taivo/parse-com-anon-auth.js

## parse-com-anon-auth.js
//This is my hackish way to use methods that are already in Parse JS SDK v1.5
//to logIn as an anonymous user. Hackish because it relies on internal methods
//that starts with an underscore and thus subject to change. In any case, it
//helped me move passed authentication and on to the main parts of my project
//and I hope it helps you too.

Parse._getInstallationId().done(
  function(installationId){
 	 //
 	 // use installation id because it's already a UUID
 	 // and Parse SDK will take care of persisting it in localStorage
 	 return Parse.User._logInWith('anonymous', {authData: {
        id: installationId
    }});
  }
)

//
// For Parse jssdk 1.6. After upgraded from 1.5 to 1.6, I ran into "TypeError: provider is undefined"
// when attempting to login an anonymous user. v1.5 was able to accept anonymous provider simply
// as the string 'anonymous' but v1.6 seems to require that an actual authenticator exists on the client side.
// Use the following function before any user or session related activity, preferably right after initialzing Parse.
// This function registers an anonymous authenticator.
// The security-related aspect of authentication is still done on the server. This function merely
// satifies v1.6's client-side interface
function patchEnableAnonAuth(){
	//upgrading Parse jssdk from 1.5 to 1.6 resulted in problem with logging in anonymous user.
	//v1.5 code flow didn't require that an anonymous auth provider exist, v1.6 does.
	//so we create an anonymous provider here that does nothing
	var anonAuthProvider = {
		getAuthType: function(){return 'anonymous'},
		restoreAuthentication: function(){return true},
	};
	Parse.User._registerAuthenticationProvider(anonAuthProvider);
};


//
//Note: when an anonymous user signs up, we promote an anonymous user to a regular user.
//Anonymous authData remains in the Parse.User db. This means anonymous login will still
//be a valid way to gain access to data that are technically protected by password. Prevent
//this by removing anonymous authData upon user promotion. Do something like below.
//Also, use role to control access to sensitive data.

Parse.Cloud.beforeSave(Parse.User, function(req, res){
  var user = req.object;
  if(!user.isNew() && user.isAnonymous()){ //define isAnonymous() in your own impl.
    var isEmailSignup  = user.dirty('username') && user.dirty('email');
    var isSocialSignup = user.dirty('authData');

    //define asyncAddRole and asyncRemoveRole in your own impl.
    Parse.Promise.when( asyncAddRole(user, 'StandardUser'), asyncRemoveRole(user, 'AnonymousUser')).then(function(){
				var newAuthData = user.get('authData');
				newAuthData.anonymous = null;
				user.set({authData:newAuthData}); //remove the anonymous authData
				res.success();
    }
  }
}
	//This is my hackish way to use methods that are already in Parse JS SDK v1.5
	//to logIn as an anonymous user. Hackish because it relies on internal methods
	//that starts with an underscore and thus subject to change. In any case, it
	//helped me move passed authentication and on to the main parts of my project
	//and I hope it helps you too.

	Parse._getInstallationId().done(
	function(installationId){
	//
	// use installation id because it's already a UUID
	// and Parse SDK will take care of persisting it in localStorage
	return Parse.User._logInWith('anonymous', {authData: {
	id: installationId
	}});
	}
	)

	//
	// For Parse jssdk 1.6. After upgraded from 1.5 to 1.6, I ran into "TypeError: provider is undefined"
	// when attempting to login an anonymous user. v1.5 was able to accept anonymous provider simply
	// as the string 'anonymous' but v1.6 seems to require that an actual authenticator exists on the client side.
	// Use the following function before any user or session related activity, preferably right after initialzing Parse.
	// This function registers an anonymous authenticator.
	// The security-related aspect of authentication is still done on the server. This function merely
	// satifies v1.6's client-side interface
	function patchEnableAnonAuth(){
	//upgrading Parse jssdk from 1.5 to 1.6 resulted in problem with logging in anonymous user.
	//v1.5 code flow didn't require that an anonymous auth provider exist, v1.6 does.
	//so we create an anonymous provider here that does nothing
	var anonAuthProvider = {
	getAuthType: function(){return 'anonymous'},
	restoreAuthentication: function(){return true},
	};
	Parse.User._registerAuthenticationProvider(anonAuthProvider);
	};


	//
	//Note: when an anonymous user signs up, we promote an anonymous user to a regular user.
	//Anonymous authData remains in the Parse.User db. This means anonymous login will still
	//be a valid way to gain access to data that are technically protected by password. Prevent
	//this by removing anonymous authData upon user promotion. Do something like below.
	//Also, use role to control access to sensitive data.

	Parse.Cloud.beforeSave(Parse.User, function(req, res){
	var user = req.object;
	if(!user.isNew() && user.isAnonymous()){ //define isAnonymous() in your own impl.
	var isEmailSignup = user.dirty('username') && user.dirty('email');
	var isSocialSignup = user.dirty('authData');

	//define asyncAddRole and asyncRemoveRole in your own impl.
	Parse.Promise.when( asyncAddRole(user, 'StandardUser'), asyncRemoveRole(user, 'AnonymousUser')).then(function(){
	var newAuthData = user.get('authData');
	newAuthData.anonymous = null;
	user.set({authData:newAuthData}); //remove the anonymous authData
	res.success();
	}
	}
	}