Private/Public cloud code functions

[ranhsd]

Hi, I am using cloud code functions heavily in all of my apps because I think they are very powerful and easy to use.

I found myself a lot of times writing the same line of code which validates if the user is logged in or not. So my code looks like the following:

    if (!request.user || !request.user.get("sessionToken")) {
        response.error("Only logged in users are allowed to use this function!");
        return; 
    }

I was thinking maybe it is possible to introduce additional property that will classify the function as private(secured)/public
private or secured functions are require the user to login to use it and public functions can be use by only providing the App Id API KEY.

Of course the default value of this new property must be true (indicate that the function is public) to provide backward compatibility

The new function signature can be:

Parse.Cloud.define("SomeFunction",  false ,async (request,response) => {

   


}); 

The second false parameter indicate the this function is private and can be used only by logged in users so this check must be performed ahead of executing this function on the server.

If parameter is not a good idea maybe we can implement some pre-defined interface method like isSecured or maybe modify the config file with list of private functions

What do you think about it?

Thanks!

[flovilmart]

It's unlikely we'll add that to parse-server as it would raise backwards compatibility issues as well as probably misunderstanding and other issues.

You can easily declare:

Parse.Cloud.definePrivate = function(functionName, handler) {
     Parse.Cloud.define(functionName, (req, res) => {
        if (!req.user || !req.user.get("sessionToken")) {
            response.error("Only logged in users are allowed to use this function!");
            return; 
        }
        return handler(req, res);
     });
}