Check if a user is disabled on login

#1

Hi.

Sometimes we have users that want to be deleted or disable their account for a period of time, right now we do this manually and that’s fine since it’s very rare that it happens.

But I want to be able to then set a key on the user called “disabled: true”.

My questions are then, how can I check if the user has this key if they try to log in with (Meteor.loginWithFacebook or Meteor.loginWithPassword) is that possible to check for custom data in that process?

Thanks in advance!

#2

Hi Emil,

You can check it on the server when the user attempts to log in and then disallow the attempt.

Something like:

Accounts.validateLoginAttempt((options) => {
  if (!options.allowed && options.error) {
    throw options.error;
  } else if (options.user && options.user.disabled) {
    throw new Meteor.Error("Your account is disabled");
  }
})

You should have the user’s record under options.user and be able to retrieve what you want.

More in the docs:

1 Like
#3

Hi tprzytula!

Thanks for the link, was just what i was looking for. Still pretty new to the Meteor platform so still trying to figure out the best way to do these things.

A quick questions, when you say on the server is there special file/place you would place it? I guess it should not be inside a method since it get’s called automatic on login, so for now i just have a file called, on-login.js inside the startup->server->accounts folder.

Would you place it different?

Thanks for the help and merry Christmas!

#4

I usually have an “auth” folder or file where I place my auth specific hooks like this one.