Here is what I am doing in my unit tests
const users = [
{ username: "authenticated", email: "authd@test.com", provider: "local", password: "test1234", role: "authenticated" },
{ username: "contributor", email: "contrib@test.com", provider: "local", password: "test1234" , role: "contributor" },
];
async function createUsers(strapi){
await Promise.all(
users.map(async (user) => {
// fetch role by type to get ID
if ( user.role) {
const foundRole = await strapi.query("plugin::users-permissions.role").findOne({where: {type: user.role}});
if (!foundRole) throw Error(`role ${user.role} does not exist`);
user.role = foundRole.id;
}
const { id } = await strapi.plugins['users-permissions'].services.user.add({
...user,
blocked: false,
confirmed: true,
created_by: 1, //user admin id
updated_by: 1, //user admin id
});
// Mutate user add jwt for later..
user.jwt = await strapi.service('plugin::users-permissions.jwt').issue({ id })
}
));
}
FYi the user.add service seems to properly hash the password as well.