Description
New Issue Checklist
- I am not disclosing a vulnerability.
- I am not just asking a question.
- I have searched through existing issues.
- I can reproduce the issue with the latest version of Parse Server.
Issue Description
After adding the LiveQuery server and set it to watch _Session class in the config.json to start the server, If you are already logged in you get live updated from the session without any issue, but if you are logged out and you try to log in you won't be able to do it.
Steps to reproduce
Add the _Session class to the LiveQuery server:
"liveQuery": {
"classNames": ["_Session"]
},
"startLiveQueryServer": true,
Actual Outcome
You get the following error on the server :
error: Uncaught internal server error. Cannot modify readonly attribute: sessionToken
Expected Outcome
Perform log-in without any issues.
Failing Test Case / Pull Request
- 🤩 I submitted a PR with a fix and a test case.
- 🧐 I submitted a PR with a failing test case.
Environment
Server
- Parse Server version:
4.5.0 - Operating system:
Windows 10 x64 - Local or remote host (AWS, Azure, Google Cloud, Heroku, Digital Ocean, etc):
Local
Database
- System (MongoDB or Postgres):
MongoDB - Database version:
FILL_THIS_OUT - Local or remote host (MongoDB Atlas, mLab, AWS, Azure, Google Cloud, etc):
MongoDB Atlas
Client
- SDK (iOS, Android, JavaScript, PHP, Unity, etc):
Android - SDK version:
1.26.0
Logs
info: Parse LiveQuery Server starts running
verbose: REQUEST for [POST] /parse/functions/loginWithPhone: {
"password": "",
"phone": "+1700000001"
} {"method":"POST","url":"/parse/functions/loginWithPhone","headers":{"x-parse-application-id":"SCWASRTWK9Y6AVMP3KFC","x-parse-app-build-version":"1","x-parse-app-display-version":"1.0","x-parse-os-version":"10","user-agent":"Parse Android SDK API Level 29","x-parse-installation-id":"06c35639-ef7c-4df3-b057-922e0955c689","x-parse-client-key":"FS3D2F1SDFS5DF46S5DF41SD2F13S2D1FS32DF1S3DF41S4F6E5SDF41","content-type":"application/json","content-length":"44","host":"10.0.2.2:1337","connection":"Keep-Alive","accept-encoding":"gzip"},"body":{"password":"","phone":"+1700000001"}}
verbose: REQUEST for [GET] /parse/classes/_User: {
"where": {
"phone": +1700000001
},
"limit": 1
} {"method":"GET","url":"/parse/classes/_User","headers":{"user-agent":"node-XMLHttpRequest, Parse/js2.19.0 (NodeJS 14.2.0)","accept":"/","content-type":"text/plain","host":"localhost:1337","content-length":"230","connection":"close"},"body":{"where":{"phone":+1700000001},"limit":1}}
verbose: RESPONSE from [GET] /parse/classes/_User: {
"response": {
"results": [
{
"objectId": "XdyHYUS9X3",
"email": "[email protected]",
"username": "username2",
"createdAt": "2021-08-01T20:43:49.796Z",
"updatedAt": "2021-08-15T20:31:24.364Z",
"isBanned": false,
"firstName": "firstname",
"lastName": "lastname",
"phone": +1700000001,
"_failed_login_count": 0,
"_account_lockout_expires_at": "2021-08-10T18:18:35.586Z",
"ACL": {
"": {
"read": true
},
"XdyHYUS9X3": {
"read": true,
"write": true
}
}
}
]
}
} {"result":{"response":{"results":[{"objectId":"XdyHYUS9X3","email":"[email protected]","username":"username2","createdAt":"2021-08-01T20:43:49.796Z","updatedAt":"2021-08-15T20:31:24.364Z","isBanned":false,"firstName":"phone name","lastName":"test","phone":+1700000001,"_failed_login_count":0,"_account_lockout_expires_at":"2021-08-10T18:18:35.586Z","ACL":{"":{"read":true},"XdyHYUS9X3":{"read":true,"write":true}}}]}}}
verbose: REQUEST for [GET] /parse/login: {
"username": "username2",
"password": ""
} {"method":"GET","url":"/parse/login","headers":{"user-agent":"node-XMLHttpRequest, Parse/js2.19.0 (NodeJS 14.2.0)","accept":"/","content-type":"text/plain","host":"localhost:1337","content-length":"231","connection":"close"},"body":{"username":"username2","password":""}}
USERNAME USED IS +++++++++++++++ username2
info: beforeLogin triggered for _User for user undefined:
Input: {"email":"[email protected]","username":"username2","createdAt":"2021-08-01T20:43:49.796Z","updatedAt":"2021-08-15T20:31:24.364Z","isBanned":false,"firstName":"phone name","lastName":"test","phone":+1700000001,"ACL":{"*":{"read":true},"XdyHYUS9X3":{"read":true,"write":true}},"objectId":"XdyHYUS9X3"}
Result: {} {"className":"_User","triggerType":"beforeLogin"}
error: Uncaught internal server error. Cannot modify readonly attribute: sessionToken {"stack":"Error: Cannot modify readonly attribute: sessionToken\n at ParseSession.set (C:\Users\USERNAME\AppData\Roaming\npm\node_modules\parse-server\node_modules\parse\lib\node\ParseObject.js:1003:15)\n at RestWrite.buildUpdatedObject (C:\Users\USERNAME\AppData\Roaming\npm\node_modules\parse-server\lib\RestWrite.js:1435:17)\n at RestWrite.runAfterSaveTrigger (C:\Users\USERNAME\AppData\Roaming\npm\node_modules\parse-server\lib\RestWrite.js:1364:30)\n at C:\Users\USERNAME\AppData\Roaming\npm\node_modules\parse-server\lib\RestWrite.js:133:17\n at processTicksAndRejections (internal/process/task_queues.js:97:5)\n at async UsersRouter.handleLogIn (C:\Users\USERNAME\AppData\Roaming\npm\node_modules\parse-server\lib\Routers\UsersRouter.js:244:5)"}
Error: Cannot modify readonly attribute: sessionToken
at ParseSession.set (C:\Users\USERNAME\AppData\Roaming\npm\node_modules\parse-server\node_modules\parse\lib\node\ParseObject.js:1003:15)
at RestWrite.buildUpdatedObject (C:\Users\USERNAME\AppData\Roaming\npm\node_modules\parse-server\lib\RestWrite.js:1435:17)
at RestWrite.runAfterSaveTrigger (C:\Users\USERNAME\AppData\Roaming\npm\node_modules\parse-server\lib\RestWrite.js:1364:30)
at C:\Users\USERNAME\AppData\Roaming\npm\node_modules\parse-server\lib\RestWrite.js:133:17
at processTicksAndRejections (internal/process/task_queues.js:97:5)
at async UsersRouter.handleLogIn (C:\Users\USERNAME\AppData\Roaming\npm\node_modules\parse-server\lib\Routers\UsersRouter.js:244:5)