Fooled by parse. I thought that I could query by sessionToken in order to…

Fooled by parse. I thought that I could query by sessionToken in order to authenticate users on the client end, but it looks like they (rightly) omit the sessionToken from the allowed queryable parameters, and return a list of all users. Removing tests that gave the idea that such thing was possible.

Fooled by parse. I thought that I could query by sessionToken in order to…
Fooled by parse. I thought that I could query by sessionToken in order to authenticate users on the client end, but it looks like they (rightly) omit the sessionToken from the allowed queryable parameters, and return a list of all users. Removing tests that gave the idea that such thing was possible.
9fd21f16 · Raphael Lullis · 2bf6ef91 · 9fd21f16
Commit 9fd21f16 authored Feb 09, 2013 by Raphael Lullis
Show whitespace changes
Inline Side-by-side

Showing with 0 additions and 7 deletions

parse_rest/tests.py
+0 -7

No files found.
--- a/parse_rest/tests.py
+++ b/parse_rest/tests.py
@@ -318,13 +318,6 @@ class TestUser(unittest.TestCase):
        self.assert_(parse_rest.User.Query.where(phone=phone_number).exists(),
                     'Failed to update user data. New info not on Parse')

-    def testCanQueryBySession(self):
-        parse_rest.User.signup(self.username, self.password)
-        logged = parse_rest.User.login(self.username, self.password)
-        queried = parse_rest.User.Query.get(sessionToken=logged.sessionToken)
-        self.assert_(queried.objectId == logged.objectId,
-                     'Could not find user %s by session' % logged.username)
-
 if __name__ == "__main__":
    # command line
    unittest.main()