strapi/packages/plugins/documentation/server/policies/index-policy.js

'use strict';

module.exports = async (ctx, next) => {
  const pluginStore = strapi.store({ type: 'plugin', name: 'documentation' });

  const config = await pluginStore.get({ key: 'config' });

  if (!config.restrictedAccess) {
    return next();
  }

  if (!ctx.session.documentation) {
    const querystring = ctx.querystring ? `?${ctx.querystring}` : '';

    return ctx.redirect(
      `${strapi.config.server.url}${
        strapi.config.get('plugin.documentation.x-strapi-config').path
      }/login${querystring}`
    );
  }
  const isValid = await strapi.plugins['users-permissions'].services.user.validatePassword(
    ctx.session.documentation,
    config.password
  );

  if (!isValid) {
    ctx.session.documentation = null;
  }

  // Execute the action.
  await next();
};
Make lint stricter and fix the errors Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-10-27 11:27:17 +01:00			`'use strict';`

Add token in swagger and fix private fields 2018-12-06 18:03:56 +01:00			`module.exports = async (ctx, next) => {`
Init migration v4 - Hooks registry - D&P CT migrations - i18N CT migrations - Umzug with js / sql migrations - Eslint updates 2021-09-13 12:03:12 +02:00			`const pluginStore = strapi.store({ type: 'plugin', name: 'documentation' });`

Add token in swagger and fix private fields 2018-12-06 18:03:56 +01:00			`const config = await pluginStore.get({ key: 'config' });`

			`if (!config.restrictedAccess) {`
Init migration v4 - Hooks registry - D&P CT migrations - i18N CT migrations - Umzug with js / sql migrations - Eslint updates 2021-09-13 12:03:12 +02:00			`return next();`
Add token in swagger and fix private fields 2018-12-06 18:03:56 +01:00			`}`

			`if (!ctx.session.documentation) {`
			const querystring = ctx.querystring ? `?${ctx.querystring}` : '';

Fix/#4513/ability to use a sub path behind a proxy (#5833) * add possibility to use strapi on a non-root base url path * fix documentation password form * use server.url and admin.url in config Signed-off-by: Pierre Noël <pierre.noel@strapi.io> * update doc proxy Signed-off-by: Pierre Noël <pierre.noel@strapi.io> * move server.url location in config Signed-off-by: Pierre Noël <pierre.noel@strapi.io> * refacto Signed-off-by: Pierre Noël <pierre.noel@strapi.io> * add possibility to put relative urls Signed-off-by: Pierre Noël <pierre.noel@strapi.io> * allow '/' as an admin url + refacto Signed-off-by: Pierre Noël <pierre.noel@strapi.io> * update yarn.lock Signed-off-by: Pierre Noël <petersg83@gmail.com> * refacto Signed-off-by: Pierre Noël <petersg83@gmail.com> * Remove default proxy option Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> * fix github provider Signed-off-by: Pierre Noël <petersg83@gmail.com> * fix github login Signed-off-by: Pierre Noël <petersg83@gmail.com> * Remove files that should be here Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> Co-authored-by: Pierre Noël <pierre.noel@strapi.io> Co-authored-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-08 13:50:00 +02:00			`return ctx.redirect(`
WIP 2021-07-20 12:12:30 +02:00			`${strapi.config.server.url}${
refactor with module approach 2021-08-06 18:09:49 +02:00			`strapi.config.get('plugin.documentation.x-strapi-config').path`
WIP 2021-07-20 12:12:30 +02:00			}/login${querystring}`
Fix/#4513/ability to use a sub path behind a proxy (#5833) * add possibility to use strapi on a non-root base url path * fix documentation password form * use server.url and admin.url in config Signed-off-by: Pierre Noël <pierre.noel@strapi.io> * update doc proxy Signed-off-by: Pierre Noël <pierre.noel@strapi.io> * move server.url location in config Signed-off-by: Pierre Noël <pierre.noel@strapi.io> * refacto Signed-off-by: Pierre Noël <pierre.noel@strapi.io> * add possibility to put relative urls Signed-off-by: Pierre Noël <pierre.noel@strapi.io> * allow '/' as an admin url + refacto Signed-off-by: Pierre Noël <pierre.noel@strapi.io> * update yarn.lock Signed-off-by: Pierre Noël <petersg83@gmail.com> * refacto Signed-off-by: Pierre Noël <petersg83@gmail.com> * Remove default proxy option Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> * fix github provider Signed-off-by: Pierre Noël <petersg83@gmail.com> * fix github login Signed-off-by: Pierre Noël <petersg83@gmail.com> * Remove files that should be here Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> Co-authored-by: Pierre Noël <pierre.noel@strapi.io> Co-authored-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-08 13:50:00 +02:00			`);`
Add token in swagger and fix private fields 2018-12-06 18:03:56 +01:00			`}`
Use brcrypt.compare for password validation instead of compareSync (#7612) Signed-off-by: Vinit Sarvade <vinit.sarvade.08@gmail.com> 2020-09-01 20:33:37 +05:30			`const isValid = await strapi.plugins['users-permissions'].services.user.validatePassword(`
Fix/#4513/ability to use a sub path behind a proxy (#5833) * add possibility to use strapi on a non-root base url path * fix documentation password form * use server.url and admin.url in config Signed-off-by: Pierre Noël <pierre.noel@strapi.io> * update doc proxy Signed-off-by: Pierre Noël <pierre.noel@strapi.io> * move server.url location in config Signed-off-by: Pierre Noël <pierre.noel@strapi.io> * refacto Signed-off-by: Pierre Noël <pierre.noel@strapi.io> * add possibility to put relative urls Signed-off-by: Pierre Noël <pierre.noel@strapi.io> * allow '/' as an admin url + refacto Signed-off-by: Pierre Noël <pierre.noel@strapi.io> * update yarn.lock Signed-off-by: Pierre Noël <petersg83@gmail.com> * refacto Signed-off-by: Pierre Noël <petersg83@gmail.com> * Remove default proxy option Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> * fix github provider Signed-off-by: Pierre Noël <petersg83@gmail.com> * fix github login Signed-off-by: Pierre Noël <petersg83@gmail.com> * Remove files that should be here Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> Co-authored-by: Pierre Noël <pierre.noel@strapi.io> Co-authored-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-08 13:50:00 +02:00			`ctx.session.documentation,`
			`config.password`
			`);`
Add token in swagger and fix private fields 2018-12-06 18:03:56 +01:00
			`if (!isValid) {`
			`ctx.session.documentation = null;`
			`}`

			`// Execute the action.`
			`await next();`
			`};`