Overriding the auth controller with Strapi v4

What is the correct way to override or extend an auth.js controller in Strapi version 4*? For instance if I wanted to change the text of an error message from “invalid identifier or password” to “invalid email or password” or even adding a phone number to be a new identifier rather than the username field or what have you.

Following the plugin documentation, I’ve created a strapi-server.js file and doing this I know I can add a new route or controller action, but this approach doesn’t seem to be working out too well with what I’m trying to do. Any help would be appreciated.

Two options I can think of are:

1. Forking the users-permissions plugin and making your desired changes in your clone.
2. In your extension code, add a middleware to the relevant route and capture the error you want to modify.