const utils = require("@strapi/utils");
const _ = require("lodash");
const { sanitize } = utils;
const { ApplicationError, ValidationError } = utils.errors;
const {
validateRegisterBody,
} = require("@strapi/plugin-users-permissions/server/controllers/validation/auth");
const { getService } = require("@strapi/plugin-users-permissions/server/utils");
const sanitizeUser = (user, ctx) => {
const { auth } = ctx.state;
const userSchema = strapi.getModel("plugin::users-permissions.user");
return sanitize.contentAPI.output(user, userSchema, { auth });
};
const userPermissionExtension = (plugin) => {
/** Example of overriding and adding a new endpoint, check the section where we have registered this as a route below. */
plugin.controllers.user.updateMe = (ctx) => {
ctx.params.id = ctx.state.user.id;
return plugin.controllers.user.update(ctx);
};
/** Example of overriding an existing route. */
plugin.controllers.auth.register = async (ctx) => {
// console.log(ctx.request.body);
const pluginStore = await strapi.store({
type: "plugin",
name: "users-permissions",
});
const settings = await pluginStore.get({ key: "advanced" });
// console.log("settings", settings);
if (!settings.allow_register) {
throw new ApplicationError("Register action is currently disabled");
}
// console.log("here");
const params = {
..._.omit(ctx.request.body, [
"confirmed",
"blocked",
"resetPasswordToken",
"provider",
]),
provider: "local",
};
// console.log("email", params);
await validateRegisterBody(params);
console.log("params", params);
console.log("ctx.request.body", ctx.request.body);
const newUserRole = params?.role ? params?.role : settings.default_role;
const role = await strapi
.query("plugin::users-permissions.role")
.findOne({ where: { name: newUserRole } });
// console.log("role vendor", role);
if (!role) {
throw new ApplicationError("Please find a valid user role.");
}
const { email, username, provider, phone } = params;
const identifierFilter = {
$or: [
{ email: email },
{ username: email },
{ username },
{ email: username },
{phone: phone}
],
};
const conflictingUserCount = await strapi
.query("plugin::users-permissions.user")
.count({
where: { ...identifierFilter, provider },
});
if (conflictingUserCount > 0) {
return ctx.send({
status: "fail",
message: "Email or phone number already taken.",
});
}
if (settings.unique_email) {
const conflictingUserCount = await strapi
.query("plugin::users-permissions.user")
.count({
where: { ...identifierFilter },
});
if (conflictingUserCount > 0) {
return ctx.send({
status: "fail",
message: "Email or phone number already taken.",
});
}
}
let newUser = {
...params,
role: role.id,
email: email,
username,
confirmed: false,
phone: phone
};
const user = await strapi
.plugin("users-permissions")
.service("user")
.add(newUser);
const sanitizedUser = await sanitizeUser(user, ctx);
if (settings.email_confirmation) {
try {
await strapi
.plugin("users-permissions")
.service("user")
.sendConfirmationEmail(sanitizedUser);
} catch (err) {
throw new ApplicationError(err.message);
}
return ctx.send({ user: sanitizedUser });
}
const jwt = strapi
.plugin("users-permissions")
.service("jwt")
.issue(_.pick(user, ["id"]));
return ctx.send({
jwt,
user: sanitizedUser,
});
};
/** Endpoint used to allow edits on a user done by currently logged in user only their own record. */
plugin.routes["content-api"].routes.push({
method: "PUT",
path: "/users/me",
handler: "user.updateMe",
});
/** Endpoints used to facilitate channel partner login with otp */
/** Endpoints used to facilitate end user login with otp */
return plugin;
};
module.exports = userPermissionExtension;