From c5f39b77e4959cec624a21ab1f14bf0b0534de8e Mon Sep 17 00:00:00 2001 From: Diamond Lewis Date: Wed, 30 Aug 2023 12:49:55 -0500 Subject: [PATCH] feat: Allow `Parse.Session.current` on expired session token --- spec/ParseUser.spec.js | 29 +++++++++++++++++++++++++++++ src/middlewares.js | 2 +- 2 files changed, 30 insertions(+), 1 deletion(-) diff --git a/spec/ParseUser.spec.js b/spec/ParseUser.spec.js index 4d3beaf349..976a024dc9 100644 --- a/spec/ParseUser.spec.js +++ b/spec/ParseUser.spec.js @@ -3194,6 +3194,35 @@ describe('Parse.User testing', () => { .catch(done.fail); }); + it('should return current session with expired expiration date', async () => { + await Parse.User.signUp('buser', 'somepass', null); + const response = await request({ + method: 'GET', + url: 'http://localhost:8378/1/classes/_Session', + headers: { + 'X-Parse-Application-Id': 'test', + 'X-Parse-Master-Key': 'test', + }, + }); + const body = response.data; + const id = body.results[0].objectId; + const expiresAt = new Date(new Date().setYear(2015)); + await request({ + method: 'PUT', + url: 'http://localhost:8378/1/classes/_Session/' + id, + headers: { + 'X-Parse-Application-Id': 'test', + 'X-Parse-Master-Key': 'test', + 'Content-Type': 'application/json', + }, + body: { + expiresAt: { __type: 'Date', iso: expiresAt.toISOString() }, + }, + }); + const session = await Parse.Session.current(); + expect(session.get('expiresAt')).toEqual(expiresAt); + }); + it('should not create extraneous session tokens', done => { const config = Config.get(Parse.applicationId); config.database diff --git a/src/middlewares.js b/src/middlewares.js index a7e309b0cc..2a7b3ef225 100644 --- a/src/middlewares.js +++ b/src/middlewares.js @@ -301,7 +301,7 @@ const handleRateLimit = async (req, res, next) => { export const handleParseSession = async (req, res, next) => { try { const info = req.info; - if (req.auth) { + if (req.auth || req.url === '/sessions/me') { next(); return; }