strapi/packages/core/admin/server/register.js

'use strict';

const adminAuthStrategy = {
  name: 'admin',
  async authenticate(ctx) {
    const { authorization } = ctx.request.header;

    if (!authorization) {
      return { authenticated: false };
    }

    const parts = authorization.split(/\s+/);

    if (parts[0] !== 'Bearer' || parts.length !== 2) {
      return { authenticated: false };
    }

    const token = parts[1];
    const { payload, isValid } = strapi.admin.services.token.decodeJwtToken(token);

    if (isValid) {
      const user = await strapi
        .query('admin::user')
        .findOne({ where: { id: payload.id }, populate: ['roles'] });

      if (!user || !(user.isActive === true)) {
        return { error: 'Invalid credentials' };
      }

      const userAbility = await strapi.admin.services.permission.engine.generateUserAbility(user);

      ctx.state.userAbility = userAbility;
      ctx.state.user = user;
      ctx.state.isAuthenticatedAdmin = true;

      return { authenticated: true, credentials: user };
    }

    return { error: 'Invalid credentials' };
  },
};

module.exports = () => {
  const passportMiddleware = strapi.admin.services.passport.init();

  strapi.server.api('admin').use(passportMiddleware);
  strapi.container.get('auth').register('admin', adminAuthStrategy);
};
I18n/ permissions rework (#9535) * Add a domain layer for the permission, rework the engine handling of the permissions Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Add permissions-fields-to-properties migration for the admin Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Removes useless console.log Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Remove debug logLevel from provider-login.test.e2e.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Adds the new layout for the GET permissions, allow to subscribe to actionRegistered events, adds i18n handlers Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Fix typo Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Update permissions validators Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Update unit tests Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Update integrations test + fix some validation issues Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Change plugins & settings section format for the permissions layout * only return locales property to localized subjects for the permission's layout * Do not send the locales property to the permission's layout when there is no locales created * Add the 'locales' property to publish & delete routes * Fix unwanted mutation of the sections builder states on multiple builds * Fix units tests with (new engine) * Fix admin-role e2e test - Add locales property to the update payload * fix e2e testsé * Update e2e snapshots * Fix unit test for i18n bootstrap * Add mocks for i18n/bootstrap test * Fix has-locale condition & updatePermission validator * Avoid mutation in migration, always authorize super admin for has-locales condition * Rework rbac domain objects, add a hook module and a provider factory * Remove old providers * Update the admin services & tests for the new rbac domain & providers * Fix tests, bootstrap functions & services following rbac domain rework * Update migration runner * PR comments Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Remove useless console.log * Fix sanitizeCondition bug * Section builder rework * Add test for the section-builder section & add jsdoc for the permission domain * pr comments (without the migrations) * fix fields-to-properties migration * Add jsdoc for the sections-builder * Moves createBoundAbstractDomain from permission domain to the engine service * Remove debug logLevel for admin role test (e2e) * Fix core-store * Fix hooks & move business logic from i18n bootstrap to dedicated services * add route get-non-localized-fields * use write and read permission * refacto * add input validator * add route doc * handle ST Co-authored-by: Pierre Noël <petersg83@gmail.com> Co-authored-by: Alexandre BODIN <alexandrebodin@users.noreply.github.com> 2021-03-25 14:59:44 +01:00			`'use strict';`

Move admin auth to global auth system 2021-09-08 16:16:16 +02:00			`const adminAuthStrategy = {`
			`name: 'admin',`
			`async authenticate(ctx) {`
			`const { authorization } = ctx.request.header;`
Cleanup admin ee and middlewares 2021-09-06 15:04:59 +02:00
Move admin auth to global auth system 2021-09-08 16:16:16 +02:00			`if (!authorization) {`
			`return { authenticated: false };`
			`}`

			`const parts = authorization.split(/\s+/);`

			`if (parts[0] !== 'Bearer' \|\| parts.length !== 2) {`
			`return { authenticated: false };`
			`}`

			`const token = parts[1];`
Cleanup admin ee and middlewares 2021-09-06 15:04:59 +02:00			`const { payload, isValid } = strapi.admin.services.token.decodeJwtToken(token);`

			`if (isValid) {`
Move admin auth to global auth system 2021-09-08 16:16:16 +02:00			`const user = await strapi`
Cleanup admin ee and middlewares 2021-09-06 15:04:59 +02:00			`.query('admin::user')`
			`.findOne({ where: { id: payload.id }, populate: ['roles'] });`

Move admin auth to global auth system 2021-09-08 16:16:16 +02:00			`if (!user \|\| !(user.isActive === true)) {`
			`return { error: 'Invalid credentials' };`
Cleanup admin ee and middlewares 2021-09-06 15:04:59 +02:00			`}`

Move admin auth to global auth system 2021-09-08 16:16:16 +02:00			`const userAbility = await strapi.admin.services.permission.engine.generateUserAbility(user);`
Cleanup admin ee and middlewares 2021-09-06 15:04:59 +02:00
Move admin auth to global auth system 2021-09-08 16:16:16 +02:00			`ctx.state.userAbility = userAbility;`
			`ctx.state.user = user;`
Fix distinct 2021-09-22 18:49:04 +02:00			`ctx.state.isAuthenticatedAdmin = true;`
Cleanup admin ee and middlewares 2021-09-06 15:04:59 +02:00
Move admin auth to global auth system 2021-09-08 16:16:16 +02:00			`return { authenticated: true, credentials: user };`
Cleanup admin ee and middlewares 2021-09-06 15:04:59 +02:00			`}`

Move admin auth to global auth system 2021-09-08 16:16:16 +02:00			`return { error: 'Invalid credentials' };`
			`},`
Cleanup admin ee and middlewares 2021-09-06 15:04:59 +02:00			`};`

I18n/ permissions rework (#9535) * Add a domain layer for the permission, rework the engine handling of the permissions Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Add permissions-fields-to-properties migration for the admin Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Removes useless console.log Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Remove debug logLevel from provider-login.test.e2e.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Adds the new layout for the GET permissions, allow to subscribe to actionRegistered events, adds i18n handlers Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Fix typo Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Update permissions validators Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Update unit tests Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Update integrations test + fix some validation issues Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Change plugins & settings section format for the permissions layout * only return locales property to localized subjects for the permission's layout * Do not send the locales property to the permission's layout when there is no locales created * Add the 'locales' property to publish & delete routes * Fix unwanted mutation of the sections builder states on multiple builds * Fix units tests with (new engine) * Fix admin-role e2e test - Add locales property to the update payload * fix e2e testsé * Update e2e snapshots * Fix unit test for i18n bootstrap * Add mocks for i18n/bootstrap test * Fix has-locale condition & updatePermission validator * Avoid mutation in migration, always authorize super admin for has-locales condition * Rework rbac domain objects, add a hook module and a provider factory * Remove old providers * Update the admin services & tests for the new rbac domain & providers * Fix tests, bootstrap functions & services following rbac domain rework * Update migration runner * PR comments Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Remove useless console.log * Fix sanitizeCondition bug * Section builder rework * Add test for the section-builder section & add jsdoc for the permission domain * pr comments (without the migrations) * fix fields-to-properties migration * Add jsdoc for the sections-builder * Moves createBoundAbstractDomain from permission domain to the engine service * Remove debug logLevel for admin role test (e2e) * Fix core-store * Fix hooks & move business logic from i18n bootstrap to dedicated services * add route get-non-localized-fields * use write and read permission * refacto * add input validator * add route doc * handle ST Co-authored-by: Pierre Noël <petersg83@gmail.com> Co-authored-by: Alexandre BODIN <alexandrebodin@users.noreply.github.com> 2021-03-25 14:59:44 +01:00			`module.exports = () => {`
Cleanup admin ee and middlewares 2021-09-06 15:04:59 +02:00			`const passportMiddleware = strapi.admin.services.passport.init();`

			`strapi.server.api('admin').use(passportMiddleware);`
Move admin auth to global auth system 2021-09-08 16:16:16 +02:00			`strapi.container.get('auth').register('admin', adminAuthStrategy);`
I18n/ permissions rework (#9535) * Add a domain layer for the permission, rework the engine handling of the permissions Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Add permissions-fields-to-properties migration for the admin Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Removes useless console.log Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Remove debug logLevel from provider-login.test.e2e.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Adds the new layout for the GET permissions, allow to subscribe to actionRegistered events, adds i18n handlers Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Fix typo Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Update permissions validators Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Update unit tests Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Update integrations test + fix some validation issues Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Change plugins & settings section format for the permissions layout * only return locales property to localized subjects for the permission's layout * Do not send the locales property to the permission's layout when there is no locales created * Add the 'locales' property to publish & delete routes * Fix unwanted mutation of the sections builder states on multiple builds * Fix units tests with (new engine) * Fix admin-role e2e test - Add locales property to the update payload * fix e2e testsé * Update e2e snapshots * Fix unit test for i18n bootstrap * Add mocks for i18n/bootstrap test * Fix has-locale condition & updatePermission validator * Avoid mutation in migration, always authorize super admin for has-locales condition * Rework rbac domain objects, add a hook module and a provider factory * Remove old providers * Update the admin services & tests for the new rbac domain & providers * Fix tests, bootstrap functions & services following rbac domain rework * Update migration runner * PR comments Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Remove useless console.log * Fix sanitizeCondition bug * Section builder rework * Add test for the section-builder section & add jsdoc for the permission domain * pr comments (without the migrations) * fix fields-to-properties migration * Add jsdoc for the sections-builder * Moves createBoundAbstractDomain from permission domain to the engine service * Remove debug logLevel for admin role test (e2e) * Fix core-store * Fix hooks & move business logic from i18n bootstrap to dedicated services * add route get-non-localized-fields * use write and read permission * refacto * add input validator * add route doc * handle ST Co-authored-by: Pierre Noël <petersg83@gmail.com> Co-authored-by: Alexandre BODIN <alexandrebodin@users.noreply.github.com> 2021-03-25 14:59:44 +01:00			`};`