Hi there,
I’m trying to make a custom authentication that relies on a REST API call.
All the messages I read dealing about this are out dated or undocumented and I didn’t succeed in making them work (for example Accounts.callLoginMethod doesn’t seem to exist any more).
I tried an approach that :
- creates a server side method calling the api with login/password and returning a connection token. It modifies the user document of the User collection to gather connection infos, and set the userId.
- call the server side method and set the userId from the client side
But it doesn’t work as expected : refreshing a page make my connection lost.
What is the actual and good way to do ?
Server :
private getConnexionInfo(username: string, password: string): any{
let url: string = this.api.host + '/' + this.api.endpoints.token;
let params: HTTP.HTTPRequest = {
data: { username: username, password: password },
headers: { 'Content-Type': 'application/json' }
};
let result;
try {
result = HTTP.post(url, params);
} catch (e) {
return null;
}
return result.data;
}
private recordUserToMongo(token:string, username:string, mail:string, lastname:string, firstname:string){
let now = new Date();
Users.upsert(username, { $setOnInsert: { createdAt: now, emails:[{adress:mail, verified:true}],
lastname:lastname, firstname:firstname},
$set: { services:{ resume:{ loginTokens:[{when:now, hashedToken:token}]}} } });
}
disconnect(username: string){
console.log("Disconnect "+username);
Users.update(username, { $unset: { services:"" }});
}
connect(username: string, password: string): string {
let infos = this.getConnexionInfo(username, password);
if (infos !== null) {
this.recordUserToMongo(infos.token, username, infos.mail, infos.givenName, infos.sn);
return infos.token;
}else{
this.disconnect(username);
return null;
}
}
Client side :
connect(){
let log = Meteor.call('connect', username, pass);
if (log !== null){
Meteor['connection'].setUserId('fdepaulis');
this.user = Meteor.userId();
}
}
Thanks for your help !
Fabrice