Why parse.com return sessionToken with MasterKey #1617
Comments
|
It is documented in the parse reference that a session token would be returned if a master key is provided: https://parse.com/docs/js/api/classes/Parse.User.html#methods_getSessionToken I'm looking to get a session token so I can create custom login. If I can't get it this way, what is the preferred way to get a session token for a user? |
|
I don't think it is a good idea to have different behavior with this. Especially during this migration moment. |
|
Another problem. if (req.params.className === "_User") {
delete response.results[0].sessionToken;
//...
}This is also different whith the behavior documented in https://parse.com/docs/js/api/classes/Parse.User.html#methods_getSessionToken |
|
You are linking to the JS SDK docs, not the REST API. Parse Server doesn't support non-revocable sessions, so that could be the cause of the difference you are seeing. |
|
@drew-gross So sessionTokens are artifacts of non-revocable tokens? If so, can you point me to how I would go about implementing a custom login implementation? |
|
Here is how you use revocable sessions: http://blog.parse.com/announcements/announcing-new-enhanced-sessions/ |
sessionToken is removed when query in Cloud code with Master Key. due to changes of #1498.
I do some experiment on parse.com
==> when /1/login with username and password, it returns
{
"sessionToken": "r:NmElS2PLfszu5fPnwtGbaa4L9",
"authData": {...}
}
==> when /1/users/my_objectId with MasterKey, it returns
{
"sessionToken": "u5fPnwtGNmElS2PLfszbaa4L9",
"authData":{...}
}
This shows that parse.com will return sessionToken (the legancy session token, not revocable token). But after #1498, this feature is not the same with official parse.com .
I'm getting confused. Should i change my cloud code to fit changes of #1498 or #1498 should be rollback.
The text was updated successfully, but these errors were encountered: