yujunjun/strapi
1
0
Fork 0
mirror of https://github.com/strapi/strapi.git synced 2025-07-07 09:02:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
strapi/packages/strapi-plugin-users-permissions/controllers/Auth.js

156 lines
4.1 KiB
JavaScript
Raw Normal View History

Add static login for fontend
2017-11-14 11:49:19 +01:00
'use strict';
/**
* Auth.js controller
*
* @description: A set of functions called "actions" for managing `Auth`.
*/
Register new user with hashed password
2017-11-16 14:12:03 +01:00
const _ = require('lodash');
Add static login for fontend
2017-11-14 11:49:19 +01:00
module.exports = {
callback: async (ctx) => {
const provider = ctx.params.provider || 'local';
const params = ctx.request.body;
const access_token = ctx.query.access_token;
if (provider === 'local') {
// The identifier is required.
if (!params.identifier) {
ctx.status = 400;
return ctx.body = {
message: 'Please provide your username or your e-mail.'
};
}
// The password is required.
if (!params.password) {
ctx.status = 400;
return ctx.body = {
message: 'Please provide your password.'
};
}
const query = {};
// Check if the provided identifier is an email or not.
const isEmail = /^(([^<>()\[\]\\.,;:\s@"]+(\.[^<>()\[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/.test(params.identifier);
// Set the identifier to the appropriate query field.
if (isEmail) {
query.email = params.identifier;
} else {
query.username = params.identifier;
}
// Check if the user exists.
try {
let user = undefined;
if (query.email === 'test@strapi.io' && params.password === 'strapi') {
user = query;
user.password = '******';
user.username = 'Strapi user';
user.validPassword = true;
}
if (!user) {
ctx.status = 403;
return ctx.body = {
message: 'Identifier or password invalid.'
};
}
// The user never registered with the `local` provider.
if (!user.password) {
ctx.status = 400;
return ctx.body = {
message: 'This user never set a local password, please login thanks to the provider used during account creation.'
};
}
const { validPassword } = user;
if (!validPassword) {
ctx.status = 403;
return ctx.body = {
message: 'Identifier or password invalid.'
};
} else {
ctx.status = 200;
ctx.body = {
jwt: 'strapi-jwt',
user: user
};
}
} catch (err) {
ctx.status = 500;
return ctx.body = {
message: err.message
};
}
} else {
// Connect the user thanks to the third-party provider.
try {
const user = await strapi.api.user.services.grant.connect(provider, access_token);
ctx.redirect(strapi.config.frontendUrl || strapi.config.url + '?jwt=' + strapi.api.user.services.jwt.issue(user) + '&user=' + JSON.stringify(user));
} catch (err) {
ctx.status = 500;
return ctx.body = {
message: err.message
};
}
}
Register new user with hashed password
2017-11-16 14:12:03 +01:00
},
register: async (ctx) => {
const params = _.assign(ctx.request.body, {
provider: 'local'
});
// Password is required.
if (!params.password) {
ctx.status = 400;
return ctx.body = {
message: 'Invalid password field.'
};
}
// Throw an error if the password selected by the user
// contains more than two times the symbol '$'.
if (strapi.plugins['users-permissions'].services.user.isHashed(params.password)) {
ctx.status = 400;
return ctx.body = {
message: 'Your password can not contain more than three times the symbol `$`.'
};
}
// First, check if the user is the first one to register.
try {
const usersCount = await strapi.query('user', 'users-permissions').count();
// Check if the user is the first to register
if (usersCount === 0) {
params.admin = true;
}
const user = await strapi.query('user', 'users-permissions').create({
values: params
});
ctx.status = 200;
ctx.body = {
jwt: strapi.plugins['users-permissions'].services.jwt.issue(user),
user: user
};
} catch (err) {
ctx.status = 500;
return ctx.body = {
message: err.message
};
}
Add static login for fontend
2017-11-14 11:49:19 +01:00
}
};
Reference in New Issue Copy Permalink