Is there any way to capture bad session token requests on a remote parse-server app?
Unfortunately, verbose logs for bad session tokens only display a very not verbose error message that an invalid session token was used, whereas all other requests will display the full headers used to make a request. I need to get to those headers so I can identify the x-parse-session-token being sent.
I've discovered I can add some middleware doing something like this:
var myMiddleware = function (req, res, next) {
// extract request headers
next()
}
app.use(myMiddleware)
But I wouldn't yet know if the session token was valid or not at that point, and I don't think it'd be efficient to set up a whole extra middleware checking the validity of every session token that gets passed in.
Any tips on how I could get access to these x-parse-session-token headers for requests that are failing due to bad session tokens would be greatly appreciated.
One hacky way would be to override in your middleware the req.json call.
const myMiddleware = function (req, res, next) {
const json = res.json;
res.json = function(object) {
if (object.code == Parse.Error.INVALID_SESSION_TOKEN) {
// get the session token
const token = req.headers['x-parse-session-token'];
// Invalid token, do something
}
// Forward the response
json.call(res, object);
}
next()
}
server = new ParseServer({
applicationId: YOUR_APP_ID,
/* more options */
middleware: myMiddleware
});
// continue initialization here
This should do the trick what do you think?