Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

getSessionToken() returning undefined #2052

Closed
mindgrub-jkliphouse opened this issue Jun 13, 2016 · 5 comments
Closed

getSessionToken() returning undefined #2052

mindgrub-jkliphouse opened this issue Jun 13, 2016 · 5 comments

Comments

@mindgrub-jkliphouse
Copy link

mindgrub-jkliphouse commented Jun 13, 2016
edited by drew-gross
Loading

Describe your issue in as much detail as possible.

I'm setting up a SAML SSO.

Using the JS SDK, I get a token and then query for existing users or create a new one.

In both instances I call user.getSessionToken() on the user object.

Getting the user from a query results in an undefined sessionToken.

Saving the new user and calling the function returns a valid sessionToken.

   userQuery.first({useMasterKey:true}).then(function(user) {
            if(user)
            {
                return user.save(null, {useMasterKey: true}).then( function(user) {

                    var sessionToken = user.getSessionToken();
                    res.setHeader('session_token', sessionToken);
                    return res.send("You are set to go!");

                });
            }
            else
            {
                var user = new Parse.User();
                user.set("session_index", session_index);
                user.set("username", name_id);
                user.set("password", password);

                return user.save(null, {useMasterKey: true}).then( function(user) {

                    var sessionToken = user.getSessionToken();
                    res.setHeader('session_token', sessionToken);
                    return res.send("You are set to go!");

                });
            }

        }, function(error) {
            console.log(JSON.stringify(error));
        });

Expected Results

I expect to get a valid sessionToken in both instances.

Environment Setup

  • Server
    "parse-server": "^2.2.7",
    • Operating System: OSX
    • Hardware: macbook
    • Localhost or remote server? (AWS, Heroku, Azure, Digital Ocean, etc): localhost and heroku
  • Database
    • MongoDB version: MongoDB shell version: 3.2.5

Logs/Trace

verbose: GET /parse/classes/_User { 'user-agent': 'node-XMLHttpRequest, Parse/js1.8.5 (NodeJS 4.4.4)',
  accept: '*/*',
  'content-type': 'text/plain',
  host: 'localhost:1337',
  'content-length': '256',
  connection: 'close' } {
  "where": {
    "username": "username"
  },
  "limit": 1
}
verbose: {
  "response": {
    "results": [
      {
        "ACL": {
          "1Q6tU63QsW": {
            "read": true,
            "write": true
          }
        },
        "objectId": "1Q6tU63QsW",
        "session_index": "session_index",
        "username": "username",
        "updatedAt": "2016-06-13T16:11:15.375Z",
        "createdAt": "2016-06-13T14:58:58.644Z"
      }
    ]
  }
}
verbose: PUT /parse/classes/_User/1Q6tU63QsW { 'user-agent': 'node-XMLHttpRequest, Parse/js1.8.5 (NodeJS 4.4.4)',
  accept: '*/*',
  'content-type': 'text/plain',
  host: 'localhost:1337',
  'content-length': '186',
  connection: 'close' } {}
verbose: {
  "response": {
    "updatedAt": "2016-06-13T16:28:03.091Z",
    "ACL": {
      "1Q6tU63QsW": {
        "read": true,
        "write": true
      }
    }
  }
}
@drew-gross
Copy link
Contributor

To help us debug this, can you include the exact request and response in Parse Server? (you can see this in the logs using VERBOSE=1 environment variable)

@mindgrub-jkliphouse
Copy link
Author

added

@drew-gross
Copy link
Contributor

Ah, you need to do a "signup" or "login" action to create a session token. Simply modifying a user will not create a session token. You can also query the _Session class directly for session tokens that belong to the user (using master key)

@mindgrub-jkliphouse
Copy link
Author

mindgrub-jkliphouse commented Jun 13, 2016
edited
Loading

I'm not doing a "signup" or "login" in the else block in the above code and it's getting a valid token.

I was under the impression (from the docs) that the getSessionToken() function would create a session or return the token from an existing one.

Ideally I'd like to set a random, strong password on each user and forget about it since the SSO is handling authentication - but if I'm reading correctly, that's not possible. I need the password to login to generate the session.

@drew-gross
Copy link
Contributor

In cloud code, with the master key, you can do anything you want. Query the session table directly, create sessions directly, etc. you could even set a new password for the user on every request, then use that new password to log in.

Client code (read: any code not using the master key) does require a login/signup to create sessions.

@thomnico thomnico mentioned this issue Nov 18, 2023
Open
@pradyum07 pradyum07 mentioned this issue Nov 18, 2023
Open
@RaschidJFR RaschidJFR mentioned this issue Nov 19, 2023
Open
@parseplatformorg parseplatformorg mentioned this issue Nov 19, 2023
Closed
@Arul- Arul- mentioned this issue Nov 19, 2023
Open
@parseplatformorg parseplatformorg mentioned this issue Nov 19, 2023
Open
@skmezanul skmezanul mentioned this issue Nov 20, 2023
Open
@kiarza2543 kiarza2543 mentioned this issue Dec 12, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@drew-gross @mindgrub-jkliphouse