simple-strapi-auth v1.0.18

Strapi plugin simple-strapi-auth

Working on Strapi version: v4..

First Setup

1. Install as an npm dependency

# install dependencies
npm install simple-strapi-auth

2. Check the below api's to generate token and refresh token

# Access token generation CURL

curl --location 'http://localhost:1337/simple-auth/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Basic bXlDbGllbnRJZDpteUNsaWVudFNlY3JldA==' \
--data-urlencode 'grant_type=client_credentials'

# Refresh Token generation Curl

curl --location 'http://localhost:1337/simple-auth/refresh-token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Bearer b323177e47a266abc2d5d9cd42c08dcccdb9e365' \
--data-urlencode 'grant_type=refresh_token' \
--data-urlencode 'client_id=myClientId1' \
--data-urlencode 'client_secret=myClientSecret' \
--data-urlencode 'refresh_token=b323177e47a266abc2d5d9cd42c08dcccdb9e365'

# Static Builds API call

curl --location --globoff 'http://localhost:1337/api/countries' \
--header 'x-csrf-token: randomCSRFToken' \
--header 'Authorization: Bearer randomCSRFToken'

Note

• Please replace appropriate token and Basic auth values to generate access token.

• For nextJS static builds, use x-csrf-token in header and same token to be sent in the authorisation header which will be generated using a secret key from .env file

  X_CSRF_SECRET = "randomString"

Features

• Currently only designed to prevent unauthorized access to strapi public apis
• Works entirely on the principle of OAuth Client Credentials.

References

• Component List - Strapi Helper Plugin
• Strapi Content Import Plugin
• Guide to Strapi Content Import Plugin
• Strapi Styled Component