(req, res, next)
| 330 | }; |
| 331 | |
| 332 | export const handleParseSession = async (req, res, next) => { |
| 333 | try { |
| 334 | const info = req.info; |
| 335 | if (req.auth || (req.url === '/sessions/me' && req.method === 'GET')) { |
| 336 | next(); |
| 337 | return; |
| 338 | } |
| 339 | let requestAuth = null; |
| 340 | if ( |
| 341 | info.sessionToken && |
| 342 | req.url === '/upgradeToRevocableSession' && |
| 343 | info.sessionToken.indexOf('r:') != 0 |
| 344 | ) { |
| 345 | requestAuth = await auth.getAuthForLegacySessionToken({ |
| 346 | config: req.config, |
| 347 | installationId: info.installationId, |
| 348 | sessionToken: info.sessionToken, |
| 349 | }); |
| 350 | } else { |
| 351 | requestAuth = await auth.getAuthForSessionToken({ |
| 352 | config: req.config, |
| 353 | installationId: info.installationId, |
| 354 | sessionToken: info.sessionToken, |
| 355 | }); |
| 356 | } |
| 357 | req.auth = requestAuth; |
| 358 | next(); |
| 359 | } catch (error) { |
| 360 | if (error instanceof Parse.Error) { |
| 361 | next(error); |
| 362 | return; |
| 363 | } |
| 364 | // Log full error details internally, but don't expose to client |
| 365 | req.config.loggerController.error('error getting auth for sessionToken', error); |
| 366 | next(new Parse.Error(Parse.Error.UNKNOWN_ERROR, 'Unknown error')); |
| 367 | } |
| 368 | }; |
| 369 | |
| 370 | function getClientIp(req) { |
| 371 | return req.ip; |
no test coverage detected