edoscl
1
Hi All,
The following code returns “Meteor.userId can only be invoked in method calls or publications.”
WebApp.connectHandlers.use('/echo', function (req, res, next) {
try {
if (!Meteor.userId()) {
res.writeHead(401)
res.end('Not authorized')
return
}
const param = req.url.split('/')[1]
res.writeHead(200)
res.end(param)
} catch (error) {
console.log(error)
res.writeHead(500)
res.end(error.message)
}
})
How can I call the Metor API? Is there any other way to validate the current session?
Thank you in advance.
jam
2
You should be able to do this
// on the client
fetch('/endpoint', {
method: 'GET',
headers: {
'Authorization': `Bearer ${Accounts._storedLoginToken()}`
}
})
// on the server
import { Accounts } from 'meteor/accounts-base';
WebApp.connectHandlers.use('/endpoint', (req, res, next) => {
const { authorization } = req.headers;
const [ prefix, token ] = authorization?.split(' ') || [];
if (prefix !== 'Bearer') {
res.writeHead(401);
res.end('Not authorized');
return;
}
const user = Meteor.users.findOne({
'services.resume.loginTokens.hashedToken': Accounts._hashLoginToken(token),
});
// user._id //
// ... //
});
Curious, what’s your use case?
edoscl
3
That works great. Thank you, @jam