0

For authentification I'm trying to understand, how sessions work. With help of documentation of express session and Sessions in Node JS I got it work.

Now I'm figuring out, what to do, that users can log out. In the documentation of express session is to read "The default server-side session storage, MemoryStore, is purposely not designed for a production environment." They recommand a compatible session store.

I have choosen connect-redis. They call it an "in-memory data structure store". Now I'm wondering, what is the difference between redis and the database, that I would like to use (back4app).

If I implement connect-redis

const RedisStore = require('connect-redis')(session);
const redis = require("redis").createClient();

let sess = {
    store: new RedisStore({ host: 'localhost', 6379, client: redis }),
    secret: cryptoString,
    resave: true,
    saveUninitialized: true,
    cookie: {
        maxAge: 1 * 60 * 1000,
    },
}

server.use(session(sess));

the user object from back4app stills undefined. (Without redis the user object exists.)

As mentioned I have tryed Parse.User.logOut(). It doesn't work. The console says Parse.User is null.

Please, explain

  • what is the difference between back4app and redis? Do I need both?

  • how do I enable log out?

For all with the same problem. This is my other question in this context. It will help you to see the whole picture.

listener
  • 47
  • 7
  • Hi! Parse Server already has an implementation of Session to manage your users, please check this documentation: https://docs.parseplatform.org/rest/guide/#validating-session-tokens--retrieving-current-user – nataliec Aug 07 '19 at 12:51
  • To logout your users, please check this URL: https://docs.parseplatform.org/rest/guide/#deleting-sessions – nataliec Aug 07 '19 at 12:51
  • Thanks. Unfortunately I don't understand the documention. I' m learning and need input like this [log in](https://www.back4app.com/docs/javascript/parse-login-javascript) – listener Aug 07 '19 at 13:09
  • I can't find the comand getting the user object. req.??? – listener Aug 07 '19 at 13:24
  • To get the user, have you tried req.user? – nataliec Aug 07 '19 at 13:44
  • yes, req.user is undefined. – listener Aug 07 '19 at 14:36
  • In order to log out, you just need to call `Parse.User.logOut()`. Take a look in this link: https://docs.parseplatform.org/js/guide/#current-user – Davi Macêdo Aug 07 '19 at 19:09
  • @DaviMacêdo the console says Parse.User is null. Parse.User.logout() doesn't work. – listener Aug 08 '19 at 11:30
  • Can you share how you are installing the Parse SDK? – Davi Macêdo Aug 08 '19 at 16:14
  • I've just seen your other question and I noticed you are using Back4App from a Node.js application and you are requiring `parse/node` package to a var called back4app. So, In order to log out, you should call `back4app.logOut({ sessionToken });` – Davi Macêdo Aug 08 '19 at 16:25
  • @DaviMacêdo, The console says: back4app.logout is not a function. with back4app.User.logout(...) I get no error... how can I test, if the logout is successful? I have assumed, the session would be deleted on back4app.com. That's not the case. – listener Aug 09 '19 at 10:19
  • Sorry. I sent it wrong to you before. The right would be `back4app.User.logOut({ sessionToken });`. The session that you passed should be deleted from the database. Other sessions from the same user can continue existing. Can you try to clean the session collection and do a test 1 - log in 2 - check if there is only one session 3 - log out 4 - test if there is no session? – Davi Macêdo Aug 09 '19 at 16:07
  • just to be clear, `sessionToken` should be a var containing the session token that you want to destroy: `back4app.User.logOut({ sessionToken: yourSessionToken });` – Davi Macêdo Aug 09 '19 at 16:09
  • thanks, logout works as expected with back4app.User.logOut({ sessionToken: yourSessionToken }); – listener Aug 12 '19 at 05:58

0 Answers0