Hi every one,
We’ve got a meteor app (sboulder).
An other node js app (7thgrade) is going to work in synergy with us.
We’d like to setup an oauth2 server on sboulder so that :
- A user can sign in to 7thgrade with a sboulder account (like with a facebook or google account) without registering again. 7thgrade would get all the user’s profile from sboulder (name, email…).
- A user can link an existing 7thgrade account to an existing sboulder account easily (and get missing profile info)
- 7thgrade would be able to fetch periodically changed info from sboulder’s user’s profile
Is setting up an oauth2 server the best way to achieve this ?
My idea is to install RocketChat oauth2 server on sboulder
Do you think it can be the good tool ?
Has anyone done something like this before ?
Could someone help me with some code examples to achieve this ? On both the meteor app and the other app.
Thanks a lot
Hi Jadus, did you have any progress with this? I might be able to provide the client side workflows (have done them in React).
Hi, thank you for your message !
Yes I’ve managed to set it up with rocket chat
oauth server, although it was not easy.
@jadus I rewrote the package with the latest version of
node-oauth2-server, because the rocketchat package has not been updated in a while (plus it missed tests): https://github.com/leaonline/oauth2-server
There is a WIP reference accounts server using it: https://github.com/leaonline/leaonline-accounts
I will speak about this topic on the upcoming Meteor Impact 2020 in detail with examples
Great ! I’ll replace the package with yours in my code.
Thanks for your work
@jadus you’re welcome! Feel free to comment or leave an issue on the repo if anything is not working as expected or if you have questions.
can you share the code? I have a react / react-router app and I’d like to add oauth2 dialog to it.
I’ve found this article. If I’m correct, I have to:
- create a react-router route for the oauth2 dialog. For this, I need:
- a method to check if the received client_id/redirect_uri are valid (do I have to write it manually or does this package provide it?)
- check if the user is logged in, show login dialog if not
- redirect the browser to redirect_uri if the user is logged in and grants permission with
loginToken as the access code.
- Then the client app will
POST a request to
authorizeUrl with the received
client_secret to get access & refresh tokens, but the package does all the work for me here.
- Then if I add routes with
oauth2server.authenticatedRoute() everything will be handled automatically and I receive the
req.data.user.id. (bonus question: has anyone wrote a mixin for mdg:validated_method for this?).