`{"message":"unauthorized"}` when using JS SDK with Parse-Server

[mindgrub-jkliphouse]

Environment Setup

My issue is very similar to this one.

I'm using "parse-server": "^2.2.7" with "parse": "^1.8.3".

I forked the Parse-Server-Example and everything works fine locally and on Heroku with the Rest API. As soon as I try to use the javascript sdk I get {"message":"unauthorized"}.

I've tried with and without a javascriptKey, with or without initializing parse, with and without useMasterKey = true.

Steps to reproduce

This curl works:

curl -X GET \ -H "X-Parse-Application-Id: myAppId" \ -H "Content-Type: application/json" \ http://localhost:1337/parse/classes/_User

But this query gets {"message":"unauthorized"}:

```var User = Parse.User; //also tried Parse.Object.extend("_User");

    var query = new Parse.Query(User);
    query.useMasterKey = true; //tried it like this or by passing an object into find
    query.find().then(function(result) {
        if(result != null) console.log(JSON.stringify(result));
        else renderInvalidLogin(res);
    },
    function(error) {
        console.log(JSON.stringify(error));
        renderInvalidLogin(res);
    });```

Logs/Trace

No logs to trace. I'm really at a loss, I posted on SO 2 days and no comments or answers. So I'm posting here. Thanks!

[drew-gross]

You can enable logging using verbose: true in the configuration of your server. Please do that and then post any logs you see.

[mindgrub-jkliphouse]

I've done that and nothing changes. No new logs, just {"message":"unauthorized"} returned from the error function of the above query.

Thanks for the quick response!

[drew-gross]

In that case the error is probably not in Parse Server. Check your SDK initialization to make sure you the right server URL and keys.

[mindgrub-jkliphouse]

Parse.initialize('myAppId', 'unused', 'myMasterKey'); Parse.serverURL = process.env.SERVER_URL || 'http://localhost:1337/parse';

I'm not using a JS key. Is this a good init?

[drew-gross]

As long as that URL, app ID, and master key are all actually correct, then yes that seems fine.

[mindgrub-jkliphouse]

The error is coming from middlewares.js. The req.body contains the correct _ApplicationId but it never gets parsed at line 50 because req.body is a string.

At line 57 req.body._applicationId is undefined and the invalidRequest is returned.

[drew-gross]

That shouldn't be the case. Can you post the JS SDK version you are using and the Parse Server version?

[sdf611097]

Have you try setup jskey on parse-server and init it in jssdk?
This error usually cause by keys not matched

[mindgrub-jkliphouse]

I'm using "parse-server": "^2.2.7" with "parse": "^1.8.3". I tried it with the jskey and still the same.

[mindgrub-jkliphouse]

Looks like the only way I can access is through the REST api.

The Parse-Dashboard is unauthorized as well.

[drew-gross]

Those should work. How did you find out where the error is if you can't see any logs?

[mindgrub-jkliphouse]

I stepped through with the debugger ...

Well, the problem has been found. The 'body-parser' middleware I was using seems to have been mangling the requests.

The jssdk and parse-dashboard are working.

I appreciate your time.