Check if user is logeed

Hello everyone, everything good?

I’m starting with Parse Server. It already contributes with improvements and I’m now deepening my knowledge with Cloud Functions.

I need to perform the following rule in Cloud Function.

The function should check who is authenticated and request an external api for sending SMS.

Can you help me please?

    Parse.Cloud.define('sendsms', function(request, response){
	
	/*
	Check and identified user 
	
	if(user != authenticated)
		return 'Aunauthorized';
	*/
	
	var pin = Math.floor(Math.random() * (99999 - 10000)) + 10000;
	
	/*
	Save class for before verification
	
	const object = new Parse.Object('pinvalues');
	object.set('pin', pin);
	const token = { sessionToken: user.getSessionToken() };
	await object.save(null, token);
	*/

	/// THIS USE EXTERNAL SERVICE TO SEND SMS
	Parse.Cloud.httpRequest({
	  method: 'POST',
	  url: 'https://externalservicesms.com',
	  headers: {
		'Authorization': 'Bearer mysecrettoken',
		'Content-Type': 'application/json',
	  },
	  body: {
		from: '+19072000010',
		to: ['19072120721'],
		body: 'This is your confirmed code ' + pin,
	  }
	}).then(function(httpResponse) {
	  return 'success';
	}, function(httpResponse) {
	  return 'Request failed with response code ' + httpResponse.status;
	});

});

Hey how is everything,

As I said at the beginning, I’m starting with studies at Cloud Functions.

After a while I found the solution that I post below, it can help other people.

I think it’s important to say that I did it and how

But another question arose: is there a Global Keys tool to make the code more secure?

IMPORTANT:

1. The response function doesn’t work, I don’t know if it’s something in my code or an error.

2. The asynchronous function did not work

   Parse.Cloud.define(‘test’, function (request) {

    // Get User Request
    var user = request.user;
    
    // Check if is authenticate
    if(user == null) {
    	return 'not authenticate';
    }
    	
    // Set a random number to future checked
    var pin = Math.floor(Math.random() * (99999 - 10000)) + 10000;
    	
    // Save in data the number 
    const object = new Parse.Object('numberVerified');
    object.set('number', request.params.number);
    object.set('pin', pin);
    const token = { sessionToken: user.getSessionToken() };
    
    // Set a ACL rule
    parseAcl = new Parse.ACL(user);
    parseAcl.setPublicReadAccess(false);
    parseAcl.setPublicWriteAccess(false);
    object.setACL(parseAcl);
    
    // Save
    object.save(null, token);
    
    // Request a external service
    Parse.Cloud.httpRequest({
      method: 'POST',
      url: 'https://externalapitosendsms.com',
      headers: {
    	'Authorization': 'Bearer MY_SECRET_TOKEN',
    	'Content-Type': 'application/json',
      },
      body: {
    	from: '+19072000010',
    	to: ['19072120721'],
    	body: 'This is your confirmed code ' + pin,
      }
    }).then(function(httpResponse) {
      return 'Sended';
    }, function(httpResponse) {
      return 'Request failed with response code ' + httpResponse.status;
    });
   

   });

inside async function use this:

await Parse.Cloud.httpRequest({
   method: 'POST',
   url: 'https://externalapitosendsms.com',
   headers: {
 	'Authorization': 'Bearer MY_SECRET_TOKEN',
 	'Content-Type': 'application/json',
   },
   body: {
 	from: '+19072000010',
 	to: ['19072120721'],
 	body: 'This is your confirmed code ' + pin,
   }
 });

return "Sended";

Also you can check if cloud code is executed by a logged in user like this:

const user = request.user;
if(!user){
    throw "Only logged in users can execute this function"
}
//your logic