The quest for a better User.login #161
Comments
ghost
assigned 
|
Using the existing User.login({include: 'user'}, function(err, result) {
console.log(result.user); // => current user
}); |
|
An alternate solution: Assume that the decision whether User.login should include user data can be made on per-application level, thus all clients should be receiving the same kind of the response. Implementation-wise, we need to make the remoting metadata of User.login configurable.
The implementation of User.login can stay the same, it can always send both |
|
@ritch That was the second option I wanted to mention. So the response will contain AccessToken properties + |
|
Yep |
|
BTW the solution for this won't be trivial. The naive implementation does not work, as Model.toJSON seems to ignore custom properties. user.accessTokens.create({
ttl: Math.min(credentials.ttl || User.settings.ttl, User.settings.maxTTL)
}, function(err, res) {
res.user = user;
fn(err, res);
});I am also not sure if this will work out of the box with #160 (the nested User object should not include password and other sensitive data). I was thinking about a different approach: User.login({include: 'user'}, function(err, token, user) {
// user is undefined when include:'user' was not specified
});
// remoting metadata
returns: [
{arg: 'accessToken', type: 'object', root: true},
{arg: 'user', type: 'object'},
]This does not work in the current implementation, but the fix should be easy. (See SharedMethod.toResult). |
|
Looks fine to me. |
|
Oh well, my approach does not work either. At the end, the complex I have found a hacky workaround (see #162 for details), which I will probably use for now: // inside User.login
if (include === 'user')
token.__data.user = user;There is one more thing we need consider: since If User.login(credentials, function(err, token) {
token.user(function(err, user) {
// do something
});
});I feel there should be a better way for exposing the |
|
Let's continue the discussion about |
|
So, if I want to get the user from the access token, I should use |
|
I have the same question. Using
Did give me the json for user. But why not I suspect the answer is:
But is there better or less hackish way to do this instead of |
I think if the related user data has been already stored in
I am afraid I have no idea what you are writing about. Please open a new issue and provide us with enough details to reproduce the problem you are encountering, see http://loopback.io/doc/en/contrib/Reporting-issues.html#bug-report |
While implementing client SDKs consuming the new ACL/Auth features, we have found that client apps usually need to get details of the currently logged in user. At the moment, clients have to send two requests: User.login and User.get.
We should modify User.login so that it optionally adds the user data to the response.
Objectives
/users/loginshould return the same response as before this change./to @raymondfeng @ritch @Schoonology let's discuss what's the best solution. I'll describe few of them in a comment.
The text was updated successfully, but these errors were encountered: