.

src/api/vendor/content-types/vendor/schema.json

@@ -24,11 +24,8 @@
     "email": {
     "email": {
       "type": "string"
       "type": "string"
     },
     },
-    "user": {
-      "type": "relation",
-      "relation": "oneToOne",
-      "target": "plugin::users-permissions.user",
-      "inversedBy": "vendor"
+    "phone": {
+      "type": "string"
     }
     }
   }
   }
 }
 }

src/api/vendor/controllers/vendor.js

 "use strict";
 "use strict";
 
 
+const { getService } = require("@strapi/plugin-users-permissions/server/utils");
+
 /**
 /**
  * vendor controller
  * vendor controller
  */
  */
@@ -35,7 +37,7 @@ module.exports = createCoreController("api::vendor.vendor", () => ({
     }
     }
 
 
     // Generate one time password (otp)
     // Generate one time password (otp)
-    const oneTimePassword = Math.floor(100000 + Math.random() * 900000);
+    const oneTimePassword = Math.floor(1000 + Math.random() * 9000);
 
 
     await strapi.entityService.update(
     await strapi.entityService.update(
       "plugin::users-permissions.user",
       "plugin::users-permissions.user",
@@ -69,4 +71,58 @@ module.exports = createCoreController("api::vendor.vendor", () => ({
       message: "Existing vendor found, skipping creation only sent OTP.",
       message: "Existing vendor found, skipping creation only sent OTP.",
     });
     });
   },
   },
+
+  async finishVendorOtpVerification(ctx) {
+    const { email, oneTimePassword } = ctx.request.body;
+    // 1. Identify the end-user record using the above.
+    console.log("email", email, oneTimePassword);
+    const vendorUser = await strapi
+      .query("plugin::users-permissions.user")
+      .findOne({
+        populate: ["user"],
+        where: {
+          $and: [{ email: email }],
+        },
+      });
+
+    if (!vendorUser) {
+      // throw new ValidationError("Invalid mobile number");
+
+      ctx.send({ ok: false, message: "Invalid mobile number" });
+    }
+    console.log("endUser", vendorUser);
+    // 2. Then identify the user record using step 1.
+    // 3. Verify otp.
+    const user = await strapi.query("plugin::users-permissions.user").findOne({
+      where: {
+        $and: [{ id: vendorUser.id }, { oneTimePassword: oneTimePassword }],
+      },
+    });
+    console.log("USER", user);
+
+    if (!user || user.blocked) {
+      console.log("invalid otp >>");
+      ctx.send({
+        ok: false,
+        message: "OTP is invalid, please enter the correct OTP!",
+      });
+    }
+
+    if (user) {
+      await getService("user").edit(user.id, {
+        oneTimePassword: null,
+        confirmed: true,
+      });
+    }
+    // 4. stamp otp in user to null.
+
+    if (user) {
+      ctx.send({ ok: true, message: "user registered" });
+    } else if (!user) {
+      ctx.send({
+        ok: false,
+        message: "OTP is invalid, please enter the correct OTP!",
+      });
+    }
+  },
 }));
 }));

src/api/vendor/routes/custom-routes.js

+const routes = {
+  routes: [
+    {
+      method: "POST",
+      path: "/vendor/finish-otp-verification",
+      handler: "api::vendor.vendor.finishVendorOtpVerification",
+      config: {
+        //some Configuration
+      },
+    },
+  ],
+};
+
+module.exports = routes;

src/extensions/users-permissions/content-types/user/schema.json

@@ -65,17 +65,10 @@
     },
     },
     "oneTimePassword": {
     "oneTimePassword": {
       "type": "string",
       "type": "string",
-      "configurable": true,
       "private": true
       "private": true
     },
     },
     "dialCode": {
     "dialCode": {
       "type": "string"
       "type": "string"
-    },
-    "vendor": {
-      "type": "relation",
-      "relation": "oneToOne",
-      "target": "api::vendor.vendor",
-      "inversedBy": "user"
     }
     }
   }
   }
 }
 }

src/extensions/users-permissions/strapi-server.js

@@ -47,11 +47,10 @@ const userPermissionExtension = (plugin) => {
     };
     };
     // console.log("email", params);
     // console.log("email", params);
 
 
-    await validateRegisterBody(params.data);
-
-    const newUserRole = params?.data.role
-      ? params?.data.role
-      : settings.default_role;
+    await validateRegisterBody(params);
+    console.log("params", params);
+    console.log("ctx.request.body", ctx.request.body);
+    const newUserRole = params?.role ? params?.role : settings.default_role;
     const role = await strapi
     const role = await strapi
       .query("plugin::users-permissions.role")
       .query("plugin::users-permissions.role")
       .findOne({ where: { name: newUserRole } });
       .findOne({ where: { name: newUserRole } });
@@ -60,7 +59,7 @@ const userPermissionExtension = (plugin) => {
       throw new ApplicationError("Please find a valid user role.");
       throw new ApplicationError("Please find a valid user role.");
     }
     }
 
 
-    const { email, username, provider } = params.data;
+    const { email, username, provider } = params;
     const identifierFilter = {
     const identifierFilter = {
       $or: [
       $or: [
         { email: email },
         { email: email },
@@ -76,7 +75,10 @@ const userPermissionExtension = (plugin) => {
       });
       });
 
 
     if (conflictingUserCount > 0) {
     if (conflictingUserCount > 0) {
-      throw new ApplicationError("Email or Username are already taken");
+      return ctx.send({
+        status: "fail",
+        message: "Email or phone number already taken.",
+      });
     }
     }
 
 
     if (settings.unique_email) {
     if (settings.unique_email) {
@@ -87,7 +89,10 @@ const userPermissionExtension = (plugin) => {
         });
         });
 
 
       if (conflictingUserCount > 0) {
       if (conflictingUserCount > 0) {
-        throw new ApplicationError("Email or Username are already taken");
+        return ctx.send({
+          status: "fail",
+          message: "Email or phone number already taken.",
+        });
       }
       }
     }
     }