What would be a use-case for initializing users with password? about parsepy HOT 3 CLOSED

My intention was to hide the sessionToken within the User object. That way, all methods that require being logged in (save and delete, for starters) wouldn't need to take the session token as an argument (it would be one more thing for the API user to keep track of).

I'm not sure what you mean about never having access to the user's password, since I imagine this being used as a web frontend to an mobile app, where users would log in. It's true that I had not considered that in most web applications, the user will log in only once, the sessionId (but not password!) will be stored in a persistent database, and then as the user moves around the site he will stay logged in. In that case, the code

u = UserQuery.get(current_user_id)
u.sessionId = current_session_id

Could be used to "log in" the user once for each page.

Anyway, I'm not particularly attached to any version of these methods, and one possibility I could see is that signup and login could take the password argument rather than that ever being stored in attributes (in fact, that's a great idea). Mostly I just thought the code:

u = User("[email protected]", "12345", phone="555-5555")
u.signup()
u.login()
u.phone = "666-6666"
u.save()

Was a bit better than:

u = User.signup("[email protected]", "12345", phone="555-5555")
session = u.login("[email protected]", "12345")
u.phone = "666-6666"
u.save(session)

since it involved typing the username and password only once. Admittedly that's a trivial case.

from parsepy.

hum, ok. We are having slightly different use cases. I'm also working on this library to provide an API for my web service, but I have no need to authenticate them on my side. I just need to get the session key to verify users' identities on Parse. So my "authentication method" consists of actually requesting the session key from the client, querying Parse to see which user has that key, and retrieving the corresponding user data.

My intention was to hide the sessionToken within the User object. That way, all methods that require being logged in (save and delete, for starters) wouldn't need to take the session token as an argument (it would be one more thing for the API user to keep track of).

I like the idea of "needs_session", and keeping the sessionToken with the user is an excellent way to check if s/he is already authenticated. I just don't think that is related at all with the changes on User.signup and User.login.

I could see is that signup and login could take the password argument rather than that ever being stored in attributes (in fact, that's a great idea).

I agree. So much so, it's what I had before. ;) User.login was not returning just session info, rather it was returning all user attributes, including the session key. https://www.parse.com/docs/rest#users-login

I'd like to keep constructors from all "ParseResources" with the single purpose of setting up initial values. This will have the added benefit that whatever comes from Query requests will not require any manipulation.

from parsepy.

I think this is covered by #8.

from parsepy.