2020-05-11 17:09:48 +02:00
|
|
|
'use strict';
|
|
|
|
|
|
|
|
|
|
const passport = require('koa-passport');
|
|
|
|
|
const compose = require('koa-compose');
|
|
|
|
|
|
2020-05-18 20:08:03 +02:00
|
|
|
const {
|
|
|
|
|
validateRegistrationInput,
|
2020-05-22 11:15:06 +02:00
|
|
|
validateAdminRegistrationInput,
|
2020-05-18 20:08:03 +02:00
|
|
|
validateRegistrationInfoQuery,
|
2020-05-22 13:45:58 +02:00
|
|
|
validateForgotPasswordInput,
|
2020-05-22 13:58:58 +02:00
|
|
|
validateResetPasswordInput,
|
2020-05-18 20:08:03 +02:00
|
|
|
} = require('../validation/authentication');
|
2020-05-18 17:16:49 +02:00
|
|
|
|
2020-05-12 13:21:26 +02:00
|
|
|
module.exports = {
|
|
|
|
|
login: compose([
|
|
|
|
|
(ctx, next) => {
|
|
|
|
|
return passport.authenticate('local', { session: false }, (err, user, info) => {
|
|
|
|
|
if (err) {
|
|
|
|
|
return ctx.badImplementation();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!user) {
|
2020-05-12 14:57:24 +02:00
|
|
|
return ctx.badRequest(info.message);
|
2020-05-12 13:21:26 +02:00
|
|
|
}
|
|
|
|
|
|
2020-05-11 17:09:48 +02:00
|
|
|
ctx.state.user = user;
|
|
|
|
|
return next();
|
2020-05-12 13:21:26 +02:00
|
|
|
})(ctx, next);
|
|
|
|
|
},
|
|
|
|
|
ctx => {
|
|
|
|
|
const { user } = ctx.state;
|
|
|
|
|
|
|
|
|
|
ctx.body = {
|
|
|
|
|
data: {
|
2020-05-14 11:06:16 +02:00
|
|
|
token: strapi.admin.services.token.createJwtToken(user),
|
2020-05-13 11:46:52 +02:00
|
|
|
user: strapi.admin.services.user.sanitizeUser(ctx.state.user), // TODO: fetch more detailed info
|
2020-05-12 13:21:26 +02:00
|
|
|
},
|
|
|
|
|
};
|
|
|
|
|
},
|
|
|
|
|
]),
|
|
|
|
|
|
|
|
|
|
renewToken(ctx) {
|
|
|
|
|
const { token } = ctx.request.body;
|
|
|
|
|
|
|
|
|
|
if (token === undefined) {
|
2020-05-12 20:46:48 +02:00
|
|
|
return ctx.badRequest('Missing token');
|
2020-05-12 13:21:26 +02:00
|
|
|
}
|
|
|
|
|
|
2020-05-14 11:06:16 +02:00
|
|
|
const { isValid, payload } = strapi.admin.services.token.decodeJwtToken(token);
|
2020-05-12 13:21:26 +02:00
|
|
|
|
|
|
|
|
if (!isValid) {
|
2020-05-12 20:46:48 +02:00
|
|
|
return ctx.badRequest('Invalid token');
|
2020-05-12 13:21:26 +02:00
|
|
|
}
|
2020-05-11 17:09:48 +02:00
|
|
|
|
|
|
|
|
ctx.body = {
|
|
|
|
|
data: {
|
2020-05-14 11:06:16 +02:00
|
|
|
token: strapi.admin.services.token.createJwtToken(payload.id),
|
2020-05-11 17:09:48 +02:00
|
|
|
},
|
|
|
|
|
};
|
|
|
|
|
},
|
2020-05-18 16:07:37 +02:00
|
|
|
|
|
|
|
|
async registrationInfo(ctx) {
|
2020-05-18 20:08:03 +02:00
|
|
|
try {
|
|
|
|
|
await validateRegistrationInfoQuery(ctx.request.query);
|
|
|
|
|
} catch (err) {
|
|
|
|
|
return ctx.badRequest('QueryError', err);
|
2020-05-18 16:07:37 +02:00
|
|
|
}
|
|
|
|
|
|
2020-05-18 20:08:03 +02:00
|
|
|
const { registrationToken } = ctx.request.query;
|
|
|
|
|
|
2020-05-18 16:07:37 +02:00
|
|
|
const registrationInfo = await strapi.admin.services.user.findRegistrationInfo(
|
|
|
|
|
registrationToken
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
if (!registrationInfo) {
|
|
|
|
|
return ctx.badRequest('Invalid registrationToken');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ctx.body = { data: registrationInfo };
|
|
|
|
|
},
|
2020-05-18 17:16:49 +02:00
|
|
|
|
|
|
|
|
async register(ctx) {
|
|
|
|
|
const input = ctx.request.body;
|
|
|
|
|
|
|
|
|
|
try {
|
|
|
|
|
await validateRegistrationInput(input);
|
|
|
|
|
} catch (err) {
|
|
|
|
|
return ctx.badRequest('ValidationError', err);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const user = await strapi.admin.services.user.register(input);
|
|
|
|
|
|
|
|
|
|
ctx.body = {
|
|
|
|
|
data: {
|
|
|
|
|
token: strapi.admin.services.token.createJwtToken(user),
|
|
|
|
|
user: strapi.admin.services.user.sanitizeUser(user),
|
|
|
|
|
},
|
|
|
|
|
};
|
|
|
|
|
},
|
2020-05-22 11:15:06 +02:00
|
|
|
|
|
|
|
|
async registerAdmin(ctx) {
|
|
|
|
|
const input = ctx.request.body;
|
|
|
|
|
|
|
|
|
|
try {
|
|
|
|
|
await validateAdminRegistrationInput(input);
|
|
|
|
|
} catch (err) {
|
|
|
|
|
return ctx.badRequest('ValidationError', err);
|
|
|
|
|
}
|
|
|
|
|
|
2020-05-22 16:09:37 +02:00
|
|
|
const hasAdmin = await strapi.admin.services.user.exists();
|
2020-05-22 11:15:06 +02:00
|
|
|
|
|
|
|
|
if (hasAdmin) {
|
|
|
|
|
return ctx.badRequest('You cannot register a new super admin');
|
|
|
|
|
}
|
|
|
|
|
|
2020-06-18 11:40:50 +02:00
|
|
|
const superAdminRole = await strapi.admin.services.role.getSuperAdmin();
|
2020-06-12 18:42:07 +02:00
|
|
|
|
2020-05-22 11:15:06 +02:00
|
|
|
const user = await strapi.admin.services.user.create({
|
|
|
|
|
...input,
|
|
|
|
|
registrationToken: null,
|
|
|
|
|
isActive: true,
|
2020-06-18 11:40:50 +02:00
|
|
|
roles: superAdminRole ? [superAdminRole.id] : [],
|
2020-05-22 11:15:06 +02:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
ctx.body = {
|
|
|
|
|
data: {
|
|
|
|
|
token: strapi.admin.services.token.createJwtToken(user),
|
|
|
|
|
user: strapi.admin.services.user.sanitizeUser(user),
|
|
|
|
|
},
|
|
|
|
|
};
|
|
|
|
|
},
|
2020-05-22 13:45:58 +02:00
|
|
|
|
|
|
|
|
async forgotPassword(ctx) {
|
|
|
|
|
const input = ctx.request.body;
|
|
|
|
|
|
|
|
|
|
try {
|
|
|
|
|
await validateForgotPasswordInput(input);
|
|
|
|
|
} catch (err) {
|
|
|
|
|
return ctx.badRequest('ValidationError', err);
|
|
|
|
|
}
|
|
|
|
|
|
2020-05-22 16:01:34 +02:00
|
|
|
strapi.admin.services.auth.forgotPassword(input);
|
2020-05-22 13:45:58 +02:00
|
|
|
|
|
|
|
|
ctx.status = 204;
|
|
|
|
|
},
|
2020-05-22 13:58:58 +02:00
|
|
|
|
|
|
|
|
async resetPassword(ctx) {
|
|
|
|
|
const input = ctx.request.body;
|
|
|
|
|
|
|
|
|
|
try {
|
|
|
|
|
await validateResetPasswordInput(input);
|
|
|
|
|
} catch (err) {
|
|
|
|
|
return ctx.badRequest('ValidationError', err);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const user = await strapi.admin.services.auth.resetPassword(input);
|
|
|
|
|
|
|
|
|
|
ctx.body = {
|
|
|
|
|
data: {
|
|
|
|
|
token: strapi.admin.services.token.createJwtToken(user),
|
|
|
|
|
user: strapi.admin.services.user.sanitizeUser(user),
|
|
|
|
|
},
|
|
|
|
|
};
|
|
|
|
|
},
|
2020-05-11 17:09:48 +02:00
|
|
|
};
|
