bugfix: hook 函数 AV.User.current() 方法未能正确获取 User 对象

Author: sdjcw

lib/leanengine.js

@@ -171,16 +171,19 @@ Cloud.use('/__engine/1/ping', function(req, res) {
     // parseUserInfo
     Cloud.use(route, function(req, res, next) {
       if (req.AV.sessionToken && req.AV.sessionToken !== '') {
-        logInBySessionToken(req.AV.sessionToken, function(err, user) {
-          if (err) {
-            throw err;
+        AV.User.become(req.AV.sessionToken, {
+          success: function(user) {
+            req.AV.user = user;
+            next();
+          },
+          error: function(user, err) {
+            next(err)
           }
-          req.AV.user = user;
-          return next();
         });
       } else if (req.body.user) {
         var userObj = new AV.User();
         userObj._finishFetch(req.body.user, true);
+        AV.User._saveCurrentUser(userObj);
         req.AV.user = userObj;
         return next();
       } else {
@@ -216,6 +219,7 @@ Cloud.use('/__engine/1/ping', function(req, res) {
         var userObj = new AV.User();
         if (split[1] === 'onVerified') {
           userObj._finishFetch(req.body.object, true);
+          AV.User._saveCurrentUser(userObj);
           onVerified(split[2], userObj);
           cb(null, 'ok');
 
@@ -232,6 +236,10 @@ Cloud.use('/__engine/1/ping', function(req, res) {
         }
       }
     });
+
+    Cloud.use(route, function(err, req, res, next) {
+      respError(res, err);
+    })
   });
 });
 
@@ -470,23 +478,6 @@ AV.BigQuery.on = function(action, func) {
   Cloud.define('__on_complete_bigquery_job', func);
 };
 
-var logInBySessionToken = function(sessionToken, cb) {
-  var user = AV.Object._create("_User");
-  user._finishFetch({ session_token: sessionToken });
-  options = {
-    success: function(user) {
-      if (user) {
-        delete user._serverData.session_token;
-      }
-      cb(null, user);
-    },
-    error: function(user, err) {
-      cb(err);
-    }
-  };
-  user.logIn(options);
-};
-
 Cloud.logInByIdAndSessionToken = function(uid, sessionToken, fetch, cb) {
   var user;
   user = new AV.User();

test/function_test.js

@@ -57,6 +57,7 @@ AV.Cloud.define('testUser', function(request, response) {
   assert.equal(request.user.className, '_User');
   assert.equal(request.user.id, '54fd6a03e4b06c41e00b1f40');
   assert.equal(request.user.get('username'), 'admin');
+  assert.equal(request.user, AV.User.current());
   response.success("ok");
 });
 
@@ -307,6 +308,21 @@ describe('functions', function() {
       .expect(200, done);
   });
 
+  // 无效 sessionToken 测试
+  it('testUser_invalid_sessionToken', function(done) {
+    this.timeout(5000);
+    request(AV.Cloud)
+      .post('/1/functions/testUser')
+      .set('X-AVOSCloud-Application-Id', appId)
+      .set('X-AVOSCloud-Application-Key', appKey)
+      .set('x-avoscloud-session-token', '00000000000000000000')
+      .expect(400)
+      .end(function(err, res) {
+        res.body.should.eql({ code: 1, error: '找不到有效用户。' });
+        done();
+      });
+  });
+
   // 测试调用 run 方法时，传递 user 对象的有效性
   it('testRunWithUser', function(done) {
     this.timeout(5000);

test/hook_test.js

@@ -12,6 +12,7 @@ AV.initialize(appId, appKey, masterKey);
 AV.Cloud.beforeSave("TestClass", function(request, response) {
   if (request.user) {
     assert.equal(request.user.className, '_User');
+    assert.equal(request.user, AV.User.current());
   }
   assert.equal(request.object.className, 'TestClass');
   request.object.set('user', request.user);