taivo · February 1, 2017 21:32 · antonellopasella · Feb 5, 2016
diff --git a/parse-com-anon-auth.js b/parse-com-anon-auth.js
 //This is my hackish way to use methods that are already in Parse JS SDK v1.5
 //to logIn as an anonymous user. Hackish because it relies on internal methods
 //that starts with an underscore and thus subject to change. In any case, it
 //helped me move passed authentication and on to the main parts of my project
 //and I hope it helps you too.

 Parse._getInstallationId().done(
  function(installationId){
 	 //
 	 // use installation id because it's already a UUID
 	 // and Parse SDK will take care of persisting it in localStorage
 	 return Parse.User._logInWith('anonymous', {authData: {
        id: installationId
    }}); 
  }
 )

 //
 // For Parse jssdk 1.6. After upgraded from 1.5 to 1.6, I ran into "TypeError: provider is undefined"
 // when attempting to login an anonymous user. v1.5 was able to accept anonymous provider simply
 // as the string 'anonymous' but v1.6 seems to require that an actual authenticator exists on the client side.
 // Use the following function before any user or session related activity, preferably right after initialzing Parse. 
 // This function registers an anonymous authenticator.
 // The security-related aspect of authentication is still done on the server. This function merely
 // satifies v1.6's client-side interface
 function patchEnableAnonAuth(){
 	//upgrading Parse jssdk from 1.5 to 1.6 resulted in problem with logging in anonymous user.
 	//v1.5 code flow didn't require that an anonymous auth provider exist, v1.6 does.
 	//so we create an anonymous provider here that does nothing
 	var anonAuthProvider = {
 		getAuthType: function(){return 'anonymous'},
 		restoreAuthentication: function(){return true},
 	};
 	Parse.User._registerAuthenticationProvider(anonAuthProvider);
 };


 //
 //Note: when an anonymous user signs up, we promote an anonymous user to a regular user. 
 //Anonymous authData remains in the Parse.User db. This means anonymous login will still 
 //be a valid way to gain access to data that are technically protected by password. Prevent
 //this by removing anonymous authData upon user promotion. Do something like below.
 //Also, use role to control access to sensitive data.

 Parse.Cloud.beforeSave(Parse.User, function(req, res){
  var user = req.object;
  if(!user.isNew() && user.isAnonymous()){ //define isAnonymous() in your own impl.
    var isEmailSignup  = user.dirty('username') && user.dirty('email');
    var isSocialSignup = user.dirty('authData');
    
    //define asyncAddRole and asyncRemoveRole in your own impl.
    Parse.Promise.when( asyncAddRole(user, 'StandardUser'), asyncRemoveRole(user, 'AnonymousUser')).then(function(){
 				var newAuthData = user.get('authData');
 				newAuthData.anonymous = null;
 				user.set({authData:newAuthData}); //remove the anonymous authData
 				res.success();
    }
  }
 }
	//This is my hackish way to use methods that are already in Parse JS SDK v1.5
	//to logIn as an anonymous user. Hackish because it relies on internal methods
	//that starts with an underscore and thus subject to change. In any case, it
	//helped me move passed authentication and on to the main parts of my project
	//and I hope it helps you too.

	Parse._getInstallationId().done(
	function(installationId){
	//
	// use installation id because it's already a UUID
	// and Parse SDK will take care of persisting it in localStorage
	return Parse.User._logInWith('anonymous', {authData: {
	id: installationId
	}});
	}
	)

	//
	// For Parse jssdk 1.6. After upgraded from 1.5 to 1.6, I ran into "TypeError: provider is undefined"
	// when attempting to login an anonymous user. v1.5 was able to accept anonymous provider simply
	// as the string 'anonymous' but v1.6 seems to require that an actual authenticator exists on the client side.
	// Use the following function before any user or session related activity, preferably right after initialzing Parse.
	// This function registers an anonymous authenticator.
	// The security-related aspect of authentication is still done on the server. This function merely
	// satifies v1.6's client-side interface
	function patchEnableAnonAuth(){
	//upgrading Parse jssdk from 1.5 to 1.6 resulted in problem with logging in anonymous user.
	//v1.5 code flow didn't require that an anonymous auth provider exist, v1.6 does.
	//so we create an anonymous provider here that does nothing
	var anonAuthProvider = {
	getAuthType: function(){return 'anonymous'},
	restoreAuthentication: function(){return true},
	};
	Parse.User._registerAuthenticationProvider(anonAuthProvider);
	};


	//
	//Note: when an anonymous user signs up, we promote an anonymous user to a regular user.
	//Anonymous authData remains in the Parse.User db. This means anonymous login will still
	//be a valid way to gain access to data that are technically protected by password. Prevent
	//this by removing anonymous authData upon user promotion. Do something like below.
	//Also, use role to control access to sensitive data.

	Parse.Cloud.beforeSave(Parse.User, function(req, res){
	var user = req.object;
	if(!user.isNew() && user.isAnonymous()){ //define isAnonymous() in your own impl.
	var isEmailSignup = user.dirty('username') && user.dirty('email');
	var isSocialSignup = user.dirty('authData');

	//define asyncAddRole and asyncRemoveRole in your own impl.
	Parse.Promise.when( asyncAddRole(user, 'StandardUser'), asyncRemoveRole(user, 'AnonymousUser')).then(function(){
	var newAuthData = user.get('authData');
	newAuthData.anonymous = null;
	user.set({authData:newAuthData}); //remove the anonymous authData
	res.success();
	}
	}
	}