fix(directAccess/cloud-code): Pass installationId with LogIn (#6903)

dplewis · web-flow · commit 1246c90e915d · 2020-09-17T11:53:02.000-05:00
InstallationId didn't get passed correctly. Resulting in _Session without installationId https://github.com/parse-community/parse-server/blob/master/src/Routers/UsersRouter.js#L263 * Fixed error with POST /login and req.query is undefined
diff --git a/spec/ParseServerRESTController.spec.js b/spec/ParseServerRESTController.spec.js
@@ -662,4 +662,35 @@ describe('ParseServerRESTController', () => {
         }
       );
   });
+
+  it('ensures logIn is saved with installationId', async () => {
+    const installationId = 'installation123';
+    const user = await RESTController.request(
+      'POST',
+      '/classes/_User',
+      { username: 'hello', password: 'world' },
+      { installationId }
+    );
+    expect(user.sessionToken).not.toBeUndefined();
+    const query = new Parse.Query('_Session');
+    let sessions = await query.find({ useMasterKey: true });
+
+    expect(sessions.length).toBe(1);
+    expect(sessions[0].get('installationId')).toBe(installationId);
+    expect(sessions[0].get('sessionToken')).toBe(user.sessionToken);
+
+    const loggedUser = await RESTController.request(
+      'POST',
+      '/login',
+      { username: 'hello', password: 'world' },
+      { installationId }
+    );
+    expect(loggedUser.sessionToken).not.toBeUndefined();
+    sessions = await query.find({ useMasterKey: true });
+
+    // Should clean up old sessions with this installationId
+    expect(sessions.length).toBe(1);
+    expect(sessions[0].get('installationId')).toBe(installationId);
+    expect(sessions[0].get('sessionToken')).toBe(loggedUser.sessionToken);
+  });
 });
diff --git a/src/ParseServerRESTController.js b/src/ParseServerRESTController.js
@@ -107,6 +107,7 @@ function ParseServerRESTController(applicationId, router) {
           info: {
             applicationId: applicationId,
             sessionToken: options.sessionToken,
+            installationId: options.installationId,
             context: options.context || {}, // Add context
           },
           query,
diff --git a/src/Routers/UsersRouter.js b/src/Routers/UsersRouter.js
@@ -41,8 +41,8 @@ export class UsersRouter extends ClassesRouter {
       // Use query parameters instead if provided in url
       let payload = req.body;
       if (
-        (!payload.username && req.query.username) ||
-        (!payload.email && req.query.email)
+        (!payload.username && req.query && req.query.username) ||
+        (!payload.email && req.query && req.query.email)
       ) {
         payload = req.query;
       }
