3.8 KiB
Authentication
Register a new user.
This route lets you create new users.
Usage
$.ajax({
type: 'POST',
url: 'http://localhost:1337/auth/local/register',
data: {
username: 'Strapi user',
email: 'user@strapi.io',
password: 'strapiPassword'
},
done: function(auth) {
console.log('Well done!');
console.log('User profile', auth.user);
console.log('User token', auth.jwt);
},
fail: function(error) {
console.log('An error occurred:', error);
}
});
Login.
This route lets you log your users in by getting an authentication token.
Local
- The
identifierparam can either be an email or a username.
$.ajax({
type: 'POST',
url: 'http://localhost:1337/auth/local',
data: {
identifier: 'user@strapi.io',
password: 'strapiPassword'
},
done: function(auth) {
console.log('Well done!');
console.log('User profile', auth.user);
console.log('User token', auth.jwt);
},
fail: function(error) {
console.log('An error occurred:', error);
}
});
Providers
Thanks to Grant and Purest, you can easily use OAuth and OAuth2 providers to enable authentication in your application. By default, Strapi comes with four providers:
- Github
- Linkedin2 (Oauth2 Provider for Linkedin)
To use the providers authentication, set your credentials in
./plugins/users-permissions/config/environments/development/grant.json.
Redirect your user to: GET /connect/:provider. eg: GET /connect/facebook
After his approval, he will be redirected to /auth/:provider/callback. The jwt and user data will be available in the body response.
Response payload:
{
"user": {},
"jwt": ""
}
Use your token to be identified as a user.
By default, each API request is identified as guest role (see permissions of guest's role in your admin dashboard). To make a request as a user, you have to set the Authorization token in your request headers. You receive a 401 error if you are not authorized to make this request or if your authorization header is not correct.
Usage
- The
tokenvariable is thedata.jwtreceived when login in or registering.
$.ajax({
type: 'GET',
url: 'http://localhost:1337/article',
headers: {
Authorization: `Bearer ${token}`
},
done: function(data) {
console.log('Your data', data);
},
fail: function(error) {
console.log('An error occurred:', error);
}
});
Send forgot password request.
This action sends an email to a user with the link of you reset password page. This link contains an URL param code which is required to reset user password.
Usage
emailis your user email.urlis the url link that user will receive.
$.ajax({
type: 'POST',
url: 'http://localhost:1337/auth/forgot-password',
data: {
email: 'user@strapi.io',
url: 'http://mon-site.com/rest-password'
},
done: function() {
console.log('Your user received an email');
},
fail: function(error) {
console.log('An error occurred:', error);
}
});
Received link url format http://mon-site.com/rest-password?code=privateCode
Reset user password.
This action will reset the user password.
Usage
codeis the url params received from the email link (see forgot password)
$.ajax({
type: 'POST',
url: 'http://localhost:1337/auth/reset-password',
data: {
code: 'privateCode',
password: 'myNewPassword',
passwordConfirmation: 'myNewPassword'
},
done: function() {
console.log('Your user password is reset');
},
fail: function(error) {
console.log('An error occurred:', error);
}
});