9880
9867
  ctx.body = { data: updatedConfig, error: null };
9881
9868
  } catch (error) {
9882
- console.log("Error updating config:", error);
9869
+ strapi2.log.error("Error updating config");
9883
9870
  ctx.status = 500;
9884
9871
  ctx.body = { data: null, error: "Server Error" };
9885
9872
  }
@@ -9931,6 +9918,18 @@ const buildCookieOptionsWithExpiry = (type, absoluteExpiresAtISO, secureRequest)
9931
9918
  return { ...base, expires: chosen, maxAge: Math.max(0, chosen.getTime() - now) };
9932
9919
  };
9933
9920
  const controller = ({ strapi: strapi2 }) => ({
9921
+ async verifyInfo(ctx) {
9922
+ const secret2 = strapi2.config.get("admin.auth.secret");
9923
+ const token = ctx.cookies.get("strapi_admin_mfa");
9924
+ try {
9925
+ const payload = jwt.verify(token, secret2);
9926
+ ctx.status = 200;
9927
+ ctx.body = { data: { mfaType: payload.mfaType || null }, error: null };
9928
+ } catch {
9929
+ ctx.status = 401;
9930
+ ctx.body = { data: null, error: "Invalid or expired MFA session" };
9931
+ }
9932
+ },
9934
9933
  async verify(ctx) {
9935
9934
  const sessionManager = strapi2.sessionManager;
9936
9935
  const secret2 = strapi2.config.get("admin.auth.secret");
@@ -9977,7 +9976,7 @@ const controller = ({ strapi: strapi2 }) => ({
9977
9976
  error: null
9978
9977
  };
9979
9978
  } catch (error) {
9980
- console.log("Error verifying MFA code:", error);
9979
+ strapi2.log.error("Error verifying MFA code");
9981
9980
  ctx.status = 500;
9982
9981
  ctx.body = { data: null, error: "Server Error" };
9983
9982
  }
@@ -10000,7 +9999,7 @@ const controller = ({ strapi: strapi2 }) => ({
10000
9999
  ctx.body = { data: { message: "MFA disabled" }, error: null };
10001
10000
  }
10002
10001
  } catch (error) {
10003
- console.log("Error enabling/disabling MFA:", error);
10002
+ strapi2.log.error("Error enabling/disabling MFA");
10004
10003
  ctx.status = 500;
10005
10004
  ctx.body = { data: null, error: "Failed to update MFA" };
10006
10005
  }
@@ -10045,7 +10044,7 @@ const controller = ({ strapi: strapi2 }) => ({
10045
10044
  ctx.status = 200;
10046
10045
  ctx.body = { data: { message: "MFA disabled" }, error: null };
10047
10046
  } catch (error) {
10048
- console.log("Error disabling MFA:", error);
10047
+ strapi2.log.error("Error disabling MFA");
10049
10048
  ctx.status = 500;
10050
10049
  ctx.body = { data: null, error: "Failed to disable MFA" };
10051
10050
  }
@@ -10073,7 +10072,7 @@ const controller = ({ strapi: strapi2 }) => ({
10073
10072
  ctx.status = 200;
10074
10073
  ctx.body = { data: { message: "Verification email sent" }, error: null };
10075
10074
  } catch (error) {
10076
- console.log("Error initiating email MFA setup:", error);
10075
+ strapi2.log.error("Error initiating email MFA setup");
10077
10076
  ctx.status = 500;
10078
10077
  ctx.body = { data: null, error: "Failed to initiate email MFA setup" };
10079
10078
  }
@@ -10093,7 +10092,7 @@ const controller = ({ strapi: strapi2 }) => ({
10093
10092
  ctx.status = 200;
10094
10093
  ctx.body = { data: { message: "Email OTP enabled" }, error: null };
10095
10094
  } catch (error) {
10096
- console.log("Error completing email MFA setup:", error);
10095
+ strapi2.log.error("Error completing email MFA setup");
10097
10096
  ctx.status = 500;
10098
10097
  ctx.body = { data: null, error: "Failed to enable email MFA" };
10099
10098
  }
@@ -10114,7 +10113,7 @@ const controller = ({ strapi: strapi2 }) => ({
10114
10113
  ctx.status = 200;
10115
10114
  ctx.body = { data: { message: "Verification email sent" }, error: null };
10116
10115
  } catch (error) {
10117
- console.log("Error sending disable email OTP:", error);
10116
+ strapi2.log.error("Error sending disable email OTP");
10118
10117
  ctx.status = 500;
10119
10118
  ctx.body = { data: null, error: "Failed to send verification email" };
10120
10119
  }
@@ -10142,7 +10141,7 @@ const controller = ({ strapi: strapi2 }) => ({
10142
10141
  ctx.status = 200;
10143
10142
  ctx.body = { data: { message: "Verification email resent" }, error: null };
10144
10143
  } catch (error) {
10145
- console.log("Error resending login email OTP:", error);
10144
+ strapi2.log.error("Error resending login email OTP");
10146
10145
  ctx.status = 500;
10147
10146
  ctx.body = { data: null, error: "Failed to resend verification email" };
10148
10147
  }
@@ -10228,35 +10227,40 @@ const config$1 = [
10228
10227
  pluginName: "strapi-identity",
10229
10228
  type: "content-api"
10230
10229
  },
10231
- config: {}
10232
- },
10233
- {
10234
- method: "GET",
10235
- path: "/config",
10236
- handler: "config.getConfig",
10237
- info: {
10238
- apiName: "getConfig",
10239
- pluginName: "strapi-identity",
10240
- type: "content-api"
10241
- },
10242
10230
  config: {
10243
10231
  policies: [
10244
- "admin::isAuthenticatedAdmin"
10232
+ "admin::isAuthenticatedAdmin",
10233
+ {
10234
+ name: "admin::hasPermissions",
10235
+ config: {
10236
+ actions: [
10237
+ "plugin::strapi-identity.settings.read"
10238
+ ]
10239
+ }
10240
+ }
10245
10241
  ]
10246
10242
  }
10247
10243
  },
10248
10244
  {
10249
10245
  method: "GET",
10250
- path: "/config/email",
10251
- handler: "config.getEmailStatus",
10246
+ path: "/config",
10247
+ handler: "config.getConfig",
10252
10248
  info: {
10253
- apiName: "getEmailStatus",
10249
+ apiName: "getConfig",
10254
10250
  pluginName: "strapi-identity",
10255
10251
  type: "content-api"
10256
10252
  },
10257
10253
  config: {
10258
10254
  policies: [
10259
- "admin::isAuthenticatedAdmin"
10255
+ "admin::isAuthenticatedAdmin",
10256
+ {
10257
+ name: "admin::hasPermissions",
10258
+ config: {
10259
+ actions: [
10260
+ "plugin::strapi-identity.settings.read"
10261
+ ]
10262
+ }
10263
+ }
10260
10264
  ]
10261
10265
  }
10262
10266
  },
@@ -10285,6 +10289,22 @@ const config$1 = [
10285
10289
  }
10286
10290
  ];
10287
10291
  const mfa = [
10292
+ {
10293
+ method: "GET",
10294
+ path: "/verify/info",
10295
+ handler: "controller.verifyInfo",
10296
+ info: {
10297
+ apiName: "verifyInfo",
10298
+ pluginName: "strapi-identity",
10299
+ type: "content-api"
10300
+ },
10301
+ config: {
10302
+ auth: false,
10303
+ policies: [
10304
+ "has-mfa"
10305
+ ]
10306
+ }
10307
+ },
10288
10308
  {
10289
10309
  method: "POST",
10290
10310
  path: "/verify",
@@ -10298,6 +10318,9 @@ const mfa = [
10298
10318
  auth: false,
10299
10319
  policies: [
10300
10320
  "has-mfa"
10321
+ ],
10322
+ middlewares: [
10323
+ "admin::rateLimit"
10301
10324
  ]
10302
10325
  }
10303
10326
  },
@@ -10358,6 +10381,9 @@ const mfa = [
10358
10381
  auth: false,
10359
10382
  policies: [
10360
10383
  "has-mfa"
10384
+ ],
10385
+ middlewares: [
10386
+ "admin::rateLimit"
10361
10387
  ]
10362
10388
  }
10363
10389
  },
@@ -10407,7 +10433,7 @@ const isEnabled$1 = (id) => {
10407
10433
  try {
10408
10434
  return mfaToken2.count({ where: { admin_user: { id }, enabled: true } }).then((count) => count > 0);
10409
10435
  } catch (error) {
10410
- console.log("Error checking if 2FA is enabled for user:", error);
10436
+ strapi.log.error("Error checking if 2FA is enabled for user");
10411
10437
  return false;
10412
10438
  }
10413
10439
  };
@@ -10424,7 +10450,7 @@ const reset = async (id) => {
10424
10450
  existingTemp ? mfaTemp2.delete({ documentId: existingTemp.documentId }) : null
10425
10451
  ]);
10426
10452
  } catch (error) {
10427
- console.log("Error resetting 2FA for user:", error);
10453
+ strapi.log.error("Error resetting 2FA for user");
10428
10454
  throw new Error("Failed to reset 2FA for user");
10429
10455
  }
10430
10456
  };
@@ -10488,7 +10514,7 @@ const disableEmailMFAForAllUsers = async () => {
10488
10514
  )
10489
10515
  ]);
10490
10516
  } catch (err) {
10491
- console.log("Error disabling email MFA for all users:", err);
10517
+ strapi.log.error("Error disabling email MFA for all users");
10492
10518
  }
10493
10519
  };
10494
10520
  const disableMFAForAllUsers = async () => {
@@ -10504,7 +10530,7 @@ const disableMFAForAllUsers = async () => {
10504
10530
  ...temps.map((temp) => tempDocument.delete({ documentId: temp.documentId }))
10505
10531
  ]);
10506
10532
  } catch (err) {
10507
- console.log("Error disabling MFA for all users:", err);
10533
+ strapi.log.error("Error disabling MFA for all users");
10508
10534
  }
10509
10535
  };
10510
10536
  const checkUserByJWT = async (jwtToken) => {
@@ -10557,7 +10583,7 @@ const send = async (to, otp) => {
10557
10583
  sendConfig.replyTo = config2.response_email;
10558
10584
  }
10559
10585
  return emailService.send(sendConfig).catch((error) => {
10560
- console.log("Error sending email:", error);
10586
+ strapi.log.error("Error sending email");
10561
10587
  });
10562
10588
  };
10563
10589
  const replaceTemplateVariables = (template, variables) => {
package/dist/server/index.mjs CHANGED
@@ -9643,7 +9643,7 @@ const replaceLogin = (route2, secret2, domain) => {
9643
9643
  await strapi.service("plugin::strapi-identity.email").send(adminUser.email, otp);
9644
9644
  }
9645
9645
  } catch (err) {
9646
- console.log("Error sending login email OTP:", err);
9646
+ strapi.log.error("Error sending login email OTP");
9647
9647
  }
9648
9648
  }
9649
9649
  ctx.res.removeHeader("set-cookie");
@@ -9657,7 +9657,7 @@ const replaceLogin = (route2, secret2, domain) => {
9657
9657
  const newToken = jwt.sign(newPayload, secret2, { expiresIn: "5m" });
9658
9658
  const expires = new Date(Date.now() + 5 * 60 * 1e3);
9659
9659
  const secure = strapi.config.get("admin.auth.cookie.secure") ?? process.env.NODE_ENV === "production";
9660
- const opt = { domain, httpOnly: false, overwrite: true, secure, expires };
9660
+ const opt = { domain, httpOnly: true, overwrite: true, secure, expires };
9661
9661
  ctx.cookies.set("strapi_admin_mfa", newToken, opt);
9662
9662
  ctx.body.data = { data: {}, error: null };
9663
9663
  });
@@ -9703,7 +9703,6 @@ const registerMiddlewares = (server) => {
9703
9703
  "/admin/users/me",
9704
9704
  "/strapi-identity/status",
9705
9705
  "/strapi-identity/config",
9706
- "/strapi-identity/config/enabled",
9707
9706
  "/strapi-identity/enable",
9708
9707
  "/strapi-identity/setup",
9709
9708
  "/strapi-identity/enable-email",
@@ -9711,7 +9710,6 @@ const registerMiddlewares = (server) => {
9711
9710
  ];
9712
9711
  const isAllowed = allowedPaths.includes(ctx.path) || // Static assets (JS, CSS, images, fonts, sourcemaps)
9713
9712
  /\.(mjs|js|css|png|jpg|jpeg|gif|svg|ico|woff2?|ttf|eot|map)(\?.*)?$/.test(ctx.path) || ctx.path.startsWith("/admin/@") || ctx.path.startsWith("/admin/src/");
9714
- if (!isAllowed) console.log(ctx.path);
9715
9713
  if (!isAllowed) {
9716
9714
  if (ctx.accepts("html") && ctx.path.startsWith("/admin")) {
9717
9715
  ctx.redirect("/admin/strapi-identity/enforced");
@@ -9838,7 +9836,7 @@ const config$2 = ({ strapi: strapi2 }) => ({
9838
9836
  ctx.status = 200;
9839
9837
  ctx.body = { data: enabled, error: null };
9840
9838
  } catch (error) {
9841
- console.log("Error checking if Strapi Identity is enabled:", error);
9839
+ strapi2.log.error("Error checking if Strapi Identity is enabled");
9842
9840
  ctx.status = 500;
9843
9841
  ctx.body = { data: null, error: "Server Error" };
9844
9842
  }
@@ -9849,18 +9847,7 @@ const config$2 = ({ strapi: strapi2 }) => ({
9849
9847
  ctx.status = 200;
9850
9848
  ctx.body = { data: config2, error: null };
9851
9849
  } catch (error) {
9852
- console.log("Error getting config:", error);
9853
- ctx.status = 500;
9854
- ctx.body = { data: null, error: "Server Error" };
9855
- }
9856
- },
9857
- async getEmailStatus(ctx) {
9858
- try {
9859
- const emailService = strapi2.config.get("plugin::email");
9860
- ctx.status = 200;
9861
- ctx.body = { data: emailService, error: null };
9862
- } catch (error) {
9863
- console.log("Error getting email status:", error);
9850
+ strapi2.log.error("Error getting config");
9864
9851
  ctx.status = 500;
9865
9852
  ctx.body = { data: null, error: "Server Error" };
9866
9853
  }
@@ -9872,7 +9859,7 @@ const config$2 = ({ strapi: strapi2 }) => ({
9872
9859
  ctx.status = 200;
9873
9860
  ctx.body = { data: updatedConfig, error: null };
9874
9861
  } catch (error) {
9875
- console.log("Error updating config:", error);
9862
+ strapi2.log.error("Error updating config");
9876
9863
  ctx.status = 500;
9877
9864
  ctx.body = { data: null, error: "Server Error" };
9878
9865
  }
@@ -9924,6 +9911,18 @@ const buildCookieOptionsWithExpiry = (type, absoluteExpiresAtISO, secureRequest)
9924
9911
  return { ...base, expires: chosen, maxAge: Math.max(0, chosen.getTime() - now) };
9925
9912
  };
9926
9913
  const controller = ({ strapi: strapi2 }) => ({
9914
+ async verifyInfo(ctx) {
9915
+ const secret2 = strapi2.config.get("admin.auth.secret");
9916
+ const token = ctx.cookies.get("strapi_admin_mfa");
9917
+ try {
9918
+ const payload = jwt.verify(token, secret2);
9919
+ ctx.status = 200;
9920
+ ctx.body = { data: { mfaType: payload.mfaType || null }, error: null };
9921
+ } catch {
9922
+ ctx.status = 401;
9923
+ ctx.body = { data: null, error: "Invalid or expired MFA session" };
9924
+ }
9925
+ },
9927
9926
  async verify(ctx) {
9928
9927
  const sessionManager = strapi2.sessionManager;
9929
9928
  const secret2 = strapi2.config.get("admin.auth.secret");
@@ -9970,7 +9969,7 @@ const controller = ({ strapi: strapi2 }) => ({
9970
9969
  error: null
9971
9970
  };
9972
9971
  } catch (error) {
9973
- console.log("Error verifying MFA code:", error);
9972
+ strapi2.log.error("Error verifying MFA code");
9974
9973
  ctx.status = 500;
9975
9974
  ctx.body = { data: null, error: "Server Error" };
9976
9975
  }
@@ -9993,7 +9992,7 @@ const controller = ({ strapi: strapi2 }) => ({
9993
9992
  ctx.body = { data: { message: "MFA disabled" }, error: null };
9994
9993
  }
9995
9994
  } catch (error) {
9996
- console.log("Error enabling/disabling MFA:", error);
9995
+ strapi2.log.error("Error enabling/disabling MFA");
9997
9996
  ctx.status = 500;
9998
9997
  ctx.body = { data: null, error: "Failed to update MFA" };
9999
9998
  }
@@ -10038,7 +10037,7 @@ const controller = ({ strapi: strapi2 }) => ({
10038
10037
  ctx.status = 200;
10039
10038
  ctx.body = { data: { message: "MFA disabled" }, error: null };
10040
10039
  } catch (error) {
10041
- console.log("Error disabling MFA:", error);
10040
+ strapi2.log.error("Error disabling MFA");
10042
10041
  ctx.status = 500;
10043
10042
  ctx.body = { data: null, error: "Failed to disable MFA" };
10044
10043
  }
@@ -10066,7 +10065,7 @@ const controller = ({ strapi: strapi2 }) => ({
10066
10065
  ctx.status = 200;
10067
10066
  ctx.body = { data: { message: "Verification email sent" }, error: null };
10068
10067
  } catch (error) {
10069
- console.log("Error initiating email MFA setup:", error);
10068
+ strapi2.log.error("Error initiating email MFA setup");
10070
10069
  ctx.status = 500;
10071
10070
  ctx.body = { data: null, error: "Failed to initiate email MFA setup" };
10072
10071
  }
@@ -10086,7 +10085,7 @@ const controller = ({ strapi: strapi2 }) => ({
10086
10085
  ctx.status = 200;
10087
10086
  ctx.body = { data: { message: "Email OTP enabled" }, error: null };
10088
10087
  } catch (error) {
10089
- console.log("Error completing email MFA setup:", error);
10088
+ strapi2.log.error("Error completing email MFA setup");
10090
10089
  ctx.status = 500;
10091
10090
  ctx.body = { data: null, error: "Failed to enable email MFA" };
10092
10091
  }
@@ -10107,7 +10106,7 @@ const controller = ({ strapi: strapi2 }) => ({
10107
10106
  ctx.status = 200;
10108
10107
  ctx.body = { data: { message: "Verification email sent" }, error: null };
10109
10108
  } catch (error) {
10110
- console.log("Error sending disable email OTP:", error);
10109
+ strapi2.log.error("Error sending disable email OTP");
10111
10110
  ctx.status = 500;
10112
10111
  ctx.body = { data: null, error: "Failed to send verification email" };
10113
10112
  }
@@ -10135,7 +10134,7 @@ const controller = ({ strapi: strapi2 }) => ({
10135
10134
  ctx.status = 200;
10136
10135
  ctx.body = { data: { message: "Verification email resent" }, error: null };
10137
10136
  } catch (error) {
10138
- console.log("Error resending login email OTP:", error);
10137
+ strapi2.log.error("Error resending login email OTP");
10139
10138
  ctx.status = 500;
10140
10139
  ctx.body = { data: null, error: "Failed to resend verification email" };
10141
10140
  }
@@ -10221,35 +10220,40 @@ const config$1 = [
10221
10220
  pluginName: "strapi-identity",
10222
10221
  type: "content-api"
10223
10222
  },
10224
- config: {}
10225
- },
10226
- {
10227
- method: "GET",
10228
- path: "/config",
10229
- handler: "config.getConfig",
10230
- info: {
10231
- apiName: "getConfig",
10232
- pluginName: "strapi-identity",
10233
- type: "content-api"
10234
- },
10235
10223
  config: {
10236
10224
  policies: [
10237
- "admin::isAuthenticatedAdmin"
10225
+ "admin::isAuthenticatedAdmin",
10226
+ {
10227
+ name: "admin::hasPermissions",
10228
+ config: {
10229
+ actions: [
10230
+ "plugin::strapi-identity.settings.read"
10231
+ ]
10232
+ }
10233
+ }
10238
10234
  ]
10239
10235
  }
10240
10236
  },
10241
10237
  {
10242
10238
  method: "GET",
10243
- path: "/config/email",
10244
- handler: "config.getEmailStatus",
10239
+ path: "/config",
10240
+ handler: "config.getConfig",
10245
10241
  info: {
10246
- apiName: "getEmailStatus",
10242
+ apiName: "getConfig",
10247
10243
  pluginName: "strapi-identity",
10248
10244
  type: "content-api"
10249
10245
  },
10250
10246
  config: {
10251
10247
  policies: [
10252
- "admin::isAuthenticatedAdmin"
10248
+ "admin::isAuthenticatedAdmin",
10249
+ {
10250
+ name: "admin::hasPermissions",
10251
+ config: {
10252
+ actions: [
10253
+ "plugin::strapi-identity.settings.read"
10254
+ ]
10255
+ }
10256
+ }
10253
10257
  ]
10254
10258
  }
10255
10259
  },
@@ -10278,6 +10282,22 @@ const config$1 = [
10278
10282
  }
10279
10283
  ];
10280
10284
  const mfa = [
10285
+ {
10286
+ method: "GET",
10287
+ path: "/verify/info",
10288
+ handler: "controller.verifyInfo",
10289
+ info: {
10290
+ apiName: "verifyInfo",
10291
+ pluginName: "strapi-identity",
10292
+ type: "content-api"
10293
+ },
10294
+ config: {
10295
+ auth: false,
10296
+ policies: [
10297
+ "has-mfa"
10298
+ ]
10299
+ }
10300
+ },
10281
10301
  {
10282
10302
  method: "POST",
10283
10303
  path: "/verify",
@@ -10291,6 +10311,9 @@ const mfa = [
10291
10311
  auth: false,
10292
10312
  policies: [
10293
10313
  "has-mfa"
10314
+ ],
10315
+ middlewares: [
10316
+ "admin::rateLimit"
10294
10317
  ]
10295
10318
  }
10296
10319
  },
@@ -10351,6 +10374,9 @@ const mfa = [
10351
10374
  auth: false,
10352
10375
  policies: [
10353
10376
  "has-mfa"
10377
+ ],
10378
+ middlewares: [
10379
+ "admin::rateLimit"
10354
10380
  ]
10355
10381
  }
10356
10382
  },
@@ -10400,7 +10426,7 @@ const isEnabled$1 = (id) => {
10400
10426
  try {
10401
10427
  return mfaToken2.count({ where: { admin_user: { id }, enabled: true } }).then((count) => count > 0);
10402
10428
  } catch (error) {
10403
- console.log("Error checking if 2FA is enabled for user:", error);
10429
+ strapi.log.error("Error checking if 2FA is enabled for user");
10404
10430
  return false;
10405
10431
  }
10406
10432
  };
@@ -10417,7 +10443,7 @@ const reset = async (id) => {
10417
10443
  existingTemp ? mfaTemp2.delete({ documentId: existingTemp.documentId }) : null
10418
10444
  ]);
10419
10445
  } catch (error) {
10420
- console.log("Error resetting 2FA for user:", error);
10446
+ strapi.log.error("Error resetting 2FA for user");
10421
10447
  throw new Error("Failed to reset 2FA for user");
10422
10448
  }
10423
10449
  };
@@ -10481,7 +10507,7 @@ const disableEmailMFAForAllUsers = async () => {
10481
10507
  )
10482
10508
  ]);
10483
10509
  } catch (err) {
10484
- console.log("Error disabling email MFA for all users:", err);
10510
+ strapi.log.error("Error disabling email MFA for all users");
10485
10511
  }
10486
10512
  };
10487
10513
  const disableMFAForAllUsers = async () => {
@@ -10497,7 +10523,7 @@ const disableMFAForAllUsers = async () => {
10497
10523
  ...temps.map((temp) => tempDocument.delete({ documentId: temp.documentId }))
10498
10524
  ]);
10499
10525
  } catch (err) {
10500
- console.log("Error disabling MFA for all users:", err);
10526
+ strapi.log.error("Error disabling MFA for all users");
10501
10527
  }
10502
10528
  };
10503
10529
  const checkUserByJWT = async (jwtToken) => {
@@ -10550,7 +10576,7 @@ const send = async (to, otp) => {
10550
10576
  sendConfig.replyTo = config2.response_email;
10551
10577
  }
10552
10578
  return emailService.send(sendConfig).catch((error) => {
10553
- console.log("Error sending email:", error);
10579
+ strapi.log.error("Error sending email");
10554
10580
  });
10555
10581
  };
10556
10582
  const replaceTemplateVariables = (template, variables) => {
package/dist/server/src/bootstrap.d.ts ADDED
@@ -0,0 +1,3 @@
1
+ import { Plugin } from '@strapi/types';
2
+ declare const bootstrap: Plugin.LoadedPlugin['bootstrap'];
3
+ export default bootstrap;
package/dist/server/src/config/index.d.ts ADDED
@@ -0,0 +1,3 @@
1
+ import { Plugin } from '@strapi/types';
2
+ declare const config: Plugin.LoadedPlugin['config'];
3
+ export default config;
package/dist/server/src/content-types/config/index.d.ts ADDED
@@ -0,0 +1,72 @@
1
+ declare const _default: {
2
+ schema: {
3
+ kind: string;
4
+ collectionName: string;
5
+ info: {
6
+ singularName: string;
7
+ pluralName: string;
8
+ displayName: string;
9
+ };
10
+ options: {
11
+ draftAndPublish: boolean;
12
+ };
13
+ pluginOptions: {
14
+ "content-manager": {
15
+ visible: boolean;
16
+ };
17
+ "content-type-builder": {
18
+ visible: boolean;
19
+ };
20
+ };
21
+ attributes: {
22
+ enabled: {
23
+ type: string;
24
+ default: boolean;
25
+ };
26
+ enforce: {
27
+ type: string;
28
+ default: boolean;
29
+ };
30
+ issuer: {
31
+ type: string;
32
+ required: boolean;
33
+ default: string;
34
+ };
35
+ email_enabled: {
36
+ type: string;
37
+ default: boolean;
38
+ };
39
+ from_email: {
40
+ type: string;
41
+ required: boolean;
42
+ default: string;
43
+ };
44
+ from_name: {
45
+ type: string;
46
+ required: boolean;
47
+ default: string;
48
+ };
49
+ response_email: {
50
+ type: string;
51
+ required: boolean;
52
+ default: string;
53
+ };
54
+ subject: {
55
+ type: string;
56
+ required: boolean;
57
+ default: string;
58
+ };
59
+ text: {
60
+ type: string;
61
+ required: boolean;
62
+ default: string;
63
+ };
64
+ message: {
65
+ type: string;
66
+ required: boolean;
67
+ default: string;
68
+ };
69
+ };
70
+ };
71
+ };
72
+ export default _default;