diff --git a/packages/plugins/users-permissions/server/bootstrap/index.js b/packages/plugins/users-permissions/server/bootstrap/index.js index 96bbedeafd..b1455400a4 100644 --- a/packages/plugins/users-permissions/server/bootstrap/index.js +++ b/packages/plugins/users-permissions/server/bootstrap/index.js @@ -26,7 +26,6 @@ module.exports = async ({ strapi }) => { await getService('users-permissions').initialize(); - // TODO: adapt with new extension system if (!strapi.config.get('plugin.users-permissions.jwtSecret')) { const jwtSecret = uuid(); strapi.config.set('plugin.users-permissions.jwtSecret', jwtSecret); @@ -39,6 +38,9 @@ module.exports = async ({ strapi }) => { const initGrant = async pluginStore => { const grantConfig = { + defaults: { + prefix: '/api/connect', + }, email: { enabled: true, icon: 'envelope', @@ -48,7 +50,7 @@ const initGrant = async pluginStore => { icon: 'discord', key: '', secret: '', - callback: `${strapi.config.server.url}/auth/discord/callback`, + callback: `${strapi.config.server.url}/api/auth/discord/callback`, scope: ['identify', 'email'], }, facebook: { @@ -56,7 +58,7 @@ const initGrant = async pluginStore => { icon: 'facebook-square', key: '', secret: '', - callback: `${strapi.config.server.url}/auth/facebook/callback`, + callback: `${strapi.config.server.url}/api/auth/facebook/callback`, scope: ['email'], }, google: { @@ -64,7 +66,7 @@ const initGrant = async pluginStore => { icon: 'google', key: '', secret: '', - callback: `${strapi.config.server.url}/auth/google/callback`, + callback: `${strapi.config.server.url}/api/auth/google/callback`, scope: ['email'], }, github: { @@ -72,7 +74,7 @@ const initGrant = async pluginStore => { icon: 'github', key: '', secret: '', - callback: `${strapi.config.server.url}/auth/github/callback`, + callback: `${strapi.config.server.url}/api/auth/github/callback`, scope: ['user', 'user:email'], }, microsoft: { @@ -80,7 +82,7 @@ const initGrant = async pluginStore => { icon: 'windows', key: '', secret: '', - callback: `${strapi.config.server.url}/auth/microsoft/callback`, + callback: `${strapi.config.server.url}/api/auth/microsoft/callback`, scope: ['user.read'], }, twitter: { @@ -88,14 +90,14 @@ const initGrant = async pluginStore => { icon: 'twitter', key: '', secret: '', - callback: `${strapi.config.server.url}/auth/twitter/callback`, + callback: `${strapi.config.server.url}/api/auth/twitter/callback`, }, instagram: { enabled: false, icon: 'instagram', key: '', secret: '', - callback: `${strapi.config.server.url}/auth/instagram/callback`, + callback: `${strapi.config.server.url}/api/auth/instagram/callback`, scope: ['user_profile'], }, vk: { @@ -103,7 +105,7 @@ const initGrant = async pluginStore => { icon: 'vk', key: '', secret: '', - callback: `${strapi.config.server.url}/auth/vk/callback`, + callback: `${strapi.config.server.url}/api/auth/vk/callback`, scope: ['email'], }, twitch: { @@ -111,7 +113,7 @@ const initGrant = async pluginStore => { icon: 'twitch', key: '', secret: '', - callback: `${strapi.config.server.url}/auth/twitch/callback`, + callback: `${strapi.config.server.url}/api/auth/twitch/callback`, scope: ['user:read:email'], }, linkedin: { @@ -119,7 +121,7 @@ const initGrant = async pluginStore => { icon: 'linkedin', key: '', secret: '', - callback: `${strapi.config.server.url}/auth/linkedin/callback`, + callback: `${strapi.config.server.url}/api/auth/linkedin/callback`, scope: ['r_liteprofile', 'r_emailaddress'], }, cognito: { @@ -128,7 +130,7 @@ const initGrant = async pluginStore => { key: '', secret: '', subdomain: 'my.subdomain.com', - callback: `${strapi.config.server.url}/auth/cognito/callback`, + callback: `${strapi.config.server.url}/api/auth/cognito/callback`, scope: ['email', 'openid', 'profile'], }, reddit: { @@ -137,7 +139,7 @@ const initGrant = async pluginStore => { key: '', secret: '', state: true, - callback: `${strapi.config.server.url}/auth/reddit/callback`, + callback: `${strapi.config.server.url}/api/auth/reddit/callback`, scope: ['identity'], }, auth0: { @@ -146,7 +148,7 @@ const initGrant = async pluginStore => { key: '', secret: '', subdomain: 'my-tenant.eu', - callback: `${strapi.config.server.url}/auth/auth0/callback`, + callback: `${strapi.config.server.url}/api/auth/auth0/callback`, scope: ['openid', 'email', 'profile'], }, cas: { @@ -154,7 +156,7 @@ const initGrant = async pluginStore => { icon: 'book', key: '', secret: '', - callback: `${strapi.config.server.url}/auth/cas/callback`, + callback: `${strapi.config.server.url}/api/auth/cas/callback`, scope: ['openid email'], // scopes should be space delimited subdomain: 'my.subdomain.com/cas', }, diff --git a/packages/plugins/users-permissions/server/controllers/auth.js b/packages/plugins/users-permissions/server/controllers/auth.js index 7cb23a784f..02d7c21d56 100644 --- a/packages/plugins/users-permissions/server/controllers/auth.js +++ b/packages/plugins/users-permissions/server/controllers/auth.js @@ -234,7 +234,7 @@ module.exports = { .get(); const [requestPath] = ctx.request.url.split('?'); - const provider = requestPath.split('/')[2]; + const provider = requestPath.split('/connect/')[1].split('/')[0]; if (!_.get(grantConfig[provider], 'enabled')) { return ctx.badRequest(null, 'This provider is disabled.'); diff --git a/packages/plugins/users-permissions/server/index.js b/packages/plugins/users-permissions/server/index.js index 620fa43a2a..14629aa6ad 100644 --- a/packages/plugins/users-permissions/server/index.js +++ b/packages/plugins/users-permissions/server/index.js @@ -3,7 +3,7 @@ const register = require('./register'); const bootstrap = require('./bootstrap'); const contentTypes = require('./content-types'); -const policies = require('./policies'); +const middlewares = require('./middlewares'); const services = require('./services'); const routes = require('./routes'); const controllers = require('./controllers'); @@ -16,6 +16,6 @@ module.exports = () => ({ routes, controllers, contentTypes, - policies, + middlewares, services, }); diff --git a/packages/plugins/users-permissions/server/policies/index.js b/packages/plugins/users-permissions/server/middlewares/index.js similarity index 100% rename from packages/plugins/users-permissions/server/policies/index.js rename to packages/plugins/users-permissions/server/middlewares/index.js diff --git a/packages/plugins/users-permissions/server/policies/rateLimit.js b/packages/plugins/users-permissions/server/middlewares/rateLimit.js similarity index 100% rename from packages/plugins/users-permissions/server/policies/rateLimit.js rename to packages/plugins/users-permissions/server/middlewares/rateLimit.js diff --git a/packages/plugins/users-permissions/server/routes/content-api/auth.js b/packages/plugins/users-permissions/server/routes/content-api/auth.js index 43a09dca5b..fce4d4c2dc 100644 --- a/packages/plugins/users-permissions/server/routes/content-api/auth.js +++ b/packages/plugins/users-permissions/server/routes/content-api/auth.js @@ -1,12 +1,14 @@ 'use strict'; +const { rateLimit } = require('../../middlewares'); + module.exports = [ { method: 'GET', path: '/connect/(.*)', handler: 'auth.connect', config: { - policies: ['plugin::users-permissions.rateLimit'], + middlewares: [rateLimit], prefix: '', }, }, @@ -15,7 +17,7 @@ module.exports = [ path: '/auth/local', handler: 'auth.callback', config: { - policies: ['plugin::users-permissions.rateLimit'], + middlewares: [rateLimit], prefix: '', }, }, @@ -24,7 +26,7 @@ module.exports = [ path: '/auth/local/register', handler: 'auth.register', config: { - policies: ['plugin::users-permissions.rateLimit'], + middlewares: [rateLimit], prefix: '', }, }, @@ -41,7 +43,7 @@ module.exports = [ path: '/auth/forgot-password', handler: 'auth.forgotPassword', config: { - policies: ['plugin::users-permissions.rateLimit'], + middlewares: [rateLimit], prefix: '', }, }, @@ -50,7 +52,7 @@ module.exports = [ path: '/auth/reset-password', handler: 'auth.resetPassword', config: { - policies: ['plugin::users-permissions.rateLimit'], + middlewares: [rateLimit], prefix: '', }, }, diff --git a/packages/plugins/users-permissions/server/services/providers.js b/packages/plugins/users-permissions/server/services/providers.js index e1c364331c..506297a944 100644 --- a/packages/plugins/users-permissions/server/services/providers.js +++ b/packages/plugins/users-permissions/server/services/providers.js @@ -519,14 +519,16 @@ module.exports = ({ strapi }) => { return reject([null, err]); } + const email = _.toLower(profile.email); + // We need at least the mail. - if (!profile.email) { + if (!email) { return reject([null, { message: 'Email was not available.' }]); } try { const users = await strapi.query('plugin::users-permissions.user').findMany({ - where: { email: profile.email }, + where: { email }, }); const advanced = await strapi @@ -564,11 +566,13 @@ module.exports = ({ strapi }) => { .findOne({ where: { type: advanced.default_role } }); // Create the new user. - const params = _.assign(profile, { + const params = { + ...profile, + email, // overwrite with lowercased email provider, role: defaultRole.id, confirmed: true, - }); + }; const createdUser = await strapi .query('plugin::users-permissions.user') @@ -583,7 +587,7 @@ module.exports = ({ strapi }) => { }; const buildRedirectUri = (provider = '') => - `${getAbsoluteServerUrl(strapi.config)}/connect/${provider}/callback`; + `${getAbsoluteServerUrl(strapi.config)}/api/connect/${provider}/callback`; return { connect,