On logout of an anonymous user, that user is destroyed hence deleted from the Database. See line 1151 in ParseUser
if (isAnonymous) {
return currentUser.destroy({ sessionToken: currentSession });
}
My question is regarding the design decision.
I understand to remove the Session and remove the user from disk, but I am wondering how come the user is deleted from the User collection. As any other user, the anonymous user can affect other Collections when they interact in the app (I am using it in React Native), and if the user for some reason logs out and the User gets destroyed, it can leave the Database inconsistent.
For example, an Anonymous user does a purchase of a product and that creates an entry in a Purchase Collection that is related to a User. If the anonymous user logs out, that Purchase is left related to a User that doesnât exist anymore.
There is probably a good reason for it and I might be missing something. In one hand I would like to know why, in case I might be doing something wrong and if there is any way around it.
Iâm not sure about the reason (perhaps because this user would not be able to login again?). As an workaround you can create beforeDelete or afterDelete triggers to your User class in order to maintain the database consistency.
Sounds unintuitive to me that an anonymous user is destroyed on logout. If that is really the case and not a bug, then I think this should at least be configurable and have a big warning in the docs.
Iâm not sure about the reason (perhaps because this user would not be able to login again?)
I understand the user would not be able to login again, as it should be, but I would have thought that this would be able to be achieved by deleting the Session, no need to delete the User
As an workaround you can create beforeDelete or afterDelete triggers
Awesome! Thank you so much for the suggestion, for now that is what I am using beforeDelete trigger and respond with an error to prevent the deletion of Users.
I was the one that added the AnonymousUtils to the SDK. Now that I think about it you may be right. If you just use linkWith anonymous instead of AnonymousUtils the user doesnât get deleted.
Iâll open a PR with a fix. Logout doesnât destroy and setCurrentUser should just strip the anonymous user.