Right now users login to my writing platform Strapi app via a Nuxt.js frontend, using the /auth/local endpoint. But I recently I found that the login page load is getting really slow, up to 20s! Checking the network, I found that the payload from the /auth/local endpoint is over-fetching data that I don’t need - including all the relational data posts, comments, notifications that are related to each user.
I noticed there isn’t any controllers folder/files under the /extensions/users-permissions folder. How do I create a custom controller, or at least edit the /auth/local endpoint so that the it only just authenticates with username and password without fetching the any relation fields data?
I too faced similar problem so, I extended the Auth.js file
Steps you need to take
create this directory structure /extensions/users-permissions/controllers/Auth.js
Go here and copy paste the whole file
On line 71 you will see a fetch query for user
const user = await strapi.query('user', 'users-permissions').findOne(query);
replace it with
const user = await strapi.query('user', 'users-permissions').findOne(query, []);
Empty array means it won’t populate any relation fields, if you want any relations fields to be populate, add their fieldName as string inside the array
Just remember while updating to latest version of strapi, read migration guide properly and If there’s anything related to user-permissions plugins, take a moment and recheck or rewrite your extended code.
Btw, to ensure that the versions are correct, I went into my own app’s node_modules folder and copied/paste the Auth.js code. Wasn’t so sure if the Github repo was identical. (For the benefit of others who might refer to this in future.)
Hi Jasonleow,
I recently had the same problem, and I found out that there’s also another method to do it without having to customize the code. If you install the graphql extension, you can send a POST request to the “/graphql” endpoint with a JSON body that looks like this:
This will only get the token, username and email of the user. Just be aware that both data and errors are sent a little bit differently then the REST APIs, so your application code should be slightly changed accordingly.