MCPcopy Index your code
hub / github.com/parse-community/parse-server / handleVerifyPassword

Method handleVerifyPassword

src/Routers/UsersRouter.js:450–491  ·  view source on GitHub ↗
(req)

Source from the content-addressed store, hash-verified

448 }
449
450 handleVerifyPassword(req) {
451 return this._authenticateUserFromRequest(req)
452 .then(async user => {
453 // Remove hidden properties.
454 UsersRouter.removeHiddenProperties(user);
455 // Re-fetch the user with the caller's auth context so that
456 // protectedFields and CLP apply correctly; if the caller used master key,
457 // protectedFields are bypassed, matching the behavior of GET /users/:id
458 const refetchAuth =
459 req.auth.isMaster || req.auth.isMaintenance
460 ? req.auth
461 : new Auth.Auth({
462 config: req.config,
463 isMaster: false,
464 user: Parse.Object.fromJSON({ className: '_User', objectId: user.objectId }),
465 installationId: req.info.installationId,
466 });
467 let filteredUser;
468 try {
469 const filteredUserResponse = await rest.get(
470 req.config,
471 refetchAuth,
472 '_User',
473 user.objectId,
474 {},
475 req.info.clientSDK,
476 req.info.context
477 );
478 filteredUser = filteredUserResponse.results?.[0];
479 } catch {
480 // re-fetch may fail for legacy users without ACL; fall through
481 }
482 if (!filteredUser) {
483 filteredUser = user;
484 }
485 UsersRouter.removeHiddenProperties(filteredUser);
486 return { response: filteredUser };
487 })
488 .catch(error => {
489 throw error;
490 });
491 }
492
493 async handleLogOut(req) {
494 const success = { response: {} };

Callers 1

mountRoutesMethod · 0.95

Calls 3

getMethod · 0.45

Tested by

no test coverage detected