Loopback: Login should allow a full fledged include filter

The workaround (it may be a lapse in my understanding) seems a bit wasteful/slow when retrieving user's related models via promise chaining after login.

For example:

1. If I chained UserModel.login() with UserModel.findById() ... I can't use the include filter to get the related models as the include filter isn't supported for findById
2. If I chain login with findOne which support include filter, it will fail due to authorization reasons ... something about loopback not being able to apply ACLs unless an id is known in the REST url.
3. So I'm left with one call per related model being chained like so:

UserModel.login()
  > UserModel.storeModels({id:xxx})
    > UserModel.prototype$__get__roles({id:xxx})

silly no?

You should be using approach 2, login chained with findOne w/ include. I'm not sure why it's failing. Show us how you were doing it?

@doublemarked - sure, here's what I tried for approach 2:

This works but does not have roles:
UserModel.findOne({id: $sessionStorage.currentUser.userId})

It doesn't work when I try to include roles:

                UserModel.findOne({
                  filter: {
                    where: {
                      id: $sessionStorage.currentUser.userId
                    },
                    include: [
                      'roles'
                    ]
                  }
                })

I think @beeman uses it here: https://github.com/beeman/loopback-angular-playground/blob/498f39b9c48c4984cedf5c574ce692c7a114247f/client/js/services/auth.js#L7-L10

I get an error:

{
   "error":{
      "name":"Error",
      "status":403,
      "message":"Access Denied",
      "statusCode":403,
      "code":"ACCESS_DENIED",
      "stack":"Error: Access Denied
    at /Users/pulkitsinghal/dev/w2/node_modules/loopback/lib/application.js:348:21
    at /Users/pulkitsinghal/dev/w2/node_modules/loopback/lib/model.js:313:7
    at /Users/pulkitsinghal/dev/w2/node_modules/loopback/common/models/acl.js:465:23
    at /Users/pulkitsinghal/dev/w2/node_modules/loopback/node_modules/async/lib/async.js:251:17
    at done (/Users/pulkitsinghal/dev/w2/node_modules/loopback/node_modules/async/lib/async.js:132:19)
    at /Users/pulkitsinghal/dev/w2/node_modules/loopback/node_modules/async/lib/async.js:32:16
    at /Users/pulkitsinghal/dev/w2/node_modules/loopback/node_modules/async/lib/async.js:248:21
    at /Users/pulkitsinghal/dev/w2/node_modules/loopback/node_modules/async/lib/async.js:572:34
    at /Users/pulkitsinghal/dev/w2/node_modules/loopback/common/models/acl.js:447:17
    at /Users/pulkitsinghal/dev/w2/node_modules/loopback/common/models/role.js:319:23
    at /Users/pulkitsinghal/dev/w2/node_modules/loopback/node_modules/async/lib/async.js:368:13
    at done (/Users/pulkitsinghal/dev/w2/node_modules/loopback/node_modules/async/lib/async.js:132:19)
    at /Users/pulkitsinghal/dev/w2/node_modules/loopback/node_modules/async/lib/async.js:32:16
    at /Users/pulkitsinghal/dev/w2/node_modules/loopback/node_modules/async/lib/async.js:365:17
    at /Users/pulkitsinghal/dev/w2/node_modules/loopback/common/models/role.js:310:15
    at /Users/pulkitsinghal/dev/w2/node_modules/loopback-datasource-juggler/lib/dao.js:1442:62
    at allCb (/Users/pulkitsinghal/dev/w2/node_modules/loopback-datasource-juggler/lib/dao.js:1374:7)
    at /Users/pulkitsinghal/dev/w2/node_modules/loopback-datasource-juggler/lib/connectors/memory.js:371:7
    at /Users/pulkitsinghal/dev/w2/node_modules/loopback/node_modules/continuation-local-storage/node_modules/async-listener/glue.js:188:31
    at /Users/pulkitsinghal/dev/w2/node_modules/loopback/node_modules/continuation-local-storage/node_modules/async-listener/glue.js:188:31
    at process._tickDomainCallback (node.js:492:13)
    at process.<anonymous> (/Users/pulkitsinghal/dev/w2/node_modules/loopback/node_modules/continuation-local-storage/node_modules/async-listener/index.js:19:15)"
   }
}

@pulkitsinghal To get include: 'roles working you need to define the relationship: User.hasMany(Role, {through: RoleMapping, foreignKey: 'principalId'});

@alFReD-NSH - Thanks! I've had that for a while: https://github.com/ShoppinPal/warehouse/blob/develop/common/models/user-model.json#L43-L48

I think it is just the way login is implemented, it doesn't do certain things. So I'd like it enhanced :)

+1, would like to see the ability to include more than just the "user". it is strange that it is limited ONLY to the user and no sub relations

+1

+1
I should be able to log in and have related objects returned (using include) in a single REST call. As I understand it, I can only get the user object returned in a single call.

+1

+1

+1

+1

+1

+1

+1

+1

+1

+1

+1

+1

+1

+1

+1

+1

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

This issue has been closed due to continued inactivity. Thank you for your understanding. If you believe this to be in error, please contact one of the code owners, listed in the CODEOWNERS file at the top-level of this repository.

Reopening based on the discussion in #3641. Please note that this issue is not a priority to us, we are not going to work on it anytime soon. Please let us know if you can contribute this improvement yourself, we are happy to help you along the way.

Appuser.js returns user along with relational data. Needs node ^7.6.0

Appuser.afterRemote('login', async (ctx, user, next) => {
        if(user){
            let userData = await Appuser.find({
                    fields:{password: false, username: false, realm: false, '_id': 0},
                    include:{
                        relation: 'cities',
                        scope: {
                            fields: ['name', 'temp_f']
                        },
                    },
                    where: {
                    id: user.userId
                }
            })
            user.userData = userData[0]
        }
    })

in api documentation (http://apidocs.loopback.io/loopback/#user-login) it looks like this feature is there but i couldn't make it working. is it already implemented? is there any sample code?

@ahmetcetin AFAIK, it's not possible to include arbitrary related models in User.login request yet. Would you like to contribute this feature yourself?

@bajtos i'll give it a try during Christmas break, till then quite busy.

@ahmetcetin below code is working for relational data on login. You can remove scope if you want every field from the relational data. Let me know if you have a different solution or idea.
The App-user.js returns user along with relational data. Needs node ^7.6.0
```

Appuser.afterRemote('login', async (ctx, user, next) => {
if(user){
let userData = await Appuser.find({
fields:{password: false, username: false, realm: false, '_id': 0},
include:{
relation: ,
scope: {
fields: []
},
},
where: {
id: user.userId
}
})
user.userData = userData[0]
}
})

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

This issue has been closed due to continued inactivity. Thank you for your understanding. If you believe this to be in error, please contact one of the code owners, listed in the CODEOWNERS file at the top-level of this repository.