Dashboard API explorer

/api/administrator/session (GET)

await global.api.administrator.Session.get(req)
Located in Dashboard API

Returns object

Exceptions

These exceptions are thrown (NodeJS) or returned as JSON (HTTP) if you provide incorrect data or do not meet the requirements:

Exception Circumstances
invalid querystring sessionid
invalid-sessionid unspecified querystring accountid

NodeJS source (edit on github)

If you see a problem with the source submit a pull request on Github.

const dashboard = require('../../../../index.js')

module.exports = {
  get: async (req) => {
    if (!req.query || !req.query.sessionid) {
      throw new Error('invalid-sessionid')
    }
    let session
    if (req.cacheData && req.cacheData[req.query.sessionid]) {
      session = req.cacheData[req.query.sessionid]
    } else {
      session = await dashboard.Storage.read(`${req.appid}/session/${req.query.sessionid}`)
    }
    if (!session) {
      throw new Error('invalid-sessionid')
    }
    try {
      session = JSON.parse(session)
    } catch (error) {
    }
    if (!session || session.object !== 'session') {
      throw new Error('invalid-sessionid')
    }
    delete (session.tokenHash)
    if (!session.ended) {
      const query = req.query
      req.query.accountid = session.accountid
      const account = await global.api.administrator.Account.get(req)
      req.query = query
      if (session.sessionKeyNumber < account.sessionKeyNumber) {
        session.ended = account.sessionKeyLastReset
      } else if (session.expires <= dashboard.Timestamp.now) {
        session.ended = session.expires
      }
    }
    return session
  }
}

Test source (edit on github)

Tests perform real HTTP requests against a running Dashboard server.

/* eslint-env mocha */
const assert = require('assert')
const TestHelper = require('../../../../test-helper.js')

describe('/api/administrator/session', () => {
  describe('exceptions', () => {
    describe('invalid-sessionid', () => {
      it('unspecified querystring accountid', async () => {
        const administrator = await TestHelper.createOwner()
        const req = TestHelper.createRequest('/api/administrator/session')
        req.account = administrator.account
        req.session = administrator.session
        let errorMessage
        try {
          await req.get()
        } catch (error) {
          errorMessage = error.message
        }
        assert.strictEqual(errorMessage, 'invalid-sessionid')
      })

      it('invalid querystring sessionid', async () => {
        const administrator = await TestHelper.createOwner()
        const req = TestHelper.createRequest('/api/administrator/session?sessionid=invalid')
        req.account = administrator.account
        req.session = administrator.session
        let errorMessage
        try {
          await req.get()
        } catch (error) {
          errorMessage = error.message
        }
        assert.strictEqual(errorMessage, 'invalid-sessionid')
      })
    })
  })

  describe('returns', () => {
    it('object', async () => {
      const administrator = await TestHelper.createOwner()
      const user = await TestHelper.createUser()
      const req = TestHelper.createRequest(`/api/administrator/session?sessionid=${user.session.sessionid}`)
      req.account = administrator.account
      req.session = administrator.session
      req.filename = __filename
      req.saveResponse = true
      const session = await req.get()
      assert.strictEqual(session.sessionid, user.session.sessionid)
      assert.strictEqual(session.accountid, user.session.accountid)
    })
  })

  describe('redacts', () => {
    it('tokenHash', async () => {
      const administrator = await TestHelper.createOwner()
      const user = await TestHelper.createUser()
      const req = TestHelper.createRequest(`/api/administrator/session?sessionid=${user.session.sessionid}`)
      req.account = administrator.account
      req.session = administrator.session
      const session = await req.get()
      assert.strictEqual(session.tokenHash, undefined)
    })
  })
})