Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Creating a non-oauth Meteor Accounts package

Tags:

authentication

meteor

The accounts-foobar packages all rely on oauth-based authentication systems, and involve quite a bit of confusing, undocumented boilerplate. I'm wondering if there's an easy way to create a package for a non-oauth authentication system that will integrate normally with the Meteor accounts system. The non-oauth system I have in mind is a simple external API that just accepts a username and password, and returns a simple json object with success data or an error.

Is there a simple way to do this? Does Meteor provide an API for this that I've missed?

EDIT: This bit works fine, I'm just not entirely sure how to hook this up to the accounts system:

HTTP.post('https://my-site.com/api/login.json', { params: { username: 'foo', password: 'bar' } }, function (error, result) {
    if (result) console.log('User data:', result.data);
});

// User data: { userId: 217, username: "foobar" }
like image 519
BenjaminRH Avatar asked Oct 03 '22 09:10

BenjaminRH

1 Answers

It looks like Meteor's accounts-password packages should work for you (simple username/password based auth), however if you need something custom you can do it yourself.

You can roll your own auth package if you don't want to use any of the built in accounts-* packages. You simply need to register your own login handler and do a little bit of bookkeeping to keep the sessions authenticated on reconnects.

Step by step:

1: Add accounts-base package: meteor add accounts-base

2: On the server, add a Accounts.registerLoginHandler call

Accounts.registerLoginHandler(function(loginRequest) {
  // ... check loginRequest for proper credentials - up to you 
  var userId = something; // determined by the credentials check

  // add a resume token so that Meteor can resume your session on reconnect
  var stampedToken = Accounts._generateStampedLoginToken();
  Meteor.users.update(session.user, 
    {$push: {'services.resume.loginTokens': stampedToken}});

  return {
    id: userId,
    token: stampedToken.token
  });

3: Call login on the client

var loginRequest = { ... your auth credentials ... };
Accounts.callLoginMethod({
  methodArguments: [loginRequest],
  userCallback: function (err) {
      if (!err) {  ... do stuff here on successful login ...  }
  }});

That's it!

like image 144
Lev Avatar answered Oct 07 '22 18:10

Lev
Sign in to Comment

Related questions

Connecting to NTLMv2 from Java\httpclient 3\linux
Facebook Desktop Application
How do I update my security in my login script from MD5 to something more secure? [duplicate]
Why does Django use is_staff and is_superuser instead of making those a permission?
How can I make a CouchDB database readable for public while having set require_valid_user to true?
Angularjs routing choppy when using authentication
Where to hook up authentication in Grizzly?
Globally enable authentication in ServiceStack, except for some requests
React: TypeError: Cannot read property 'setState' of undefined
Disable Multiple login at Keycloak
How to implement login popup in html/javascript
Implementing External Authentication for Mobile App in ASP.NET WebApi 2

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!