Cannot create a new session without app credentials

ConnectyCube / connectycube-reactnative-samples

Chat and Video Chat code samples for React Native, ConnectyCube

https://connectycube.com

Apache License 2.0

125 stars 111 forks source link

Cannot create a new session without app credentials #111

Closed zicodeng closed 4 years ago

zicodeng commented 4 years ago

Hi, I am following the guide to initialize ConnectyCube with existing token: https://developers.connectycube.com/js/?id=initialize-with-existing-token

The token is sent from backend and I verified it by calling https://api.connectycube.com/login

However, when I pass this token to the init function, it complains Cannot create a new session without app credentials (app ID, auth key and auth secret

Lib version: 3.6.0

Any ideas? Thanks in advance!

banshiAnton commented 4 years ago

Hi @zicodeng, maybe session is expired. It will work only if session with token is not expired

After this you need to create new session with credentials

zicodeng commented 4 years ago

Hi @banshiAnton, thanks for your reply. That doesn't seem possible because the client always sends a request to server for a new token, and the server will respond immediately 🤔

This is how my backend generates the token:

const nonce = new Date().getTime() / 1000;
const timestamp = new Date().getTime() / 1000;
// Signature is created based on this guide:
// https://developers.connectycube.com/server/auth?id=how-to-generate-a-39signature39-parameter
const signature = crypto
 .createHmac('sha1', CB_AUTH_SECRET)
 .update(`application_id=${CB_APP_ID}&auth_key=${CB_AUTH_KEY}&nonce=${nonce}&timestamp=${timestamp}`)
 .digest('hex');

const res = await this.post(`${BASE_CB_URL}/session`, {
  application_id: CB_APP_ID,
  auth_key: CB_AUTH_KEY,
  nonce,
  timestamp,
  signature,
});

return res.session.token

This is how my frontend uses the token to initialize ConnectyCube

this.CB.init({
  appId: CB_APP_ID,
  token
});

Did I miss anything?

DaveLomber commented 4 years ago

@zicodeng @banshiAnton the mentioned error is raised from createSession method. Simply do not call it in you case cause you already have a token, hence do not need to create session

zicodeng commented 4 years ago

@DaveLomber Sorry, I am still a little confused. Are you suggesting I should not call this.CB.init? The createSession method lives in the backend, not frontend. The error is thrown from init method not createSession

DaveLomber commented 4 years ago

According the latest SDK version code, the error is raised from createSession method

  createSession(params) {
    if (config.creds.appId === '' ||
      config.creds.authKey === '' ||
      config.creds.authSecret === '') {
      throw new Error(
        'Cannot create a new session without app credentials (app ID, auth key and auth secret)'
      )
    }

...

Could you please double check then you do not call createSession API in any places of your app, cause init method should not throw any errors like this

Also please make sure the token is not null here:

this.CB.init({
  appId: CB_APP_ID,
  token
});

zicodeng commented 4 years ago

@DaveLomber thanks for checking the source code. I indeed called createSession. I thought that one is for creating user session. What should I really do is to upgrade app session to user session by callingthis.CB.login

Thanks a ton for your help!