A plugin for Strapi Headless CMS that provides ability to sign-in/sign-up to an application by link had sent to email.

Overview

Strapi PasswordLess Plugin

A plugin for Strapi Headless CMS that provides ability to sign-in/sign-up to an application by link had sent to email. A plugin works together with Strapi User Permissions Plugin and extends it functionality. For working with emails a plugin use Strapi Email Plugin.

Screenshot

Installation

Install Strapi with this Quickstart command to create a Strapi project instantly:

# with yarn
yarn create strapi-app my-project --quickstart

# with npm/npx
npx create-strapi-app my-project --quickstart

This command generates a brand new project with the default features (authentication, permissions, content management, content type builder & file upload). The Quickstart command installs Strapi using a SQLite database which is used for prototyping in development.

yarn add strapi-plugin-passwordless@latest

# or

npm i -S strapi-plugin-passwordless@latest
  • After successful installation you've to build a fresh package that includes plugin UI. To archive that simply use:
yarn build && yarn develop

# or

npm run build && npm run develop
  • or just run Strapi in the development mode with --watch-admin option:
yarn develop --watch-admin

#or

npm run develop --watch-admin

The Passwordless Login plugin should appear in the Plugins section of Strapi sidebar after you run app again.

🔌 Usage

REST API

Before using the services make a sure that endpoints open for unauthorized users.

Email user with login link

POST /passwordless/send-link
{"email": "[email protected]"}

Login with token

GET /passwordless/login?loginToken={tokenFromEmail} 

Response:

{
  "jwt":  "...jwt auth token..."
  "user": {
    ...strapi user...
  }
}

GraphQL API

sendLoginLink(email: String): PasswordlessSendLinkPayload!
loginPasswordless(loginToken: String): PasswordlessLoginPayload!

🙌 Versions

🤝 Contributing

Feel free to fork and make a Pull Request to this plugin project. All the input is warmly welcome!

⭐️ Show your support

Give a star if this project helped you.

License

MIT License Copyright (c) Andrey Kucherenko.

Comments
  • Endpoint for Login with token results with error (v4)

    Endpoint for Login with token results with error (v4)

    Tried v. 4.0.2 on Strapi version 4, mail user with login link works okay but Endpoint for Login with token results with an error.

    http://localhost:1337/api/passwordless/login?loginToken=753816f096737f49b6534ec77f686ff1086d5cd2

    strapi-plugin-passwordless was working with the previous version.

    Is there anything additional that I need to do to get it working?

    [2022-02-09 19:53:11.955] error: Unexpected token o in JSON at position 1
    SyntaxError: Unexpected token o in JSON at position 1
        at JSON.parse (<anonymous>)
        at Object.login (/development/</anonymous>node_modules/strapi-plugin-passwordless/server/controllers/auth.js:65:21)
        at processTicksAndRejections (internal/process/task_queues.js:95:5)
        at async returnBodyMiddleware (/development/</anonymous>node_modules/@strapi/strapi/lib/services/server/compose-endpoint.js:52:18)
        at async policiesMiddleware (/development/</anonymous>node_modules/@strapi/strapi/lib/services/server/policy.js:24:5)
        at async serve (/development/</anonymous>node_modules/koa-static/index.js:59:5)
        at async returnBodyMiddleware (/development/</anonymous>node_modules/@strapi/strapi/lib/services/server/compose-endpoint.js:52:18)
        at async policiesMiddleware (/development/</anonymous>node_modules/@strapi/strapi/lib/services/server/policy.js:24:5)
        at async /development/</anonymous>node_modules/@strapi/strapi/lib/middlewares/body.js:24:7
        at async /development/</anonymous>node_modules/@strapi/strapi/lib/middlewares/logger.js:22:5
        at async /development/</anonymous>node_modules/@strapi/strapi/lib/middlewares/powered-by.js:16:5
        at async cors (/development/</anonymous>node_modules/@koa/cors/index.js:56:32)
        at async /development/</anonymous>node_modules/@strapi/strapi/lib/middlewares/errors.js:13:7
    
    opened by shumiyao 5
  • /api/passwordless/login not returning 'context'

    /api/passwordless/login not returning 'context'

    Issue

    "context" remains empty even though it exists in the database.

    The culprit is this line: https://github.com/kucherenko/strapi-plugin-passwordless/blob/750f4f50b660b626b3cd6d739305d635d40cc2cc/server/controllers/auth.js#L64

    It throws a SyntaxError: image which is due to parsing a non-JSON entity

    Proposed solution: Update line to context = JSON.parse(JSON.stringify(token.context))

    opened by chan-fullstack 4
  • Question about finding default authenticated role

    Question about finding default authenticated role

    Hi,

    I've been facing a weird intermittent issue where sometimes the newly created user get assigned a Public role instead of Authenticated role despite never changing the setting in User-Permissions. I haven't been able to reliably reproduce it but I suspect it is this line

    https://github.com/kucherenko/strapi-plugin-passwordless/blob/750f4f50b660b626b3cd6d739305d635d40cc2cc/server/services/passwordless.js#L51

    Is this syntax supported in v4? Should the params be an object as given in the docs at

    https://docs.strapi.io/developer-docs/latest/developer-resources/database-apis-reference/query-engine/single-operations.html#findone

    findOne( {  
        where : { type : userSettings.default_role }  
    })
    

    Please let me know if this is intended or am I missing something. Thank you.

    opened by rndexe 2
  • Endpoints look different from those shown in the readme

    Endpoints look different from those shown in the readme

    I am using Strapi v. 4.0.5 and my endpoints becomes as follows, which does not look like those in the README.

    | Method | Path | | ------------- | ------------- | | HEAD/GET | /api/passwordless/passwordless/login | | POST | /api/passwordless/passwordless/send-link |

    Is that how it is supposed to be or am I missing something?

    opened by shumiyao 1
  • Send login link email after new end user created from admin UI.

    Send login link email after new end user created from admin UI.

    I see that need for non techy admins who want to create & invite users manually. Adding new user in admin UI should trigger sending out link email.

    Is there a way and example how to configure it? Could there be new button to re-send login email for existing users in UI?

    opened by pimpelsang 0
  • Add await to createToken

    Add await to createToken

    Currently there is no 'await' when updating previously stored tokens. So when a user signs up for the first time, sometimes, the create() function can run before update(), as we don't wait for update to finish.

    That can result in the new token being invalidated by getting set to is_active:false almost immediately. That's why sometimes when you request a token, it's already invalid, and you have to request a new one.

    Adding await to the update fixes that issue for me!

    opened by GraemeFulton 0
  • Fix for when sanitizer removes user.email

    Fix for when sanitizer removes user.email

    This sanitizer removes the user.email: https://github.com/kucherenko/strapi-plugin-passwordless/blob/main/server/services/passwordless.js#L166

    and because email is null, this check fails: https://github.com/kucherenko/strapi-plugin-passwordless/blob/main/server/controllers/auth.js#L107

    https://github.com/kucherenko/strapi-plugin-passwordless/issues/5#issuecomment-1182297456

    I don't know the cause, but the sanitizer could have been modified somewhere else in Strapi (maybe another plugin?). That change will ensure the email is always returned

    just saw on the readme pull requests are welcome, so here you go!

    opened by GraemeFulton 0
  • no confirmation email is sent

    no confirmation email is sent

    I've installed the plugin and do whatever the docs say and I do create tokens that allow accounts to log in. However, I have to copy the token manually then put it into the API to log in. Tokens are generated even though errors pop up and my Gmail account doesn't receive any confirmation emails.

    opened by L1nberal 5
  • Cache issue

    Cache issue

    After I installed this plugin and restarted my server I didn't have this plugin in the plugins section. Then I deleted .cache and dist folders and it helps me to solve this problem. I think the problem is in .cache folder. By my opinion it might be helpful if there is will be a mention about it in README.md

    opened by IvanAdmaers 0
  • Lost params on user creation using strapi-plugin-passwordless

    Lost params on user creation using strapi-plugin-passwordless

    Hi! I noticed that if you use the plugin's /api/passwordless/send-link endpoint with non-existing user data, it will create a new user with that data. I'm taking advantage of this feature in my project's registration view, but I need to add an avatar as an additional parameter:

    import axios from "axios";
    
    // Stuff...
    
    axios
        .post(`${BASE_URL}api/passwordless/send-link`, {
            ...{
    	    avatar: "1",
    	    email: "[email protected]",
    	    username: "JohnnyDoe21"
            },
            ...{
                headers: {
                    cors: "*"
                }
            }
        })
    

    The problem is that when I send the data to the endpoint (avatar, username, and email), the "avatar" field is ignored by the plugin. If I check the users-permissions's beforeCreate life cycle method, the "params" field doesn't contain "avatar"; it is removed:

    {
      action: 'beforeCreate',
      model: { ... },
        lifecycles: {},
        indexes: [ [Object], [Object] ],
        columnToAttribute: { ... }
      },
      state: {},
      params: {
        data: {
          email: '[email protected]',
          username: 'JohnnyDoe21',
          role: [Object],
          createdAt: 2022-09-07T10:59:29.049Z,
          updatedAt: 2022-09-07T10:59:29.049Z
        },
        populate: [ 'role' ]
      }
    }
    

    Is there a way to make the plugin to keep certain params if required?

    Thank you in advance!

    opened by gundall 2
Owner
Andrey Kucherenko
Andrey Kucherenko
A plugin for Strapi that provides the ability to easily schedule publishing and unpublishing of any content type

strapi-plugin-publisher A plugin for Strapi that provides the ability to easily schedule publishing and unpublishing of any content type. Requirements

daedalus 19 Dec 7, 2022
A plugin for Strapi that provides the ability to auto slugify a field for any content type

strapi-plugin-slugify A plugin for Strapi that provides the ability to auto slugify a field for any content type. It also provides a findOne by slug e

daedalus 25 Nov 28, 2022
A plugin for Strapi CMS that adds a preview button and live view button to the content manager edit view.

Strapi Preview Button A plugin for Strapi CMS that adds a preview button and live view button to the content manager edit view. Get Started Features I

Matt Milburn 53 Dec 30, 2022
Verify your E-Mail and Phone Number using link sent over mail and sms.

Phone-and-Mail-Verification-With-Link Verify your E-Mail and Phone Number using link sent over mail and sms. Endpoints POST /user/create Body { "n

Prasoon Soni 5 Sep 14, 2022
Verify your E-Mail and Phone Number using link sent over mail and sms.

Send Verification Link ✅ Explore the docs » • Report Bug • Request Feature • About The Project Verify your E-Mail and Phone Number using link sent ove

Prasoon Soni 4 Jun 28, 2022
Email Genie Allows autocomplete on email field by providing a list of domain suggestions (gmail.com, outlook.com, etc.).

Allows users to easily and quickly complete an email field by providing a list of domain suggestions (gmail.com, outlook.com, etc.). This package stands out for its flexibility, its compatibility with libraries / frameworks, but especially its use of basic HTML and Javascript functionalities that maximize the native behavior of desktop AND mobile browsers.

Simon Arnold 3 Oct 4, 2022
Grupprojekt för kurserna 'Javascript med Ramverk' och 'Agil Utveckling'

JavaScript-med-Ramverk-Laboration-3 Grupprojektet för kurserna Javascript med Ramverk och Agil Utveckling. Utvecklingsguide För information om hur utv

Svante Jonsson IT-Högskolan 3 May 18, 2022
Hemsida för personer i Sverige som kan och vill erbjuda boende till människor på flykt

Getting Started with Create React App This project was bootstrapped with Create React App. Available Scripts In the project directory, you can run: np

null 4 May 3, 2022
Kurs-repo för kursen Webbserver och Databaser

Webbserver och databaser This repository is meant for CME students to access exercises and codealongs that happen throughout the course. I hope you wi

null 14 Jan 3, 2023
Demodal is a browser extension that automatically removes content blocking modals including paywalls, discount offers, promts to sign up or enter your email address and more.

Demodal Demodal is a browser extension that automatically removes content blocking modals including paywalls, discount offers, promts to sign up or en

Elbert Alias 225 Jan 4, 2023
A comprehensive user sign-up/sign-in system

Nodejs Login System You want a comprehensive user sign-up/sign-in system I strongly suggest you take a look at this repo. The System Includes Welcome

Furkan Gulsen 8 Aug 1, 2022
Gatsby-blog-cosmicjs - 🚀⚡️ Blazing fast blog built with Gatsby and the Cosmic Headless CMS 🔥

Gatsby + Cosmic This repo contains an example blog website that is built with Gatsby, and Cosmic. See live demo hosted on Netlify Uses the Cosmic Gats

Priya Chakraborty 0 Jan 29, 2022
Update & Revalidate Content from a Headless CMS in Next.js with Incremental Static Regeneration

Update & Revalidate Content from a Headless CMS in Next.js with Incremental Static Regeneration Demo for tutorial How to Update & Revalidate Content f

Colby Fayock 4 Jul 22, 2022
🛠 Building a Headless CMS with all the essential features for business representative websites to make 🚀

Isomera - headless CMS for business representative websites SaaS that is hosted on the cloud and built by community. To make developer life easy. ⚠️ A

Cortip 8 Dec 3, 2022
The iofod SDK provides developers with the ability to interact with the main iofod interface within the Web worker, enabling rapid development of iofod extensions through the SDK.

iofod-sdk English | 简体中文 The iofod SDK provides developers with the ability to interact with the main iofod interface within the Web worker, enabling

iofod, Inc. 47 Oct 17, 2022
A file sharing service, where you can upload files and provide a download link for anyone on the internet by sharing the link 🔗 or via mail ✉️ which remains active for 24hours 🕙.

eShare | File Sharing App A file sharing service, where you can upload files and provide a download link for anyone on the internet by sharing the lin

Akhil Bhalerao 7 Nov 20, 2022
Welcome contributers❤️🎉. Just add your name, Github profile link and Linkedin link🔗 Look at Readme for more.📖

Hello Welcome Developers! Step - 1 Create a GitHub account, if you don't already have one. Step - 2 Register for Hacktoberfest: Navigate to the Hackto

Prineth Fernando 28 Oct 31, 2022
Simple Cropper is a jQuery plugin which gives you ability to add cropping functionality to your web application

Simple Cropper is a jQuery plugin which gives you ability to add cropping functionality to your web application. It uses html5 canvas to create cropped images and css3, so it only works on latest browsers.

null 1 Feb 15, 2022