Call Meteor.userId() from connectHandler

Hi All,

The following code returns “Meteor.userId can only be invoked in method calls or publications.”

WebApp.connectHandlers.use('/echo', function (req, res, next) {
  try {
    if (!Meteor.userId()) {
      res.writeHead(401)
      res.end('Not authorized')
      return
    }
    const param = req.url.split('/')[1]
    res.writeHead(200)
    res.end(param)
  } catch (error) {
    console.log(error)
    res.writeHead(500)
    res.end(error.message)
  }
})

How can I call the Metor API? Is there any other way to validate the current session?

Thank you in advance.

You should be able to do this

// on the client
fetch('/endpoint', {
  method: 'GET',
  headers: {
    'Authorization': `Bearer ${Accounts._storedLoginToken()}`
  }
})

// on the server
import { Accounts } from 'meteor/accounts-base';

WebApp.connectHandlers.use('/endpoint', (req, res, next) => {
  const { authorization } = req.headers;
  const [ prefix, token ] = authorization?.split(' ') || [];
  
  if (prefix !== 'Bearer') {
    res.writeHead(401);
    res.end('Not authorized');
    return;
  }

  const user = Meteor.users.findOne({
    'services.resume.loginTokens.hashedToken': Accounts._hashLoginToken(token),
  });
  // user._id //
  // ... //
});

Curious, what’s your use case?

That works great. Thank you, @jam