* set email validator to lowercase
Yup .lowercase() converts the string to lowercase which should be done in all instances of email across the application.
Fixes bug where users created inside Strapi admin panel end up with mixed case emails in database.
Signed-off-by: bglidwell <sintex+github@gmail.com>
* match front-end profile validation to backend
Removed .min(5) from backend validation due to redundancy with .email() check
Signed-off-by: bglidwell <sintex+github@gmail.com>
* cleanup redundant email.toLowerCase()
Signed-off-by: Bobby Glidwell <sintex+github@gmail.com>
* Revert "cleanup redundant email.toLowerCase()"
This reverts commit 4565054b298e4518e4ddf41ca602c5960bd9cc28.
Signed-off-by: Bobby Glidwell <sintex+github@gmail.com>
* fix email case in admin user controller
Signed-off-by: Bobby Glidwell <sintex+github@gmail.com>
* fix email case in api user controller
Signed-off-by: Bobby Glidwell <sintex+github@gmail.com>
* fix for graphql tests
Signed-off-by: Bobby Glidwell <sintex+github@gmail.com>
Pull request https://github.com/strapi/strapi/pull/6072 aimed to add security by preventing creation of user with email confirmation enabled. By limiting user params to 'username', 'email', 'password', the current code do not allow adding custom field to user entity during registration which may breaks existing applications that have added required custom fields into user model .
Signed-off-by: François Rosato <francois.rosato@ekino.com>
* add possibility to use strapi on a non-root base url path
* fix documentation password form
* use server.url and admin.url in config
Signed-off-by: Pierre Noël <pierre.noel@strapi.io>
* update doc proxy
Signed-off-by: Pierre Noël <pierre.noel@strapi.io>
* move server.url location in config
Signed-off-by: Pierre Noël <pierre.noel@strapi.io>
* refacto
Signed-off-by: Pierre Noël <pierre.noel@strapi.io>
* add possibility to put relative urls
Signed-off-by: Pierre Noël <pierre.noel@strapi.io>
* allow '/' as an admin url + refacto
Signed-off-by: Pierre Noël <pierre.noel@strapi.io>
* update yarn.lock
Signed-off-by: Pierre Noël <petersg83@gmail.com>
* refacto
Signed-off-by: Pierre Noël <petersg83@gmail.com>
* Remove default proxy option
Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com>
* fix github provider
Signed-off-by: Pierre Noël <petersg83@gmail.com>
* fix github login
Signed-off-by: Pierre Noël <petersg83@gmail.com>
* Remove files that should be here
Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com>
Co-authored-by: Pierre Noël <pierre.noel@strapi.io>
Co-authored-by: Alexandre Bodin <bodin.alex@gmail.com>
* Add POST route /auth/send-email-confirmation to call sendEmailConfirmation function of plugin users-permissions
* Add documentation about /auth/send-email-confirmation POST route
* Added documentation in docs\3.0.0-beta.x\plugins\users-permissions about email confirmation function
* Update code example for send-email-confirmation function
- set security defaults for development mode that are standard
- refactor error messages to work without ctx.request.admin
- remove mask middleware and add a sanitization layer to the core-api to
hide private fileds
