Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Sessions are being deleted #5882

Closed
stevestencil opened this issue Aug 2, 2019 · 17 comments
Closed

Sessions are being deleted #5882

stevestencil opened this issue Aug 2, 2019 · 17 comments
Labels
type:bug Impaired feature or lacking behavior that is likely assumed

Comments

@stevestencil
Copy link
Contributor

Issue Description

Our application needs the ability to only allow 1 session per device type. For Example: they can only have 1 session if they log into a mobile device. So if they login using their iPhone, it will log them out of their iPad. But it they login via the website, the session on their iPhone will not be deleted. If they log into the website with a different browser, it will delete only their other website session.

I accomplish this by using a cloud function called "loginUser" which takes 3 parameters (username, password, source). The cloud function will call the Parse.User.login function and then update the session that is returned with the source and delete the remaining sessions that match the same source. This has worked for awhile and then we started getting reports of only 1 session being allowed no matter what. I finally got time to track down what was causing it and traced it back to issue #3451. The fix for this issue deletes duplicate sessions based on installation id. Since our login function is being called from the server, and not the client, the installation id being passed to the login function is the same no matter who's logging in. (I am able to update the installation id later from the client after a successful login so it wasn't an issue before) Now that sessions are being deleted automatically (#3451) based on installation id, it is not allowing our users to be logged into more than 1 device.

Steps to reproduce

create a function like below:
Parse.Cloud.define('loginUser', async (req) => { const { username, password } = req.params; const user = await Parse.User.logIn(username, password); return user; });
Call said cloud function from 2 different devices and pass in username and password

Expected Results

2 separate session tokens should be created.

Actual Outcome

1st session token will be deleted

Proposed Solution

If I could override the installation id being generated in the Parse.User.login function then everything would work as expected. For now I guess the only work around would be to use the REST api and call the function without the Parse.User.login function?

Environment Setup

  • Server
    • parse-server version: 3.7.2
    • Operating System: OSX
    • Hardware: iMac
    • Localhost or remote server? (AWS, Heroku, Azure, Digital Ocean, etc): Localhost and AWS
@davimacedo
Copy link
Member

You can do:

const user = await Parse.User.logIn(username, password, { installationId });

@stevestencil
Copy link
Contributor Author

passing in installationId an option does not work

@davimacedo
Copy link
Member

why not?

@davimacedo
Copy link
Member

@davimacedo
Copy link
Member

Have you tried before? What happened?

@stevestencil
Copy link
Contributor Author

I just tried it... the installationId does not change to what I make it

@davimacedo
Copy link
Member

What is the Parse Server version that you are running? I will try to reproduce and solve the bug.

@davimacedo
Copy link
Member

Can you try the following?

const user = await Parse.User.logIn(username, password, { installationId, useMasterKey: true });

@stevestencil
Copy link
Contributor Author

3.7.2

@stevestencil
Copy link
Contributor Author

that did not work

@davimacedo davimacedo added type:bug Impaired feature or lacking behavior that is likely assumed needs investigation labels Aug 2, 2019
@stevestencil
Copy link
Contributor Author

were you able to replicate the issue?

@davimacedo
Copy link
Member

Not tried yet. But I will try in few minutes to figure out why it is not working.

@stevestencil
Copy link
Contributor Author

stevestencil commented Aug 2, 2019

ok I found the issue... This line is causing the installationId to be set if the installationId is falsy in the options... so if i pass { installationId: '' } or { installationId: null } into options, that line will override it. I suppose this line should check to see if installationId is set instead of checking if it's truthy?

@stevestencil
Copy link
Contributor Author

Here is my work around now... installationId has to have a truthy value in order for it to work.

This code works:
const user = await Parse.User.logIn(username, password, { installationId: 'some_random_id' });

This code does not work:
const user = await Parse.User.logIn(username, password, { installationId: "" });

@davimacedo
Copy link
Member

yes.. that was the idea actually... I was expecting you to set something in installationId var. Maybe you should use:

const installationId = `${source}${username}`;

@davimacedo
Copy link
Member

So I understand that there is no bug, right? I'm closing the issue. Let me know if you still have any question.

@stevestencil
Copy link
Contributor Author

Thanks fo much for your help!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
type:bug Impaired feature or lacking behavior that is likely assumed
Projects
None yet
Development

No branches or pull requests

2 participants