From 90a4ac70acf780c5e328a9e6335c4d76e526111d Mon Sep 17 00:00:00 2001 From: Francis Lessard Date: Thu, 11 Feb 2016 20:32:31 -0500 Subject: [PATCH] Fix session token issue In _User collection a field _session_token is present and if you fetch the user data form server, this field override the sessionToken saved in your browser. If you don't fetch the user, all request to server contain the right sessionToken and if you fetch the user data from the server, all next requests will contain the wrong sessionToken come form the _session_token in user data fetched. --- src/RestQuery.js | 5 +++++ src/Routers/ClassesRouter.js | 5 +++++ src/users.js | 3 +++ 3 files changed, 13 insertions(+) diff --git a/src/RestQuery.js b/src/RestQuery.js index 91ebe536..7cf8074f 100644 --- a/src/RestQuery.js +++ b/src/RestQuery.js @@ -415,6 +415,11 @@ function includePath(config, auth, response, path) { for (var obj of includeResponse.results) { obj.__type = 'Object'; obj.className = className; + + if(className == "_User"){ + delete obj.sessionToken; + } + replace[obj.objectId] = obj; } var resp = { diff --git a/src/Routers/ClassesRouter.js b/src/Routers/ClassesRouter.js index 11666b20..a49d6d4a 100644 --- a/src/Routers/ClassesRouter.js +++ b/src/Routers/ClassesRouter.js @@ -51,6 +51,11 @@ export class ClassesRouter { if (!response.results || response.results.length == 0) { throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, 'Object not found.'); } + + if(req.params.className === "_User"){ + delete response.results[0].sessionToken; + } + return { response: response.results[0] }; }); } diff --git a/src/users.js b/src/users.js index 4205c666..9484ee64 100644 --- a/src/users.js +++ b/src/users.js @@ -133,6 +133,9 @@ function handleGet(req) { throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, 'Object not found.'); } else { + if(req.params.className === "_User"){ + delete response.results[0].sessionToken; + } return {response: response.results[0]}; } });