Fix infinite login

packages/strapi-plugin-users-permissions/config/policies/permissions.js

@@ -3,9 +3,9 @@ module.exports = async (ctx, next) => {
 
   if (ctx.request && ctx.request.header && ctx.request.header.authorization) {
     try {
-      const token = await strapi.plugins['users-permissions'].services.jwt.getToken(ctx);
+      const { _id, id } = await strapi.plugins['users-permissions'].services.jwt.getToken(ctx);
 
-      ctx.state.user = await strapi.query('user', 'users-permissions').findOne({ _id, id } = token, ['role'])
+      ctx.state.user = await strapi.query('user', 'users-permissions').findOne({ _id, id }, ['role']);
     } catch (err) {
       return ctx.unauthorized(err);
     }

packages/strapi-plugin-users-permissions/config/queries/mongoose.js

@@ -23,7 +23,7 @@ module.exports = {
     } else if (params.id) {
       delete params.id;
     }
-
+    
     return this
       .findOne(params)
       .populate(populate || this.associations.map(x => x.alias).join(' '));

packages/strapi-plugin-users-permissions/controllers/User.js

@@ -39,7 +39,7 @@ module.exports = {
     if (!user) {
       return ctx.badRequest(null, [{ messages: [{ id: 'No authorization header was found' }] }]);
     }
-    
+
     const data = _.omit(user.toJSON ? user.toJSON() : user, ['password', 'resetPasswordToken']);
 
     // Send 200 `ok`