| 126 | |
| 127 | // Returns a promise that resolves to an Auth object |
| 128 | const getAuthForSessionToken = async function ({ |
| 129 | config, |
| 130 | cacheController, |
| 131 | sessionToken, |
| 132 | installationId, |
| 133 | }) { |
| 134 | cacheController = cacheController || (config && config.cacheController); |
| 135 | if (cacheController) { |
| 136 | const cached = await cacheController.user.get(sessionToken); |
| 137 | if (cached) { |
| 138 | const { expiresAt: cachedExpiresAt, ...userJSON } = cached; |
| 139 | if (cachedExpiresAt && new Date(cachedExpiresAt) < new Date()) { |
| 140 | cacheController.user.del(sessionToken); |
| 141 | throw new Parse.Error(Parse.Error.INVALID_SESSION_TOKEN, 'Session token is expired.'); |
| 142 | } |
| 143 | const cachedUser = Parse.Object.fromJSON(userJSON); |
| 144 | renewSessionIfNeeded({ config, sessionToken }); |
| 145 | return Promise.resolve( |
| 146 | new Auth({ |
| 147 | config, |
| 148 | cacheController, |
| 149 | isMaster: false, |
| 150 | installationId, |
| 151 | user: cachedUser, |
| 152 | }) |
| 153 | ); |
| 154 | } |
| 155 | } |
| 156 | |
| 157 | let results; |
| 158 | if (config) { |
| 159 | const restOptions = { |
| 160 | limit: 1, |
| 161 | include: 'user', |
| 162 | }; |
| 163 | const RestQuery = require('./RestQuery'); |
| 164 | const query = await RestQuery({ |
| 165 | method: RestQuery.Method.get, |
| 166 | config, |
| 167 | runBeforeFind: false, |
| 168 | auth: master(config), |
| 169 | className: '_Session', |
| 170 | restWhere: { sessionToken }, |
| 171 | restOptions, |
| 172 | }); |
| 173 | results = (await query.execute()).results; |
| 174 | } else { |
| 175 | results = ( |
| 176 | await new Parse.Query(Parse.Session) |
| 177 | .limit(1) |
| 178 | .include('user') |
| 179 | .equalTo('sessionToken', sessionToken) |
| 180 | .find({ useMasterKey: true }) |
| 181 | ).map(obj => obj.toJSON()); |
| 182 | } |
| 183 | |
| 184 | if (results.length !== 1 || !results[0]['user']) { |
| 185 | throw new Parse.Error(Parse.Error.INVALID_SESSION_TOKEN, 'Invalid session token'); |