well, error stack I see in console is:
Backendless._ajax_for_browser @backendless.js:384
find @backendless.js:1120
findById @backendless.js:1171
getCurrentUser @backendless.js:1727
I bet that user does not have the “superAdmin” role, does he?
If not, I see what’s going on now. The problem is the permission settings in your app allow user object retrieval only for “ServerCodeUser” and “superAdmin” roles. The implementation of getCurrentUser() retrieves the user object from the server using the Backendless.Data.of(User).findById API: https://github.com/Backendless/JS-SDK/blob/master/libs/backendless.js#L1727
Since the API is blocked, you’re not getting the object back. I think the best course of action would be to override the getCurrentUser implementation in your app and persist the entire user object on the client side. (or restrict persistent logins, which does not sound good).
Yes, this user is without superAdmin role.
It’s not quite clear for me, why functioning is broken when session expired and why error message is about “Session timeout”
Did you take a look at the implementation of getCurrentUser()? The code attempts to retrieve the user object by using the API which is blocked by your security settings.
I am not sure why the error message says session timeout, it appears like a secondary (non-core) issue at the moment.
Hmm, nope, I’m not convinced yet. Although I’ll try debug it later.
My question was and still is - about why when session is expired (it really is expired, I wasn’t logged for quite some time) I still get true on isvalidusertoken. So in my current situation I just added now try catch block around Backendless.UserService.getCurrentUser(); and add check for expired session - and show login dialog in that case
I am not convinced that the session is expired… To me it looks like a misleading error message. When I tried retrieving a user in your app, I got an error message saying the permissions do not allow it.
I see. But if your version is right, then I wouldn’t be able to successfully call Backendless.UserService.getCurrentUser() although now, after I logged-in, it work
Ok, let me try again.
I’m telling you - it’s problem with session expiration and isvalidtoken wrongfully returning “true”.
And it’s have nothing to do with my roles setup. Login config - maybe.
I created NEW application, configured login settings like this:
enable multiple logins (16)
enable session timeout (120 sec) - extremely short for quick demo.
generated code for login demo (just added console.log("getCurrentUser: " + Backendless.UserService.getCurrentUser()); after login)
Logged in with “remember me” option. And after a couple of minutes I got same error about session expiration
I guess this thread isn’t monitored by devs since it’s marked as Solved, I’ll wait some more and will create another topic with copy of my latest reply