strapi/packages/strapi-admin/middlewares/auth/index.js

'use strict';

const passport = require('koa-passport');
const { Strategy: LocalStrategy } = require('passport-local');

const createLocalStrategy = strapi => {
  return new LocalStrategy(
    {
      usernameField: 'email',
      passwordField: 'password',
      session: false,
    },
    function(email, password, done) {
      return strapi.admin.services.auth
        .checkCredentials({ email, password })
        .then(([error, user, message]) => done(error, user, message))
        .catch(error => done(error));
    }
  );
};

module.exports = strapi => ({
  initialize() {
    passport.use(createLocalStrategy(strapi));

    strapi.app.use(passport.initialize());

    strapi.app.use(async (ctx, next) => {
      if (
        ctx.request.header.authorization &&
        ctx.request.header.authorization.split(' ')[0] === 'Bearer'
      ) {
        const token = ctx.request.header.authorization.split(' ')[1];

        const { payload, isValid } = strapi.admin.services.token.decodeJwtToken(token);

        if (isValid) {
          // request is made by an admin
          const admin = await strapi.query('user', 'admin').findOne({ id: payload.id }, []);

          if (!admin || !(admin.isActive === true)) {
            return ctx.forbidden('Invalid credentials');
          }

          ctx.state.admin = admin;
          ctx.state.user = admin;
          ctx.state.isAuthenticatedAdmin = true;
          return next();
        }
      }

      return next();
    });
  },
});
Add passportjs and refactor login Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-11 17:09:48 +02:00			`'use strict';`

			`const passport = require('koa-passport');`
			`const { Strategy: LocalStrategy } = require('passport-local');`

			`const createLocalStrategy = strapi => {`
			`return new LocalStrategy(`
			`{`
			`usernameField: 'email',`
			`passwordField: 'password',`
			`session: false,`
			`},`
			`function(email, password, done) {`
			`return strapi.admin.services.auth`
			`.checkCredentials({ email, password })`
			`.then(([error, user, message]) => done(error, user, message))`
Add tests Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-13 11:46:52 +02:00			`.catch(error => done(error));`
Add passportjs and refactor login Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-11 17:09:48 +02:00			`}`
			`);`
			`};`

			`module.exports = strapi => ({`
			`initialize() {`
			`passport.use(createLocalStrategy(strapi));`

			`strapi.app.use(passport.initialize());`
Use passport standard error handling Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-12 14:57:24 +02:00
			`strapi.app.use(async (ctx, next) => {`
			`if (`
			`ctx.request.header.authorization &&`
			`ctx.request.header.authorization.split(' ')[0] === 'Bearer'`
			`) {`
			`const token = ctx.request.header.authorization.split(' ')[1];`

Uniformize code with rbac/login Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-05-14 11:06:16 +02:00			`const { payload, isValid } = strapi.admin.services.token.decodeJwtToken(token);`
Use passport standard error handling Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-12 14:57:24 +02:00
			`if (isValid) {`
			`// request is made by an admin`
Add tests Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-12 20:46:48 +02:00			`const admin = await strapi.query('user', 'admin').findOne({ id: payload.id }, []);`
Use passport standard error handling Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-12 14:57:24 +02:00
Add tests Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-12 20:46:48 +02:00			`if (!admin \|\| !(admin.isActive === true)) {`
Use passport standard error handling Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-12 14:57:24 +02:00			`return ctx.forbidden('Invalid credentials');`
			`}`

			`ctx.state.admin = admin;`
			`ctx.state.user = admin;`
Add /users/me routes Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-18 19:54:43 +02:00			`ctx.state.isAuthenticatedAdmin = true;`
Use passport standard error handling Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-12 14:57:24 +02:00			`return next();`
			`}`
			`}`

			`return next();`
			`});`
Add passportjs and refactor login Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-11 17:09:48 +02:00			`},`
			`});`