fix: overload Strapi registration

src/extensions/users-permissions/strapi-server.js

@@ -1,29 +1,87 @@
-module.exports = plugin => {
+'use strict';
-  const sanitizeOutput = (user) => {
+
-    const {password, resetPasswordToken, confirmationToken, ...sanitizedUser} = user
+const yup = require('yup');
-    return sanitizedUser;
+
+module.exports = (plugin) => {
+  /**
+   * Validation custom (équivalent Strapi)
+   */
+  const registerSchema = yup.object({
+    username: yup.string().required(),
+    email: yup.string().email().required(),
+    password: yup.string().min(6).required(),
+  });
+
+  const validateRegisterBody = async (data) => {
+    try {
+      return await registerSchema.validate(data, {
+        abortEarly: false,
+        stripUnknown: true,
+      });
+    } catch (err) {
+      const message = err.errors.join(', ');
+      throw new Error(message);
+    }
   };
 
-  plugin.controllers.user.me = async (ctx) => {
+  /**
-    if (!ctx.state.user) {
+   * Override du controller register
-      return ctx.unauthorized();
+   */
+  plugin.controllers.auth.register = async (ctx) => {
+    const { body } = ctx.request;
+
+    // 🔒 1. Validation
+    let params;
+    try {
+      params = await validateRegisterBody(body);
+    } catch (err) {
+      return ctx.badRequest(err.message);
     }
 
-    const user = await strapi.entityService.findOne('plugin::users-permissions.user', ctx.state.user.id, {populate: {
+    const { email, username, password } = params;
-      paroles: {
-        filters: {
-          publishedAt: {
-            $eq: null
-          }
-        },
-        populate: {
-          artistes: true,
-          traductions: true
-        }
-      }
-    }})
 
-    ctx.body = sanitizeOutput(user)
+    // 🔎 2. Vérifier si user existe déjà
-  }
+    const userService = strapi.service('plugin::users-permissions.user');
-  return plugin
+
-}
+    const existingUser = await userService.fetchAll({
+      filters: {
+        $or: [{ email }, { username }],
+      },
+    });
+
+    if (existingUser.length > 0) {
+      return ctx.badRequest('Email or Username already taken');
+    }
+
+    // ⚙️ 3. Récupérer rôle "authenticated"
+    const role = await strapi
+      .query('plugin::users-permissions.role')
+      .findOne({ where: { type: 'authenticated' } });
+
+    if (!role) {
+      return ctx.badRequest('Default role not found');
+    }
+
+    // 👤 4. Création user
+    const newUser = await userService.add({
+      username,
+      email,
+      password,
+      role: role.id,
+      confirmed: false,
+    });
+
+    // 🔑 5. Générer JWT
+    const jwtService = strapi.service('plugin::users-permissions.jwt');
+
+    const token = jwtService.issue({ id: newUser.id });
+
+    // 📤 6. Réponse
+    ctx.send({
+      jwt: token,
+      user: newUser,
+    });
+  };
+
+  return plugin;
+};