backend/src/extensions/users-permissions/routes/user.ts (view raw)
1export default [
2 {
3 method: "POST",
4 path: "/auth/magic-link",
5 handler: async (ctx) => {
6 const { token } = ctx.request.body;
7
8 try {
9 const payload = await strapi.services[
10 "plugin::users-permissions.user"
11 ].magicLink.verifyMagicToken(token);
12 const email = payload.email;
13 if (!email) throw new Error("No email in token");
14 const existingUser = await strapi.db
15 .query("plugin::users-permissions.user")
16 .findOne({
17 where: { email },
18 });
19 if (existingUser) {
20 const jwt = strapi
21 .plugin("users-permissions")
22 .service("jwt")
23 .issue({ id: existingUser.id });
24 return {
25 jwt,
26 user: {
27 id: existingUser.id,
28 email: existingUser.email,
29 firstname: existingUser.firstname,
30 lang: existingUser.lang,
31 },
32 };
33 }
34 const user = await strapi
35 .plugin("users-permissions")
36 .service("user")
37 .add({
38 email,
39 username: email,
40 provider: "local",
41 confirmed: true,
42 role: 1, // authenticated
43 });
44 const jwt = strapi
45 .plugin("users-permissions")
46 .service("jwt")
47 .issue({ id: user.id });
48
49 return {
50 jwt,
51 user: {
52 id: user.id,
53 email: user.email,
54 firstname: user.firstname,
55 lang: user.lang,
56 },
57 };
58 } catch (error) {
59 strapi.log.warn(error);
60 return ctx.unauthorized("Invalid magic link token");
61 }
62 },
63 config: {
64 prefix: "",
65 auth: false,
66 },
67 },
68];