[details=“System Information”]
- Strapi Version V4:
- Operating System Linux:
- Database postgresql:
- Node Version 16.13.0:
file path → /src/extensions/users-permissions)/strapi-server.js
‘use strict’;
const _ = require(‘lodash’);
const jwt = require(‘jsonwebtoken’);
const utils = require(’@strapi/utils’);
const { sanitize } = utils;
const { ApplicationError, ValidationError } = utils.errors;
const emailRegExp =
/^(([^<>()[]\.,;:\s@"]+(.[^<>()[]\.,;:\s@"]+)*)|(".+"))@(([[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}])|(([a-zA-Z-0-9]+.)+[a-zA-Z]{2,}))$/;
const sanitizeUser = (user, ctx) => {
const { auth } = ctx.state;
const userSchema = strapi.getModel(‘plugin::users-permissions.user’);
return sanitize.contentAPI.output(user, userSchema, { auth });
};
// validation
const { yup, validateYupSchema } = require(’@strapi/utils’);
const registerBodySchema = yup.object().shape({
email: yup.string().email().required(),
password: yup.string().required(),
});
const validateRegisterBody = validateYupSchema(registerBodySchema);
const getService = (name) => {
return strapi.plugin(‘users-permissions’).service(name);
};
module.exports = (plugin) => {
// JWT issuer
const issue = (payload, jwtOptions = {}) => {
_.defaults(jwtOptions, strapi.config.get(‘plugin.users-permissions.jwt’));
return jwt.sign(
_.clone(payload.toJSON ? payload.toJSON() : payload),
strapi.config.get(‘plugin.users-permissions.jwtSecret’),
jwtOptions
);
};
// Register controller override
plugin.controllers.auth.register = async (ctx) => {
const pluginStore = await strapi.store({
type: ‘plugin’,
name: ‘users-permissions’,
});
const settings = await pluginStore.get({
key: 'advanced',
});
if (!settings.allow_register) {
throw new ApplicationError('Register action is currently disabled');
}
const params = {
..._.omit(ctx.request.body, [
'confirmed',
'confirmationToken',
'resetPasswordToken',
]),
provider: 'local',
};
await validateRegisterBody(params);
// Throw an error if the password selected by the user
// contains more than three times the symbol '$'.
if (getService('user').isHashed(params.password)) {
throw new ValidationError(
'Your password cannot contain more than three times the symbol `$`'
);
}
const role = await strapi
.query('plugin::users-permissions.role')
.findOne({ where: { type: settings.default_role } });
if (!role) {
throw new ApplicationError('Impossible to find the default role');
}
const isUsernameExist = (
await strapi.db.query('plugin::users-permissions.user').findOne({
where: {
username: {
$eq: params.username,
},
},
})
)?.username;
if (isUsernameExist) {
throw new ApplicationError('Username is already taken');
}
// Check if the provided email is valid or not.
const isEmail = emailRegExp.test(params.email);
if (isEmail) {
params.email = params.email.toLowerCase();
} else {
throw new ValidationError('Please provide a valid email address');
}
params.role = role.id;
const user = await strapi.query('plugin::users-permissions.user').findOne({
where: { email: params.email },
});
if (user && user.provider === params.provider) {
throw new ApplicationError('Email is already taken');
}
if (user && user.provider !== params.provider && settings.unique_email) {
throw new ApplicationError('Email is already taken');
}
try {
if (!settings.email_confirmation) {
params.confirmed = true;
}
const user = await getService('user').add(params);
/**
custom logic start
Add here your custom logic you want during registration process
custom logic end
*/
const sanitizedUser = await sanitizeUser(user, ctx);
if (settings.email_confirmation) {
try {
await getService('user').sendConfirmationEmail(sanitizedUser);
} catch (err) {
throw new ApplicationError(err.message);
}
return ctx.send({ user: sanitizedUser });
}
const jwt = getService('jwt').issue(_.pick(user, ['id']));
return ctx.send({
jwt,
user: sanitizedUser,
});
} catch (err) {
if (_.includes(err.message, 'username')) {
throw new ApplicationError('Username already taken');
} else if (_.includes(err.message, 'email')) {
throw new ApplicationError('Email already taken');
} else {
strapi.log.error(err);
throw new ApplicationError('An error occurred during account creation');
}
}
};
plugin.routes[‘content-api’].routes.unshift({
method: ‘POST’,
path: ‘/auth/local/register’,
handler: ‘auth.register’,
config: {
middlewares: [‘plugin::users-permissions.rateLimit’],
prefix: ‘’,
},
});
return plugin;
};