@@ -211,17 +211,15 @@ RestWrite.prototype.validateAuthData = function() {
211211 }
212212
213213 var authData = this . data . authData ;
214- var anonData = this . data . authData . anonymous ;
215-
216- if ( this . config . enableAnonymousUsers === true && ( anonData === null ||
217- ( anonData && anonData . id ) ) ) {
218- return this . handleAnonymousAuthData ( ) ;
219- }
220-
221- // Not anon, try other providers
222214 var providers = Object . keys ( authData ) ;
223- if ( ! anonData && providers . length == 1 ) {
215+ if ( providers . length == 1 ) {
216+
224217 var provider = providers [ 0 ] ;
218+ if ( provider == 'anonymous' && ! this . config . enableAnonymousUsers ) {
219+ throw new Parse . Error ( Parse . Error . UNSUPPORTED_SERVICE ,
220+ 'This authentication method is unsupported.' ) ;
221+ }
222+
225223 var providerAuthData = authData [ provider ] ;
226224 var hasToken = ( providerAuthData && providerAuthData . id ) ;
227225 if ( providerAuthData === null || hasToken ) {
@@ -232,55 +230,8 @@ RestWrite.prototype.validateAuthData = function() {
232230 'This authentication method is unsupported.' ) ;
233231} ;
234232
235- RestWrite . prototype . handleAnonymousAuthData = function ( ) {
236- var anonData = this . data . authData . anonymous ;
237- if ( anonData === null && this . query ) {
238- // We are unlinking the user from the anonymous provider
239- this . data . _auth_data_anonymous = null ;
240- return ;
241- }
242-
243- // Check if this user already exists
244- return this . config . database . find (
245- this . className ,
246- { 'authData.anonymous.id' : anonData . id } , { } )
247- . then ( ( results ) => {
248- if ( results . length > 0 ) {
249- if ( ! this . query ) {
250- // We're signing up, but this user already exists. Short-circuit
251- delete results [ 0 ] . password ;
252- this . response = {
253- response : results [ 0 ] ,
254- location : this . location ( )
255- } ;
256- return ;
257- }
258-
259- // If this is a PUT for the same user, allow the linking
260- if ( results [ 0 ] . objectId === this . query . objectId ) {
261- // Delete the rest format key before saving
262- delete this . data . authData ;
263- return ;
264- }
265-
266- // We're trying to create a duplicate account. Forbid it
267- throw new Parse . Error ( Parse . Error . ACCOUNT_ALREADY_LINKED ,
268- 'this auth is already used' ) ;
269- }
270-
271- // This anonymous user does not already exist, so transform it
272- // to a saveable format
273- this . data . _auth_data_anonymous = anonData ;
274-
275- // Delete the rest format key before saving
276- delete this . data . authData ;
277- } )
278-
279- } ;
280-
281233RestWrite . prototype . handleOAuthAuthData = function ( provider ) {
282234 var authData = this . data . authData [ provider ] ;
283-
284235 if ( authData === null && this . query ) {
285236 // We are unlinking from the provider.
286237 this . data [ "_auth_data_" + provider ] = null ;
@@ -298,7 +249,6 @@ RestWrite.prototype.handleOAuthAuthData = function(provider) {
298249 var validateAuthData ;
299250 var validateAppId ;
300251
301-
302252 if ( oauth [ provider ] ) {
303253 validateAuthData = oauth [ provider ] . validateAuthData ;
304254 validateAppId = oauth [ provider ] . validateAppId ;
@@ -343,37 +293,36 @@ RestWrite.prototype.handleOAuthAuthData = function(provider) {
343293 query , { } ) ;
344294 } ) . then ( ( results ) => {
345295 this . storage [ 'authProvider' ] = provider ;
346- if ( results . length > 0 ) {
347- if ( ! this . query ) {
348- // We're signing up, but this user already exists. Short-circuit
349- delete results [ 0 ] . password ;
350- this . response = {
351- response : results [ 0 ] ,
352- location : this . location ( )
353- } ;
354- this . data . objectId = results [ 0 ] . objectId ;
355- return ;
356- }
357-
358- // If this is a PUT for the same user, allow the linking
359- if ( results [ 0 ] . objectId === this . query . objectId ) {
360- // Delete the rest format key before saving
361- delete this . data . authData ;
362- return ;
363- }
364- // We're trying to create a duplicate oauth auth. Forbid it
365- throw new Parse . Error ( Parse . Error . ACCOUNT_ALREADY_LINKED ,
296+
297+ // Put the data in the proper format
298+ this . data [ "_auth_data_" + provider ] = authData ;
299+
300+ if ( results . length == 0 ) {
301+ // this a new user
302+ this . data . username = cryptoUtils . newToken ( ) ;
303+ } else if ( ! this . query ) {
304+ // Login with auth data
305+ // Short circuit
306+ delete results [ 0 ] . password ;
307+ this . response = {
308+ response : results [ 0 ] ,
309+ location : this . location ( )
310+ } ;
311+ this . data . objectId = results [ 0 ] . objectId ;
312+ } else if ( this . query && this . query . objectId ) {
313+ // Trying to update auth data but users
314+ // are different
315+ if ( results [ 0 ] . objectId !== this . query . objectId ) {
316+ delete this . data [ "_auth_data_" + provider ] ;
317+ console . log ( "alerady linked!" ) ;
318+ throw new Parse . Error ( Parse . Error . ACCOUNT_ALREADY_LINKED ,
366319 'this auth is already used' ) ;
320+ }
367321 } else {
368- this . data . username = cryptoUtils . newToken ( ) ;
322+
323+ delete this . data [ "_auth_data_" + provider ] ;
324+ throw new Parse . Error ( Parse . Error . INTERNAL_SERVER_ERROR , 'THis should not be reached...' ) ;
369325 }
370-
371- // This FB auth does not already exist, so transform it to a
372- // saveable format
373- this . data [ "_auth_data_" + provider ] = authData ;
374-
375- // Delete the rest format key before saving
376- delete this . data . authData ;
377326 } ) ;
378327}
379328
@@ -780,6 +729,10 @@ RestWrite.prototype.runDatabaseOperation = function() {
780729 if ( this . data . ACL && this . data . ACL [ '*unresolved' ] ) {
781730 throw new Parse . Error ( Parse . Error . INVALID_ACL , 'Invalid ACL.' ) ;
782731 }
732+
733+ if ( this . className === '_User' ) {
734+ delete this . data . authData ;
735+ }
783736
784737 if ( this . query ) {
785738 // Run an update
0 commit comments