Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

_linkWith fails to create a session for existing users #5785

Closed
elios264 opened this issue Jul 9, 2019 · 13 comments · Fixed by #5799
Closed

_linkWith fails to create a session for existing users #5785

elios264 opened this issue Jul 9, 2019 · 13 comments · Fixed by #5799
Labels
type:bug Impaired feature or lacking behavior that is likely assumed

Comments

@elios264
Copy link

elios264 commented Jul 9, 2019

Issue Description

_linkWith on an existing user returns user with no sessionToken

Steps to reproduce

1.- have an user in db
2.- fetch it with a query
3.- call _linkWith on it

Expected Results

for the user object to have a sessionToken prop just like new users.

Actual Outcome

_linkWith returns no sessionToken

Environment Setup

  • Server

    • parse-server version (Be specific! Don't say 'latest'.) : 3.4.4
    • Operating System: windows
    • Localhost or remote server? (AWS, Heroku, Azure, Digital Ocean, etc): everywhere

  • Database

    • MongoDB version: mongo atlas db
      OUT]

Logs/Trace

Screen Shot 2019-07-09 at 15 20 26
@dplewis dplewis added type:bug Impaired feature or lacking behavior that is likely assumed enhancement labels Jul 9, 2019
@dplewis
Copy link
Member

dplewis commented Jul 9, 2019
edited
Loading

Have you tried using MasterKey on _linkWith?

#2348

@elios264
Copy link
Author

elios264 commented Jul 9, 2019

I'm using the master key

const masterPermissions = { useMasterKey: true };

@dplewis
Copy link
Member

dplewis commented Jul 9, 2019

I'm unable to reproduce this. Can you write a failing test here? or Post server logs VERBOSE=1

@elios264
Copy link
Author

elios264 commented Jul 9, 2019
edited
Loading

these are the logs, let my try to create a failing test, the cloud fn is called: authorize-ids-user

{"level":"verbose","message":"Support key pairs","timestamp":"2019-07-09T23:15:03.376Z"}
{"level":"info","message":"Parse LiveQuery Server starts running","timestamp":"2019-07-09T23:15:03.389Z"}
{"method":"POST","url":"/api/functions/authorize-ids-user","headers":{"host":"localhost","connection":"keep-alive","content-length":"1224","origin":"http://localhost","user-agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36","content-type":"text/plain","accept":"*/*","referer":"http://localhost/admin/login","accept-encoding":"gzip, deflate, br","accept-language":"en-US,en;q=0.9,es;q=0.8,fr;q=0.7","cookie":"_ga=GA1.1.1560418375.1553189120; session=eyJjc3JmU2VjcmV0IjoiOXhpNGNHY3gzRG1mMi1BUTA1TWlXSzY1IiwiZmxhc2giOnt9LCJwYXNzcG9ydCI6eyJ1c2VyIjoicm9vdCJ9fQ==; session.sig=MZ1uGW_jxkKS9QmUXUgieqYRDZs"},"body":{"access_token":"thetoken","expires_in":"9000000","scope":"protectedData","token_type":"Bearer"},"level":"verbose","message":"REQUEST for [POST] /api/functions/authorize-ids-user: {\n  \"access_token\": \"thetoken\",\n  \"expires_in\": \"9000000\",\n  \"scope\": \"protectedData\",\n  \"token_type\": \"Bearer\"\n}","timestamp":"2019-07-09T23:15:44.225Z"}
{"method":"GET","url":"/api/classes/_User","headers":{"user-agent":"node-XMLHttpRequest, Parse/js2.4.0 (NodeJS 12.4.0)","accept":"*/*","content-type":"text/plain","host":"localhost:80","content-length":"263","connection":"close"},"body":{"where":{"authData.ids.id":"siomara@altomobile.io"},"limit":1},"level":"verbose","message":"REQUEST for [GET] /api/classes/_User: {\n  \"where\": {\n    \"authData.ids.id\": \"siomara@altomobile.io\"\n  },\n  \"limit\": 1\n}","timestamp":"2019-07-09T23:15:44.238Z"}
{"result":{"response":{"results":[{"objectId":"tdm5YXuzNe","name":"Siomara Jimenez","username":"yGoB5FDosi9bdGw1X6kyahOnm","authData":{"ids":{"id":"siomara@altomobile.io","token":"thetoken"}},"createdAt":"2019-07-05T22:42:06.317Z","updatedAt":"2019-07-09T23:14:04.772Z","lastActivity":{"__type":"Date","iso":"2019-07-09T23:12:24.706Z"},"ACL":{"*":{"read":true},"tdm5YXuzNe":{"read":true,"write":true}}}]}},"level":"verbose","message":"RESPONSE from [GET] /api/classes/_User: {\n  \"response\": {\n    \"results\": [\n      {\n        \"objectId\": \"tdm5YXuzNe\",\n        \"name\": \"Siomara Jimenez\",\n        \"username\": \"yGoB5FDosi9bdGw1X6kyahOnm\",\n        \"authData\": {\n          \"ids\": {\n            \"id\": \"siomara@altomobile.io\",\n            \"token\": \"thetoken.\"\n          }\n        },\n        \"createdAt\": \"2019-07-05T22:42:06.317Z\",\n        \"updatedAt\": \"2019-07-09T23:14:04.772Z\",\n        \"lastActivity\": {\n          \"__type\": \"Date\",\n          \"iso\": \"2019-07-09T23:12:24.706Z\"\n        },\n        \"ACL\": {\n          \"*\": {\n            \"read\": true\n          },\n          \"tdm5YXuzNe\": {\n            \"read\": true,\n            \"write\": true\n          }\n        }\n      }\n    ]\n  }\n}","timestamp":"2019-07-09T23:15:44.395Z"}
{"method":"PUT","url":"/api/classes/_User/tdm5YXuzNe","headers":{"user-agent":"node-XMLHttpRequest, Parse/js2.4.0 (NodeJS 12.4.0)","accept":"*/*","content-type":"text/plain","host":"localhost:80","content-length":"1262","connection":"close"},"body":{"authData":{"ids":{"id":"siomara@altomobile.io","token":"thetoken"}}},"level":"verbose","message":"REQUEST for [PUT] /api/classes/_User/tdm5YXuzNe: {\n  \"authData\": {\n    \"ids\": {\n      \"id\": \"siomara@altomobile.io\",\n      \"token\": \"thetoken\"\n    }\n  }\n}","timestamp":"2019-07-09T23:15:44.406Z"}
{"className":"_User","triggerType":"beforeSave","level":"info","message":"beforeSave triggered for _User for user undefined:\n  Input: {\"name\":\"Siomara Jimenez\",\"username\":\"yGoB5FDosi9bdGw1X6kyahOnm\",\"authData\":{\"ids\":{\"id\":\"siomara@altomobile.io\",\"token\":\"thetokeneh... (truncated)\n  Result: {\"object\":{\"authData\":{\"ids\":{\"id\":\"siomara@altomobile.io\",\"token\":\"thetoken... (truncated)","timestamp":"2019-07-09T23:15:45.230Z"}
{"className":"_User","triggerType":"afterSave","level":"info","message":"afterSave triggered for _User for user undefined:\n  Input: {\"name\":\"Siomara Jimenez\",\"username\":\"yGoB5FDosi9bdGw1X6kyahOnm\",\"authData\":{\"ids\":{\"id\":\"siomara@altomobile.io\",\"token\":\"thetoken... (truncated)","timestamp":"2019-07-09T23:15:45.399Z"}
{"className":"_User","triggerType":"afterSave","level":"info","message":"afterSave triggered for _User for user undefined:\n  Input: {\"name\":\"Siomara Jimenez\",\"username\":\"yGoB5FDosi9bdGw1X6kyahOnm\",\"authData\":{\"ids\":{\"id\":\"siomara@altomobile.io\",\"token\":\"thetoken... (truncated)\n  Result: {}","timestamp":"2019-07-09T23:15:45.400Z"}
{"level":"verbose","message":"Raw request from cloud code current : %j | original : %j","timestamp":"2019-07-09T23:15:45.401Z"}
{"level":"verbose","message":"Subscribe messsage %j","timestamp":"2019-07-09T23:15:45.402Z"}
{"level":"verbose","message":"5933b96b444448abb9e6c07aa0477541afterSave is triggered","timestamp":"2019-07-09T23:15:45.403Z"}
{"level":"verbose","message":"ClassName: %s | ObjectId: %s","timestamp":"2019-07-09T23:15:45.403Z"}
{"level":"verbose","message":"Current client number : %d","timestamp":"2019-07-09T23:15:45.403Z"}
{"result":{"response":{"updatedAt":"2019-07-09T23:15:44.552Z"}},"level":"verbose","message":"RESPONSE from [PUT] /api/classes/_User/tdm5YXuzNe: {\n  \"response\": {\n    \"updatedAt\": \"2019-07-09T23:15:44.552Z\"\n  }\n}","timestamp":"2019-07-09T23:15:45.404Z"}
{"functionName":"authorize-ids-user","params":{"access_token":"thetoken","expires_in":"9000000","scope":"protectedData","token_type":"Bearer"},"level":"info","message":"Ran cloud function authorize-ids-user for user undefined with:\n  Input: {\"access_token\":\"thetoken.... (truncated)\n  Result: {\"success\":true,\"user\":{\"name\":\"Siomara Jimenez\",\"username\":\"yGoB5FDosi9bdGw1X6kyahOnm\",\"authData\":{\"ids\":{\"id\":\"siomara@altomobile.io\",\"token\":\"thetoken... (truncated)","timestamp":"2019-07-09T23:15:45.412Z"}
{"result":{"response":{"result":{"success":true,"user":{"name":"Siomara Jimenez","username":"yGoB5FDosi9bdGw1X6kyahOnm","authData":{"ids":{"id":"siomara@altomobile.io","token":"thetoken"}},"createdAt":"2019-07-05T22:42:06.317Z","updatedAt":"2019-07-09T23:15:44.552Z","lastActivity":{"__type":"Date","iso":"2019-07-09T23:12:24.706Z"},"ACL":{"*":{"read":true},"tdm5YXuzNe":{"read":true,"write":true}},"objectId":"tdm5YXuzNe"}}}},"level":"verbose","message":"RESPONSE from [POST] /api/functions/authorize-ids-user: {\n  \"response\": {\n    \"result\": {\n      \"success\": true,\n      \"user\": {\n        \"name\": \"Siomara Jimenez\",\n        \"username\": \"yGoB5FDosi9bdGw1X6kyahOnm\",\n        \"authData\": {\n          \"ids\": {\n            \"id\": \"siomara@altomobile.io\",\n            \"token\": \"thetoken\"\n          }\n        },\n        \"createdAt\": \"2019-07-05T22:42:06.317Z\",\n        \"updatedAt\": \"2019-07-09T23:15:44.552Z\",\n        \"lastActivity\": {\n          \"__type\": \"Date\",\n          \"iso\": \"2019-07-09T23:12:24.706Z\"\n        },\n        \"ACL\": {\n          \"*\": {\n            \"read\": true\n          },\n          \"tdm5YXuzNe\": {\n            \"read\": true,\n            \"write\": true\n          }\n        },\n        \"objectId\": \"tdm5YXuzNe\"\n      }\n    }\n  }\n}","timestamp":"2019-07-09T23:15:45.415Z"}
{"method":"POST","url":"/api/functions/set-last-activity-now","headers":{"host":"localhost","connection":"keep-alive","content-length":"137","origin":"http://localhost","user-agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36","content-type":"text/plain","accept":"*/*","referer":"http://localhost/admin/managers","accept-encoding":"gzip, deflate, br","accept-language":"en-US,en;q=0.9,es;q=0.8,fr;q=0.7","cookie":"_ga=GA1.1.1560418375.1553189120; session=eyJjc3JmU2VjcmV0IjoiOXhpNGNHY3gzRG1mMi1BUTA1TWlXSzY1IiwiZmxhc2giOnt9LCJwYXNzcG9ydCI6eyJ1c2VyIjoicm9vdCJ9fQ==; session.sig=MZ1uGW_jxkKS9QmUXUgieqYRDZs"},"body":{},"level":"verbose","message":"REQUEST for [POST] /api/functions/set-last-activity-now: {}","timestamp":"2019-07-09T23:15:45.536Z"}
{"functionName":"set-last-activity-now","params":{},"level":"info","message":"Ran cloud function set-last-activity-now for user undefined with:\n  Input: {}\n  Result: false","timestamp":"2019-07-09T23:15:45.536Z"}
{"result":{"response":{"result":false}},"level":"verbose","message":"RESPONSE from [POST] /api/functions/set-last-activity-now: {\n  \"response\": {\n    \"result\": false\n  }\n}","timestamp":"2019-07-09T23:15:45.537Z"}
{"method":"GET","url":"/api/classes/_User","headers":{"host":"localhost","connection":"keep-alive","content-length":"164","origin":"http://localhost","user-agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36","content-type":"text/plain","accept":"*/*","referer":"http://localhost/admin/managers","accept-encoding":"gzip, deflate, br","accept-language":"en-US,en;q=0.9,es;q=0.8,fr;q=0.7","cookie":"_ga=GA1.1.1560418375.1553189120; session=eyJjc3JmU2VjcmV0IjoiOXhpNGNHY3gzRG1mMi1BUTA1TWlXSzY1IiwiZmxhc2giOnt9LCJwYXNzcG9ydCI6eyJ1c2VyIjoicm9vdCJ9fQ==; session.sig=MZ1uGW_jxkKS9QmUXUgieqYRDZs"},"body":{"where":{}},"level":"verbose","message":"REQUEST for [GET] /api/classes/_User: {\n  \"where\": {}\n}","timestamp":"2019-07-09T23:15:45.539Z"}
{"level":"verbose","message":"Request: %j","timestamp":"2019-07-09T23:15:45.542Z"}
{"level":"info","message":"Create new client: 6edb2f8b-1ff8-4c85-ba0e-c29db14ee179","timestamp":"2019-07-09T23:15:45.545Z"}
{"level":"verbose","message":"Push Response : %j","timestamp":"2019-07-09T23:15:45.546Z"}
{"level":"verbose","message":"Request: %j","timestamp":"2019-07-09T23:15:45.547Z"}
{"level":"info","message":"Create new client: 4f6321c4-8560-47db-9c38-eb6d8fdfcd4b","timestamp":"2019-07-09T23:15:45.547Z"}
{"level":"verbose","message":"Push Response : %j","timestamp":"2019-07-09T23:15:45.547Z"}
{"method":"GET","url":"/api/classes/Resource","headers":{"host":"localhost","connection":"keep-alive","content-length":"164","origin":"http://localhost","user-agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36","content-type":"text/plain","accept":"*/*","referer":"http://localhost/admin/managers","accept-encoding":"gzip, deflate, br","accept-language":"en-US,en;q=0.9,es;q=0.8,fr;q=0.7","cookie":"_ga=GA1.1.1560418375.1553189120; session=eyJjc3JmU2VjcmV0IjoiOXhpNGNHY3gzRG1mMi1BUTA1TWlXSzY1IiwiZmxhc2giOnt9LCJwYXNzcG9ydCI6eyJ1c2VyIjoicm9vdCJ9fQ==; session.sig=MZ1uGW_jxkKS9QmUXUgieqYRDZs"},"body":{"where":{}},"level":"verbose","message":"REQUEST for [GET] /api/classes/Resource: {\n  \"where\": {}\n}","timestamp":"2019-07-09T23:15:45.553Z"}
{"level":"verbose","message":"Request: %j","timestamp":"2019-07-09T23:15:45.554Z"}
{"level":"verbose","message":"Push Response : %j","timestamp":"2019-07-09T23:15:45.555Z"}
{"level":"verbose","message":"Create client 6edb2f8b-1ff8-4c85-ba0e-c29db14ee179 new subscription: 1","timestamp":"2019-07-09T23:15:45.555Z"}
{"level":"verbose","message":"Current client number: %d","timestamp":"2019-07-09T23:15:45.555Z"}
{"level":"verbose","message":"Request: %j","timestamp":"2019-07-09T23:15:45.556Z"}
{"level":"verbose","message":"Push Response : %j","timestamp":"2019-07-09T23:15:45.556Z"}
{"level":"verbose","message":"Create client 4f6321c4-8560-47db-9c38-eb6d8fdfcd4b new subscription: 1","timestamp":"2019-07-09T23:15:45.556Z"}
{"level":"verbose","message":"Current client number: %d","timestamp":"2019-07-09T23:15:45.556Z"}
{"message":"Parse error: Permission denied for action find on class _User.","code":119,"level":"error","stack":"Error: Permission denied for action find on class _User.\n    at Function.validatePermission (/Users/elios264/Desktop/alto/promo-panel/node_modules/parse-server/lib/Controllers/SchemaController.js:1223:11)\n    at SchemaController.validatePermission (/Users/elios264/Desktop/alto/promo-panel/node_modules/parse-server/lib/Controllers/SchemaController.js:1228:29)\n    at /Users/elios264/Desktop/alto/promo-panel/node_modules/parse-server/lib/Controllers/DatabaseController.js:1053:65\n    at processTicksAndRejections (internal/process/task_queues.js:89:5)","timestamp":"2019-07-09T23:15:45.626Z"}
{"message":"Parse error: Permission denied for action find on class Resource.","code":119,"level":"error","stack":"Error: Permission denied for action find on class Resource.\n    at Function.validatePermission (/Users/elios264/Desktop/alto/promo-panel/node_modules/parse-server/lib/Controllers/SchemaController.js:1223:11)\n    at SchemaController.validatePermission (/Users/elios264/Desktop/alto/promo-panel/node_modules/parse-server/lib/Controllers/SchemaController.js:1228:29)\n    at /Users/elios264/Desktop/alto/promo-panel/node_modules/parse-server/lib/Controllers/DatabaseController.js:1053:65\n    at processTicksAndRejections (internal/process/task_queues.js:89:5)","timestamp":"2019-07-09T23:15:45.628Z"}

@elios264
Copy link
Author

elios264 commented Jul 9, 2019

How do I config the mongo db uri to enable testing?

@davimacedo
Copy link
Member

davimacedo commented Jul 9, 2019
edited
Loading

You need to have a mongo running at mongodb://localhost:27017. The test will create/use two databases: parse and parseServerMongoAdapterTestDatabase

@dplewis
Copy link
Member

dplewis commented Jul 10, 2019

@elios264 In your logs I see a permission denied error.

@elios264
Copy link
Author

that’s the consequence of parse-server not returning a sessionToken, the client app tries to make some requests after linking but fails since linkwith returned no sessionToken

@dplewis
Copy link
Member

dplewis commented Jul 10, 2019
edited
Loading

I was able to reproduce this issue.

Calling _linkWith on an existing user is like doing object.set('authData', authData) with validation. I think it should be alright to generate a sessionToken in this case.

@acinader @davimacedo Thoughts?

@davimacedo
Copy link
Member

Yes. I think we should as described here.

@elios264
Copy link
Author

also if you don't want to have to make a breaking change, is there a way to create a session for a user in cloud code?

@dplewis dplewis mentioned this issue Jul 10, 2019
Merged
@acinader
Copy link
Contributor

this could be a textbook example of opensource bug triage and fixing. wow.

@ghost ghost closed this as completed in #5799 Jul 10, 2019
@mtrezza mtrezza added type:feature New feature or improvement of existing feature and removed type:improvement labels Dec 6, 2021
@parse-github-assistant
Copy link

The label type:feature cannot be used in combination with type:bug.

@parse-github-assistant parse-github-assistant bot removed the type:feature New feature or improvement of existing feature label Dec 6, 2021
This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
type:bug Impaired feature or lacking behavior that is likely assumed
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Generate sessionToken with linkWith parse-community/parse-server
5 participants
@acinader @davimacedo @mtrezza @dplewis @elios264