[MongoDB Realm] What to do after `invalidSession` error?

In my app, users have the option to delete their account. This will call a Realm function that deletes the user account with all associated data. The problem is, after calling this function, any Realm related call will result in an invalidSession error, which is normal since the local cached user does not exist anymore — I need to log out the user.

I tried calling currentUser.logOut() and currentUser.remove() right after the call to the delete function, but both result in an invalidSession error. So, how can I “reset” the session and remove everything related to the old user, to that the app is in a new state, ready for another login?

You’ll want to call removeUser before calling the function to delete the user however you do need a valid user to call a function - so what you could do is call a Webhook which triggers the function to clean up the user on the backend Realm Cloud.

@Jean-Baptiste_Beau What SDK are you using?

@Ian_Ward I rely on app authentication to make sure users can only delete their own account, for obvious security reasons. Is it possible to have this kind of security using a webhook, even if the user is not connected?

@kraenhansen I’m using the iOS SDK 10.7.6.

Any news about that?

Well, the answer was surprisingly easy: even though currentUser.remove() returns an invalidSession error when the session is, in fact, invalid, it stills logs out the user. So all I had to do was to ignore the error if it’s an invalidSession error and keep on with the cleanup after the logout.

Either it’s a bug, or it’s normal behavior and it should be better documented.

Nevermind. This is only the case for non-anonymous users. For anonymous users, calling user.remove() returns an invalidSession error and doesn’t remove the user.

This definitely looks like a bug. @Ian_Ward @kraenhansen do you confirm?

A note on why do I need to handle invalidSession errors with anonymous users:

In the doc, it is stated that:

Realm may delete an Anonymous user object that is 90 days old (or older). When an account is deleted, it is not recoverable and any associated user data is lost. Documents created or modified by the user remain unaffected.

In my case, users can use the app without creating an account through the use of anonymous authentication. Their data is stored in a local Realm, and the anonymous user is only used to get public data from Atlas.

When the anonymous user is deleted (by Realm), I simply want the client app to delete the public data cached on the device, log in with a new anonymous user, and re-download the public data, so that the user can keep using the app.

I tried to simply delete the whole mongodb-realm folder, but then I get the error:
Unable to open a realm at path .../Documents/mongodb-realm/[app-id]/server-utility/metadata/sync_metadata.realm.management. If there was a way to trigger the re-creation of those files, this could be a solution.

Following up on the solution to delete the whole folder manually. After getting the error above, the app crashes. The next time the app is launched, the files are re-created, and the app can work again.

We’re getting closer to the solution. Still, having the app crashing every 90 days to reset the user is not ideal. What is missing is a way to trigger the re-creation of the files.