New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
The quest for a better User.login #161
Comments
Using the existing User.login({include: 'user'}, function(err, result) {
console.log(result.user); // => current user
}); |
An alternate solution: Assume that the decision whether User.login should include user data can be made on per-application level, thus all clients should be receiving the same kind of the response. Implementation-wise, we need to make the remoting metadata of User.login configurable.
The implementation of User.login can stay the same, it can always send both |
@ritch That was the second option I wanted to mention. So the response will contain AccessToken properties + |
Yep |
BTW the solution for this won't be trivial. The naive implementation does not work, as Model.toJSON seems to ignore custom properties. user.accessTokens.create({
ttl: Math.min(credentials.ttl || User.settings.ttl, User.settings.maxTTL)
}, function(err, res) {
res.user = user;
fn(err, res);
}); I am also not sure if this will work out of the box with #160 (the nested User object should not include password and other sensitive data). I was thinking about a different approach: User.login({include: 'user'}, function(err, token, user) {
// user is undefined when include:'user' was not specified
});
// remoting metadata
returns: [
{arg: 'accessToken', type: 'object', root: true},
{arg: 'user', type: 'object'},
] This does not work in the current implementation, but the fix should be easy. (See SharedMethod.toResult). |
Looks fine to me. |
Oh well, my approach does not work either. At the end, the complex I have found a hacky workaround (see #162 for details), which I will probably use for now: // inside User.login
if (include === 'user')
token.__data.user = user; There is one more thing we need consider: since If User.login(credentials, function(err, token) {
token.user(function(err, user) {
// do something
});
}); I feel there should be a better way for exposing the |
Let's continue the discussion about |
So, if I want to get the user from the access token, I should use |
I have the same question. Using
Did give me the json for user. But why not I suspect the answer is:
But is there better or less hackish way to do this instead of |
I think if the related user data has been already stored in
I am afraid I have no idea what you are writing about. Please open a new issue and provide us with enough details to reproduce the problem you are encountering, see http://loopback.io/doc/en/contrib/Reporting-issues.html#bug-report |
While implementing client SDKs consuming the new ACL/Auth features, we have found that client apps usually need to get details of the currently logged in user. At the moment, clients have to send two requests: User.login and User.get.
We should modify User.login so that it optionally adds the user data to the response.
Objectives
/users/login
should return the same response as before this change./to @raymondfeng @ritch @Schoonology let's discuss what's the best solution. I'll describe few of them in a comment.
The text was updated successfully, but these errors were encountered: