Hello! I’d like to extend the strapi users-permissions plugin directly. Not route-specific, just adding my own checks and logic to it.
I’ve got the file: src/extensions/users-permissions/strapi-server.js. It has something like:
module.exports = async (ctx, next) => {
if (blah) {
ctx.state.userType = 'STRAPI';
return await next();
}
// more similar logic
}
Currently I’m getting the error that it cannot read userType of undefined… but that would mean that ctx.state is undefined. Maybe I’ve missed a step somewhere in my migration from v3 to v4.
I appreciate the community’s expertise, assistance, and time!
This topic has been created from a Discord post (1238957832569749595) to give it more visibility.
It will be on Read-Only mode here.
Join the conversation on Discord
When I replace the file contents with just an empty module.exports it gives me the following error:
TypeError: Cannot read properties of undefined (reading ││ 'contentTypes')
This is what i mean by “empty module.exports”:
module.exports = (plugin) => {
console.log('plugin', plugin);
};
The plugin does print, and the error proceeds.
I tried this because it more closely matches what’re on the official docs.
If it’s based on v3 it’s not going to be compatible, this code you have looks like middleware, so question is you want to append middleware to user permissions?
I would be open to that. What might that approach look like? Is there anything special/different I’d have to do besides just creating a middleware and adding it to the middlewares.js file?
From the description of the question I have no clue what you want to do
Extending the users-permissions plugin, so whenever its ran (which I think is every route?) my additional checks and logic would run
That’s prolly where you want to start
There is api routes for user-permissions
The issue I’ve found with the current docs is that it only talks about adding controllers or routes to plugins – but in our v3 project we didn’t do any of that – so it’s thrown a kind of wrench in my understanding
If you want your code to run on that I’ve would suggest a middleware
if you want to inject some code in to more low level stuff, I’ve would suggest reding extensions, and then you can do your extensions via inspecting code on GitHub
As I say I have no clue what type of check you want to do so it’s hard to tell you best place
In our v3 project we extended the user-permissions plugin to check if there was a user authenticated (ctx.state.user), if so we’d add our own attributes. Additionally, if there wasn’t a user or an authorization header in ctx, then we’d try to get the jwt token from ctx and fetch the authenticated user.
Well I would say you can live with middleware
I think if it’s an authenticated route it always have ctx.auth.user
Authenticated route – is there default functionality for this? e.g. anything with /auth will call Strapi backend logic to load and compare jwts