133 lines
4.3 KiB
JavaScript
Raw Normal View History

2017-11-17 11:17:20 +01:00
'use strict';
/**
* An asynchronous bootstrap function that runs before
* your application gets started.
*
* This gives you an opportunity to set up your data model,
* run jobs, or perform some special logic.
*/
const crypto = require('crypto');
const _ = require('lodash');
const urljoin = require('url-join');
2021-08-19 16:49:33 +02:00
const { getService } = require('../utils');
const getGrantConfig = require('./grant-config');
2017-12-04 16:43:24 +01:00
2021-08-19 16:49:33 +02:00
const usersPermissionsActions = require('./users-permissions-actions');
module.exports = async ({ strapi }) => {
const pluginStore = strapi.store({ type: 'plugin', name: 'users-permissions' });
2021-06-29 16:27:35 +02:00
await initGrant(pluginStore);
await initEmails(pluginStore);
await initAdvancedOptions(pluginStore);
await strapi.admin.services.permission.actionProvider.registerMany(
usersPermissionsActions.actions
);
2021-07-08 21:53:30 +02:00
await getService('users-permissions').initialize();
2021-06-29 16:27:35 +02:00
2021-08-17 19:28:10 +02:00
if (!strapi.config.get('plugin.users-permissions.jwtSecret')) {
const jwtSecret = crypto.randomBytes(16).toString('base64');
if (process.env.NODE_ENV === 'production') {
throw new Error(
2022-02-09 17:46:53 +01:00
`[Users & Permissions] Missing jwtSecret. Please, in config/plugins.js, set config.jwtSecret for the users-permissions plugin or set environment variable JWT_SECRET (ex: ${jwtSecret}).
For security reasons, prefere storing the secret in a environment variable. See https://docs.strapi.io/developer-docs/latest/setup-deployment-guides/configurations/optional/environment.html#configuration-using-environment-variables.`
);
}
2021-08-20 15:23:02 +02:00
strapi.config.set('plugin.users-permissions.jwtSecret', jwtSecret);
2021-06-29 16:27:35 +02:00
2021-08-13 15:35:19 +02:00
if (!process.env.JWT_SECRET) {
strapi.fs.appendFile(process.env.ENV_PATH || '.env', `JWT_SECRET=${jwtSecret}\n`);
strapi.log.info(
'The Users & Permissions plugin automatically generated a jwt secret and stored it in your .env file under the name JWT_SECRET.'
);
2021-08-13 15:35:19 +02:00
}
2021-06-29 16:27:35 +02:00
}
};
const initGrant = async pluginStore => {
2021-10-26 16:51:29 +02:00
const apiPrefix = strapi.config.get('api.rest.prefix');
const baseURL = urljoin(strapi.config.server.url, apiPrefix, 'auth');
2021-10-26 16:51:29 +02:00
const grantConfig = getGrantConfig(baseURL);
2021-06-29 16:27:35 +02:00
const prevGrantConfig = (await pluginStore.get({ key: 'grant' })) || {};
// store grant auth config to db
// when plugin_users-permissions_grant is not existed in db
// or we have added/deleted provider here.
if (!prevGrantConfig || !_.isEqual(_.keys(prevGrantConfig), _.keys(grantConfig))) {
2018-04-24 22:18:21 +08:00
// merge with the previous provider config.
_.keys(grantConfig).forEach(key => {
2018-04-24 22:18:21 +08:00
if (key in prevGrantConfig) {
grantConfig[key] = _.merge(grantConfig[key], prevGrantConfig[key]);
}
});
await pluginStore.set({ key: 'grant', value: grantConfig });
2018-01-12 15:20:13 +01:00
}
2021-06-29 16:27:35 +02:00
};
2018-01-12 15:20:13 +01:00
2021-06-29 16:27:35 +02:00
const initEmails = async pluginStore => {
if (!(await pluginStore.get({ key: 'email' }))) {
const value = {
reset_password: {
display: 'Email.template.reset_password',
2019-11-19 16:17:15 +01:00
icon: 'sync',
options: {
from: {
name: 'Administration Panel',
email: 'no-reply@strapi.io',
},
response_email: '',
object: 'Reset password',
message: `<p>We heard that you lost your password. Sorry about that!</p>
<p>But dont worry! You can use the following link to reset your password:</p>
<p><%= URL %>?code=<%= TOKEN %></p>
<p>Thanks.</p>`,
},
2018-08-08 17:57:02 +02:00
},
email_confirmation: {
2018-08-08 17:57:02 +02:00
display: 'Email.template.email_confirmation',
2019-11-19 16:17:15 +01:00
icon: 'check-square',
2018-08-08 17:57:02 +02:00
options: {
from: {
name: 'Administration Panel',
email: 'no-reply@strapi.io',
2018-08-08 17:57:02 +02:00
},
response_email: '',
object: 'Account confirmation',
2018-08-27 08:11:23 -07:00
message: `<p>Thank you for registering!</p>
2018-08-08 17:57:02 +02:00
2018-08-23 12:00:46 +02:00
<p>You have to confirm your email address. Please click on the link below.</p>
2018-08-08 17:57:02 +02:00
<p><%= URL %>?confirmation=<%= CODE %></p>
<p>Thanks.</p>`,
},
},
};
2018-01-15 11:29:38 +01:00
await pluginStore.set({ key: 'email', value });
2018-01-15 11:29:38 +01:00
}
2021-06-29 16:27:35 +02:00
};
2018-01-15 11:29:38 +01:00
2021-06-29 16:27:35 +02:00
const initAdvancedOptions = async pluginStore => {
if (!(await pluginStore.get({ key: 'advanced' }))) {
const value = {
unique_email: true,
2018-03-12 15:56:25 +01:00
allow_register: true,
2018-08-08 17:57:02 +02:00
email_confirmation: false,
email_reset_password: null,
email_confirmation_redirection: null,
default_role: 'authenticated',
};
2018-01-15 15:01:21 +01:00
await pluginStore.set({ key: 'advanced', value });
2018-01-15 15:01:21 +01:00
}
2017-11-17 11:17:20 +01:00
};