Session token without expiry date

[riccardoch]

I use Restricted Session Token on embedded devices and I'd like to remove the expiry date, because I don't want those devices lose the access to the database.
Is it possible?

[flovilmart]

I believe revocable session tokens don't expire automatically by default. If there something you notice that doesn't work?

[riccardoch]

Thanks for the response @flovilmart
Yes, I've noticed that the tokens, on my embedded devices, after a non-specified period, which is not connected to the "expiresAt" field, disappear and my devices are not able to connect to the server anymore. To solve this I've created a way (using cloud code) to create a new session token, when the old one stops to work.

[flovilmart]

Uhm what would be that period? the database's session tokens get flushed? that's very very odd.

[riccardoch]

The period is not the same, so I can't give you a precise answer.
On embedded devices I'm using Restricted Session Token, that is the only difference with other devices.

[flovilmart]

How do you create those restricted session tokens. I've never used them myself.

[riccardoch]

To get a Restricted Session Token you need a working token. For example I create new tokens from my mobile app when I configure new embedded devices.
At first I get the current user session token, then I make a POST request to my Parse Server to get the restricted Session Token.

The resource where I found how to do it:
http://parseplatform.github.io/docs/rest/guide/#creating-sessions

Here is my code in Swift:

func getParseRestrictedSessionToken(userSessionToken: String!, completion: ((success: Bool, error: String, token: String!) -> Void)!) {

    if let userSessionToken = PFUser.currentUser()?.sessionToken {

        let data: [String: String] = ["deviceType":"embedded"]

        if NSJSONSerialization.isValidJSONObject(data) {
            do {
                let request = NSMutableURLRequest()

                let url = NSURL(string: PARSE_SERVER_URI + "sessions")

                request.URL = url
                request.HTTPMethod = "POST"
                request.addValue(PARSE_APP_ID, forHTTPHeaderField: "X-Parse-Application-Id")
                request.addValue(PARSE_REST_API_KEY, forHTTPHeaderField: "X-Parse-REST-API-Key")
                request.addValue((userSessionToken), forHTTPHeaderField: "X-Parse-Session-Token")
                request.addValue("application/json", forHTTPHeaderField: "Content-Type")
                request.addValue("application/json", forHTTPHeaderField: "Accept")
                request.HTTPBody = try NSJSONSerialization.dataWithJSONObject(data, options:  NSJSONWritingOptions(rawValue:0))

                let task = NSURLSession.sharedSession().dataTaskWithRequest(request, completionHandler: { (data, response, error) in

                    if error != nil {
                        let success = false
                        completion(success: success, error: (error?.localizedDescription)!, token: nil)
                    }
                    else{

                        // JSON
                        do {
                            let jsonResult = try NSJSONSerialization.JSONObjectWithData(data!, options: []) as! [String: AnyObject]

                            var sessionToken: String = ""
                            if let token = jsonResult["sessionToken"] as? String {
                                sessionToken = token
                            }

                            var error = ""
                            if let err = jsonResult["error"] as? String {
                                error = err
                            }

                            let success = true
                            completion(success: success, error: error, token: sessionToken)

                        }
                        catch{}
                    }
                })
                task.resume()
            }
            catch{}
        }
    }
}

Here is my code in Python:

def getRestrictedSessionToken(currentUserToken):

    restrictedToken = None
    error = None

    try:
        connection = httplib.HTTPSConnection(ParseServer.SERVER_URI, ParseServer.PORT)
        connection.connect()
        connection.request('POST', '/parse/sessions', '', {
           "X-Parse-Application-Id": ParseServer.APP_ID,
           "X-Parse-REST-API-Key": ParseServer.REST_API_KEY,
           "X-Parse-Session-Token": currentUserToken
           "Content-Type": "application/json"
         })
        result = json.loads(connection.getresponse().read())
        print result

        if "sessionToken" in result:
            restrictedToken = result["sessionToken"]
        elif "code" in result and "error" in result:
            error = result

    except Exception, e:
        error = str(e)
        print error

    return restrictedToken, error