strapi/packages/plugins/users-permissions/server/services/jwt.js

'use strict';

/**
 * Jwt.js service
 *
 * @description: A set of functions similar to controller's actions to avoid code duplication.
 */

const _ = require('lodash');
const jwt = require('jsonwebtoken');

module.exports = ({ strapi }) => ({
  getToken(ctx) {
    let token;

    if (ctx.request && ctx.request.header && ctx.request.header.authorization) {
      const parts = ctx.request.header.authorization.split(/\s+/);

      if (parts[0].toLowerCase() !== 'bearer' || parts.length !== 2) {
        return null;
      }

      token = parts[1];
    } else {
      return null;
    }

    return this.verify(token);
  },

  issue(payload, jwtOptions = {}) {
    _.defaults(jwtOptions, strapi.config.get('plugin::users-permissions.jwt'));
    return jwt.sign(
      _.clone(payload.toJSON ? payload.toJSON() : payload),
      strapi.config.get('plugin::users-permissions.jwtSecret'),
      jwtOptions
    );
  },

  verify(token) {
    return new Promise((resolve, reject) => {
      jwt.verify(
        token,
        strapi.config.get('plugin::users-permissions.jwtSecret'),
        {},
        (err, tokenPayload = {}) => {
          if (err) {
            return reject(new Error('Invalid token.'));
          }
          resolve(tokenPayload);
        }
      );
    });
  },
});
Register new user with hashed password 2017-11-16 14:12:03 +01:00			`'use strict';`

			`/**`
			`* Jwt.js service`
			`*`
			`* @description: A set of functions similar to controller's actions to avoid code duplication.`
			`*/`

			`const _ = require('lodash');`
			`const jwt = require('jsonwebtoken');`
Added default options to enable re-use 2018-01-26 07:32:28 +01:00
WIP 2021-07-08 11:20:13 +02:00			`module.exports = ({ strapi }) => ({`
Refactor users-permissions to use the new strapi.query 2019-07-15 23:16:50 +02:00			`getToken(ctx) {`
Support query access_token 2021-11-15 17:54:17 +01:00			`let token;`
Use request route to detect current action 2017-11-27 16:47:16 +01:00
			`if (ctx.request && ctx.request.header && ctx.request.header.authorization) {`
Support query access_token 2021-11-15 17:54:17 +01:00			`const parts = ctx.request.header.authorization.split(/\s+/);`
Use request route to detect current action 2017-11-27 16:47:16 +01:00
Support query access_token 2021-11-15 17:54:17 +01:00			`if (parts[0].toLowerCase() !== 'bearer' \|\| parts.length !== 2) {`
			`return null;`
Use request route to detect current action 2017-11-27 16:47:16 +01:00			`}`
Support query access_token 2021-11-15 17:54:17 +01:00
			`token = parts[1];`
Use request route to detect current action 2017-11-27 16:47:16 +01:00			`} else {`
Support query access_token 2021-11-15 17:54:17 +01:00			`return null;`
Use request route to detect current action 2017-11-27 16:47:16 +01:00			`}`

			`return this.verify(token);`
Sort functions by name 2017-12-07 15:27:11 +01:00			`},`

Refactor users-permissions to use the new strapi.query 2019-07-15 23:16:50 +02:00			`issue(payload, jwtOptions = {}) {`
fix(core): use module uid for config namespace instead of dot notation 2024-03-11 12:28:46 +01:00			`_.defaults(jwtOptions, strapi.config.get('plugin::users-permissions.jwt'));`
Sort functions by name 2017-12-07 15:27:11 +01:00			`return jwt.sign(`
			`_.clone(payload.toJSON ? payload.toJSON() : payload),`
fix(core): use module uid for config namespace instead of dot notation 2024-03-11 12:28:46 +01:00			`strapi.config.get('plugin::users-permissions.jwtSecret'),`
Refactor users-permissions to use the new strapi.query 2019-07-15 23:16:50 +02:00			`jwtOptions`
Sort functions by name 2017-12-07 15:27:11 +01:00			`);`
			`},`

Refactor users-permissions to use the new strapi.query 2019-07-15 23:16:50 +02:00			`verify(token) {`
Prettier and backend fix 2022-08-08 23:33:39 +02:00			`return new Promise((resolve, reject) => {`
			`jwt.verify(`
			`token,`
fix(core): use module uid for config namespace instead of dot notation 2024-03-11 12:28:46 +01:00			`strapi.config.get('plugin::users-permissions.jwtSecret'),`
Prettier and backend fix 2022-08-08 23:33:39 +02:00			`{},`
			`(err, tokenPayload = {}) => {`
			`if (err) {`
			`return reject(new Error('Invalid token.'));`
			`}`
			`resolve(tokenPayload);`
Sort functions by name 2017-12-07 15:27:11 +01:00			`}`
Prettier and backend fix 2022-08-08 23:33:39 +02:00			`);`
Sort functions by name 2017-12-07 15:27:11 +01:00			`});`
Refactor users-permissions to use the new strapi.query 2019-07-15 23:16:50 +02:00			`},`
WIP 2021-07-08 11:20:13 +02:00			`});`