I’ve disabled account creation client side, because my Meteor app allows signing up by invitation only.
This means all users are created server side and the data for each user is transferred via method arguments.
I’m not using Meteor’s onEnrollmentLink because it only allows me to set the user’s password, not other fields for the user. I have an invitations collection, and I handle the tokens with Iron Router.
I want the user to be logged in as soon as he accepts the invitation, but that requires access to the user’s password, which hasn’t been set yet, and wouldn’t be able to because sending passwords unencrypted to the server is completely insecure.
How can I create a user on the server, and log the user in on the client afterwards?