joe/kami-parse-server
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Adds session creation code in Auth.js (#4574)

Browse Source
This commit is contained in:
Florent Vilmart
2018-02-19 11:15:54 -05:00
committed by GitHub
parent b754d51e8e
commit 11c40dce97
5 changed files with 81 additions and 80 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
src/Routers/SessionsRouter.js
View File

@@ -3,8 +3,6 @@ import ClassesRouter from './ClassesRouter';
import Parse from 'parse/node';
import rest from '../rest';
import Auth from '../Auth';
import RestWrite from '../RestWrite';
import { newToken } from '../cryptoUtils';
export class SessionsRouter extends ClassesRouter {
@@ -32,30 +30,24 @@ export class SessionsRouter extends ClassesRouter {
handleUpdateToRevocableSession(req) {
const config = req.config;
const masterAuth = Auth.master(config)
const user = req.auth.user;
// Issue #2720
// Calling without a session token would result in a not found user
if (!user) {
throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, 'invalid session');
}
const expiresAt = config.generateSessionExpiresAt();
const sessionData = {
sessionToken: 'r:' + newToken(),
user: {
__type: 'Pointer',
className: '_User',
objectId: user.id
},
const {
sessionData,
createSession
} = Auth.createSession(config, {
userId: user.id,
createdWith: {
'action': 'upgrade',
},
restricted: false,
installationId: req.auth.installationId,
expiresAt: Parse._encode(expiresAt)
};
const create = new RestWrite(config, masterAuth, '_Session', null, sessionData);
return create.execute().then(() => {
});
return createSession().then(() => {
// delete the session token, use the db to skip beforeSave
return config.database.update('_User', {
objectId: user.id