Unable to Access applySessionToken()

engelsj · November 10, 2019, 6:21pm

I am currently working on a project that involves verifying a user using an extra verification service. The verification service I am using only requires the user name of the user, so in my login page I only ask for that:

import {getLoginToken} from 'backend/login';
import wixUsers from 'wix-users';
 
export async function continue_click(event) {
  getLoginToken($w("#loginEmail").value)
    .then( (loginResult) => {
 // if approved log the user in with the session token
 if (loginResult.approved) {
        wixUsers.applySessionToken(loginResult.sessionToken);
      }
 // if not approved log a message
 else {
        console.log("User not approved.");
      }
    } );
}

Right now I am just testing this, so I want by backend to just log in the user from their email without providing their password:

import wixUsers from 'wix-users-backend';

export function getLoginToken(email) 
{
 return wixUsers.generateSessionToken(email)
          .then( (sessionToken) => {
 return {"sessionToken": sessionToken, "approved": true};
          } );
}

However, when I try to run this test to login the user automatically provided an email, nothing happens and my frontend does not proceed past the getLoginToken() call. I was wondering what I am doing wrong here as I referenced the API documentation for this test. Any help would be appreciated as I am new to javascript and Wix.

givemeawhisky · November 11, 2019, 11:33am

You can’t just use email only, it needs the password too.
login( ) - Logs a user in based on email and password.

Read the API References for it and it gives you a clear example.
https://www.wix.com/corvid/reference/wix-users-backend.html#login
https://www.wix.com/corvid/reference/wix-users-backend.html#generateSessionToken
https://www.wix.com/corvid/reference/wix-users.html#applySessionToken

Also, note that Wix Users only fully works correctly when you are testing it on a live site, never test it on the preview option only.

engelsj · November 11, 2019, 12:27pm

Thanks for the response. I am still a bit confused about the following bit of code:

wixUsers.generateSessionToken(email)

generateSession() only requires that an email be used to generate a session token for the user to login based on the API. I want to validate the user through my own means and then log them in to the website from just there email, is that possible?

givemeawhisky · November 11, 2019, 2:04pm

@engelsj
Look at the API reference for Wix Users Backend and the generate session token function.
https://www.wix.com/corvid/reference/wix-users-backend.html#generateSessionToken

You can clearly see in the code example for 3rd party authentication that it still has to include the email and password values.

As stated in the function info…
If the specified email address corresponds to an existing member, a session token for logging in that member is generated.
(This existing member will already have their own email and password which you get the values from for use in generating your session token for this code.)

If there is no existing member with the specified email address, a new member is created and a session token for logging in that member is generated. The member is created with a random password.

Examples
Log a user in after 3rd party authentication
This example contains a backend function which uses a 3rd party authentication service to authenticate a user. If the authentication is successful, a session session token is returned to the client-side and used to log in the authenticated user.

/*******************************
* backend code - login.jsw *
*******************************/
import wixUsers from 'wix-users-backend';
import {authBy3rdParty} from 'backend/authentications';

export function getLoginToken(email, password) {
// authenticate using 3rd party
return authBy3rdParty(email, password)
.then( (isAuthenticated) => {
// if authenticated generate and return session token
if(isAuthenticated){
return wixUsers.generateSessionToken(email)
.then( (sessionToken) => {
return {"sessionToken": sessionToken, "approved": true};
} );
}
// if not authenticated return non-approval
return {"approved": false};
} );
}

/*********************************
* client-side login code *
*********************************/
import {getLoginToken} from 'backend/login';
import wixUsers from 'wix-users';

export async function button_onClick(event) {
// call backend function
getLoginToken($w("#email").value, $w("#password").value)
.then( (loginResult) => {
// if approved log the user in with the session token
if (loginResult.approved) {
wixUsers.applySessionToken(loginResult.sessionToken);
}
// if not approved log a message
else {
console.log("User not approved.");
}
} );
}

ronald28659 · April 6, 2021, 11:34am

I’m confused by the documentation and your remarks…

As soon as I call applySessionToken() the user is prompted the login screen and is not logged in as the documentation states.

To generate a session token all you need to provide is the email as parameter.
The password value supplied is only used in the 3rd party service authBy3rdParty ( email , password ) and not in any subsequent Wix functions?

So why is my session token generated, but do I still need a password? Do I always need to call login() before I can call applySessionToken() ?
This is not stated in the documentation, so looking forward for some clarification.

Topic		Replies	Views
wixUsers.generateSessionToken BUG? Ask the community code , wix-members-area , question	5	351	December 29, 2019
Calling Wix-Users-Backend code from mobile device Ask the community code , question	1	432	July 20, 2021
applySessionToken is not a function ERROR? Ask the community code , question	2	126	October 19, 2020
Bug? wixUsers.applySessionToken(sessionToken) Ask the community code , question	6	181	December 9, 2021
API Update: Additions to wix-users-backend Show and tell code , wix-members-area , tips	12	1740	December 24, 2019

Unable to Access applySessionToken()

Related topics