Create user on server, and login user on client afterwards?

I’ve disabled account creation client side, because my Meteor app allows signing up by invitation only.

This means all users are created server side and the data for each user is transferred via method arguments.

I’m not using Meteor’s onEnrollmentLink because it only allows me to set the user’s password, not other fields for the user. I have an invitations collection, and I handle the tokens with Iron Router.

I want the user to be logged in as soon as he accepts the invitation, but that requires access to the user’s password, which hasn’t been set yet, and wouldn’t be able to because sending passwords unencrypted to the server is completely insecure.

How can I create a user on the server, and log the user in on the client afterwards?



Use Accounts.createUser

To create an account without a password on the server and still let the user pick their own password, call createUser with the email option and then call Accounts.sendEnrollmentEmail. This will send the user an email with a link to set their initial password.

to set other fields on the user use Accounts.onCreateUser.

If I would be forced to code it now, I would probably use some anonymous user package.
So you have this anonymous user handle and associated token with it.
And there should be nothing easier as send this handle to server during that invitation submit method call.

Than on server side, just create user and insert that token from temporary anonymous account to your real user and destroy that temporaty.
And as an result of call instruct client to re-check login somehow if it does not relog to real account automatically.

Interesting kinda related resources I am looking at atm is function logoutOotherClients starting on line 83 in
There can be some hints what to search for in accounts sources.

Or this suite, how he is changing from anonymous to logged in user