strapi-plugin-firebase-authentication 1.2.5 → 1.3.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/dist/server/index.js +79 -0
  2. package/dist/server/index.mjs +79 -0
  3. package/dist/server/src/controllers/firebaseController.d.ts +9 -0
  4. package/dist/server/src/controllers/index.d.ts +1 -0
  5. package/dist/server/src/index.d.ts +4 -0
  6. package/dist/server/src/services/firebaseService.d.ts +11 -0
  7. package/dist/server/src/services/index.d.ts +3 -0
  8. package/package.json +1 -1
package/dist/server/index.js CHANGED
@@ -29004,6 +29004,29 @@ const firebaseController = {
29004
29004
  }
29005
29005
  throw error2;
29006
29006
  }
29007
+ },
29008
+ /**
29009
+ * Check password - validates a password against the authenticated user's Firebase account
29010
+ * POST /api/firebase-authentication/checkPassword
29011
+ * Authenticated endpoint - requires valid JWT (enforced by is-authenticated policy)
29012
+ *
29013
+ * @param ctx - Koa context with { password } in body
29014
+ * @returns { valid: true } or { valid: false }
29015
+ */
29016
+ async checkPassword(ctx) {
29017
+ strapi.log.debug("checkPassword endpoint called");
29018
+ try {
29019
+ const { password } = ctx.request.body || {};
29020
+ const user = ctx.state.user;
29021
+ if (!password) {
29022
+ throw new ValidationError$1("Password is required");
29023
+ }
29024
+ const result = await strapi.plugin(pluginName).service("firebaseService").checkPassword(user, password);
29025
+ ctx.body = result;
29026
+ } catch (error2) {
29027
+ strapi.log.error("checkPassword controller error:", error2);
29028
+ throw error2;
29029
+ }
29007
29030
  }
29008
29031
  };
29009
29032
  const STRAPI_DESTINATION = "strapi";
@@ -29484,6 +29507,14 @@ const contentApi = {
29484
29507
  // Public endpoint - token provides authentication
29485
29508
  policies: []
29486
29509
  }
29510
+ },
29511
+ {
29512
+ method: "POST",
29513
+ path: "/checkPassword",
29514
+ handler: "firebaseController.checkPassword",
29515
+ config: {
29516
+ policies: ["plugin::firebase-authentication.is-authenticated"]
29517
+ }
29487
29518
  }
29488
29519
  ]
29489
29520
  };
@@ -31311,6 +31342,54 @@ const firebaseService = ({ strapi: strapi2 }) => ({
31311
31342
  }
31312
31343
  throw new ApplicationError$2("Failed to verify email. Please try again.");
31313
31344
  }
31345
+ },
31346
+ /**
31347
+ * Check if a password is valid for the authenticated user
31348
+ * Uses Firebase Identity Toolkit API to verify the password
31349
+ *
31350
+ * @param user - Authenticated user from ctx.state.user
31351
+ * @param password - Password to check
31352
+ * @returns { valid: true } or { valid: false }
31353
+ */
31354
+ async checkPassword(user, password) {
31355
+ if (!user || !user.email) {
31356
+ throw new ValidationError$1("User email is required");
31357
+ }
31358
+ const config2 = await strapi2.plugin("firebase-authentication").service("settingsService").getFirebaseConfigJson();
31359
+ if (!config2 || !config2.firebaseWebApiKey) {
31360
+ throw new ApplicationError$2(
31361
+ "Password verification is not available. Web API Key is not configured.\n\nTo enable password verification:\n1. Go to Firebase Console > Project Settings > General\n2. Copy your Web API Key\n3. Add it in Strapi Admin > Settings > Firebase Authentication > Optional Settings"
31362
+ );
31363
+ }
31364
+ try {
31365
+ const response = await fetch(
31366
+ `https://identitytoolkit.googleapis.com/v1/accounts:signInWithPassword?key=${config2.firebaseWebApiKey}`,
31367
+ {
31368
+ method: "POST",
31369
+ headers: {
31370
+ "Content-Type": "application/json"
31371
+ },
31372
+ body: JSON.stringify({
31373
+ email: user.email,
31374
+ password,
31375
+ returnSecureToken: false
31376
+ })
31377
+ }
31378
+ );
31379
+ const data = await response.json();
31380
+ if (!response.ok) {
31381
+ const errorMessage = data.error?.message || "Authentication failed";
31382
+ strapi2.log.debug(`checkPassword: password invalid for user ${user.email}: ${errorMessage}`);
31383
+ if (errorMessage === "INVALID_PASSWORD" || errorMessage === "INVALID_LOGIN_CREDENTIALS" || errorMessage.includes("INVALID")) {
31384
+ return { valid: false };
31385
+ }
31386
+ return { valid: false };
31387
+ }
31388
+ return { valid: true };
31389
+ } catch (error2) {
31390
+ strapi2.log.error("checkPassword error:", error2);
31391
+ throw new ApplicationError$2("Failed to verify password");
31392
+ }
31314
31393
  }
31315
31394
  });
31316
31395
  const passwordResetTemplate = {
package/dist/server/index.mjs CHANGED
@@ -28972,6 +28972,29 @@ const firebaseController = {
28972
28972
  }
28973
28973
  throw error2;
28974
28974
  }
28975
+ },
28976
+ /**
28977
+ * Check password - validates a password against the authenticated user's Firebase account
28978
+ * POST /api/firebase-authentication/checkPassword
28979
+ * Authenticated endpoint - requires valid JWT (enforced by is-authenticated policy)
28980
+ *
28981
+ * @param ctx - Koa context with { password } in body
28982
+ * @returns { valid: true } or { valid: false }
28983
+ */
28984
+ async checkPassword(ctx) {
28985
+ strapi.log.debug("checkPassword endpoint called");
28986
+ try {
28987
+ const { password } = ctx.request.body || {};
28988
+ const user = ctx.state.user;
28989
+ if (!password) {
28990
+ throw new ValidationError$1("Password is required");
28991
+ }
28992
+ const result = await strapi.plugin(pluginName).service("firebaseService").checkPassword(user, password);
28993
+ ctx.body = result;
28994
+ } catch (error2) {
28995
+ strapi.log.error("checkPassword controller error:", error2);
28996
+ throw error2;
28997
+ }
28975
28998
  }
28976
28999
  };
28977
29000
  const STRAPI_DESTINATION = "strapi";
@@ -29452,6 +29475,14 @@ const contentApi = {
29452
29475
  // Public endpoint - token provides authentication
29453
29476
  policies: []
29454
29477
  }
29478
+ },
29479
+ {
29480
+ method: "POST",
29481
+ path: "/checkPassword",
29482
+ handler: "firebaseController.checkPassword",
29483
+ config: {
29484
+ policies: ["plugin::firebase-authentication.is-authenticated"]
29485
+ }
29455
29486
  }
29456
29487
  ]
29457
29488
  };
@@ -31279,6 +31310,54 @@ const firebaseService = ({ strapi: strapi2 }) => ({
31279
31310
  }
31280
31311
  throw new ApplicationError$2("Failed to verify email. Please try again.");
31281
31312
  }
31313
+ },
31314
+ /**
31315
+ * Check if a password is valid for the authenticated user
31316
+ * Uses Firebase Identity Toolkit API to verify the password
31317
+ *
31318
+ * @param user - Authenticated user from ctx.state.user
31319
+ * @param password - Password to check
31320
+ * @returns { valid: true } or { valid: false }
31321
+ */
31322
+ async checkPassword(user, password) {
31323
+ if (!user || !user.email) {
31324
+ throw new ValidationError$1("User email is required");
31325
+ }
31326
+ const config2 = await strapi2.plugin("firebase-authentication").service("settingsService").getFirebaseConfigJson();
31327
+ if (!config2 || !config2.firebaseWebApiKey) {
31328
+ throw new ApplicationError$2(
31329
+ "Password verification is not available. Web API Key is not configured.\n\nTo enable password verification:\n1. Go to Firebase Console > Project Settings > General\n2. Copy your Web API Key\n3. Add it in Strapi Admin > Settings > Firebase Authentication > Optional Settings"
31330
+ );
31331
+ }
31332
+ try {
31333
+ const response = await fetch(
31334
+ `https://identitytoolkit.googleapis.com/v1/accounts:signInWithPassword?key=${config2.firebaseWebApiKey}`,
31335
+ {
31336
+ method: "POST",
31337
+ headers: {
31338
+ "Content-Type": "application/json"
31339
+ },
31340
+ body: JSON.stringify({
31341
+ email: user.email,
31342
+ password,
31343
+ returnSecureToken: false
31344
+ })
31345
+ }
31346
+ );
31347
+ const data = await response.json();
31348
+ if (!response.ok) {
31349
+ const errorMessage = data.error?.message || "Authentication failed";
31350
+ strapi2.log.debug(`checkPassword: password invalid for user ${user.email}: ${errorMessage}`);
31351
+ if (errorMessage === "INVALID_PASSWORD" || errorMessage === "INVALID_LOGIN_CREDENTIALS" || errorMessage.includes("INVALID")) {
31352
+ return { valid: false };
31353
+ }
31354
+ return { valid: false };
31355
+ }
31356
+ return { valid: true };
31357
+ } catch (error2) {
31358
+ strapi2.log.error("checkPassword error:", error2);
31359
+ throw new ApplicationError$2("Failed to verify password");
31360
+ }
31282
31361
  }
31283
31362
  });
31284
31363
  const passwordResetTemplate = {
package/dist/server/src/controllers/firebaseController.d.ts CHANGED
@@ -58,5 +58,14 @@ declare const firebaseController: {
58
58
  * @returns { success: true, message: "Email verified successfully" }
59
59
  */
60
60
  verifyEmail(ctx: Context): Promise<Context>;
61
+ /**
62
+ * Check password - validates a password against the authenticated user's Firebase account
63
+ * POST /api/firebase-authentication/checkPassword
64
+ * Authenticated endpoint - requires valid JWT (enforced by is-authenticated policy)
65
+ *
66
+ * @param ctx - Koa context with { password } in body
67
+ * @returns { valid: true } or { valid: false }
68
+ */
69
+ checkPassword(ctx: Context): Promise<void>;
61
70
  };
62
71
  export default firebaseController;
package/dist/server/src/controllers/index.d.ts CHANGED
@@ -10,6 +10,7 @@ declare const _default: {
10
10
  resetPasswordWithToken(ctx: import("koa").Context): Promise<void>;
11
11
  sendVerificationEmail(ctx: import("koa").Context): Promise<void>;
12
12
  verifyEmail(ctx: import("koa").Context): Promise<import("koa").Context>;
13
+ checkPassword(ctx: import("koa").Context): Promise<void>;
13
14
  };
14
15
  userController: {
15
16
  list: (ctx: import("koa").Context | import("koa").DefaultContext) => Promise<void>;
package/dist/server/src/index.d.ts CHANGED
@@ -31,6 +31,7 @@ declare const _default: {
31
31
  resetPasswordWithToken(ctx: import("koa").Context): Promise<void>;
32
32
  sendVerificationEmail(ctx: import("koa").Context): Promise<void>;
33
33
  verifyEmail(ctx: import("koa").Context): Promise<import("koa").Context>;
34
+ checkPassword(ctx: import("koa").Context): Promise<void>;
34
35
  };
35
36
  userController: {
36
37
  list: (ctx: import("koa").Context | import("koa").DefaultContext) => Promise<void>;
@@ -210,6 +211,9 @@ declare const _default: {
210
211
  success: boolean;
211
212
  message: string;
212
213
  }>;
214
+ checkPassword(user: any, password: string): Promise<{
215
+ valid: boolean;
216
+ }>;
213
217
  };
214
218
  templateService: ({ strapi }: {
215
219
  strapi: any;
package/dist/server/src/services/firebaseService.d.ts CHANGED
@@ -131,5 +131,16 @@ declare const _default: ({ strapi }: {
131
131
  success: boolean;
132
132
  message: string;
133
133
  }>;
134
+ /**
135
+ * Check if a password is valid for the authenticated user
136
+ * Uses Firebase Identity Toolkit API to verify the password
137
+ *
138
+ * @param user - Authenticated user from ctx.state.user
139
+ * @param password - Password to check
140
+ * @returns { valid: true } or { valid: false }
141
+ */
142
+ checkPassword(user: any, password: string): Promise<{
143
+ valid: boolean;
144
+ }>;
134
145
  };
135
146
  export default _default;
package/dist/server/src/services/index.d.ts CHANGED
@@ -121,6 +121,9 @@ declare const _default: {
121
121
  success: boolean;
122
122
  message: string;
123
123
  }>;
124
+ checkPassword(user: any, password: string): Promise<{
125
+ valid: boolean;
126
+ }>;
124
127
  };
125
128
  templateService: ({ strapi }: {
126
129
  strapi: any;
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "strapi-plugin-firebase-authentication",
3
- "version": "1.2.5",
3
+ "version": "1.3.2",
4
4
  "description": "Allows easy integration between clients utilizing Firebase for authentication and Strapi",
5
5
  "license": "MIT",
6
6
  "repository": {