Looking for ideas on a no sign in / no config grouping option

bmcgonag1 · September 17, 2016, 9:16pm

My company has an annual day where they give “developers” 24 hours to create anything they want as a project. I only quote developers because while it technically is for devs, I’m not one, but they are kind enough to allow a few of us hobbyists to participate as well.

I have an idea for an application using meteor, but one piece of it, i’m not sure how to do, and I’m hoping some of you may have some ideas.

I want to create a meteor app that is hosted by the company (most of our software is on premise). The concept is a simple alerting application.

A few terms to help here:

Company - global admin with access to all groups / end users through alerts
Local admin - admin from the Agency / Client with access only to that agency’s / group’s users for alerting.
End user - receive alerts and info only.

I want to make an application That sits and runs and simply receives alerts of different kinds (messages). The Local admins can send them anytime, and my Global Admins can send them anytime.

I’d like to build in groups / roles to control who can send, and to whom they can send. This also allows my Global Admins to target 1 or multiple client agencies / groups with messages.

For example: Maybe there is a big security update we want all clients / groups to know about, or we could be able to start an update on 1 client’s / group’s software package, and we simply want to let their end users know.

The Local Admins may want to send out simple information about various things to their end users, but I don’t want them to be able to send out to all other clients (at least not yet).

We’ve tried email, online forums, etc. over the years, and we just don’t get engagement, but still have issues and get complaints about not communicating.

So the goal is to build this application, and install it on each client machine. I want to make it a zero config from the end user’s perspective. A run it and forget it type setup. I can grab the users machine login and hostname now through node packages, and will make it into an electron app so it’s “installable” and able to be started as a startup application.

The one thing I can’t figure out is how to identify each machine / user running the app as part of their agency / group. The local admins will have to login to send messages, but I don’t want each end user to have to login in order to receive / view the messages sent.

Any thoughts / help / advice is always much appreciated.

lightningboss · September 17, 2016, 9:36pm

Fo rme it sounds like you are trying to authenticate the user. You can use the Meteor Accounts package and create your own custom login method. (For an older version of Meteor, this is described here: https://meteorhacks.com/extending-meteor-accounts/; I’ve made a pull request with code for 1.3 and above).

If I understood correctly you can get the machine name and therefore technically know to which group they belong. On the database you have e. g. an array of machines that are allowed to access and edit the groups.

If you don’t know already: There is a great package for roles, called Roles.

bmcgonag1 · September 17, 2016, 10:24pm

Yes, I intend to use Accounts and Roles in the project for the local and global admins. But for the end useers who will only receive the messages, not send any back, I’m looking for a way to start the application on their machine, and know which agency they belong to without having them login at all.

I considered domain name, which I could also pull from the machine with an npm package, but with our number of clients I can think of 4 different examples where they’ve each chosen the same domain name, so that would make it look like those 4 agencies were all part of the same group, and I definitely don’t want that.

The real issue is that I don’t want the end users to have to login, I just want the app to run, and when a message is sent, they’ll be notified. A form of zero configuration on their part.

bmcgonag1 · September 18, 2016, 1:15pm

I’m kind of thinking of a basic JSON file modified at install time, that has the group identity on it, but that would become a task for my deployment, team, and I’m trying to make this as seamless as possible.

lucfranken · September 19, 2016, 7:34am

Your best option would be login via an email confirmation. There is no real way to authenticate without a safe local known variable on the user side. So you could use just a link to login, then automatically login the user. So create a form where they only enter their email. And then insert a token into the url of the email. If you want most engagement social logins may also help strongly.

bmcgonag1 · September 19, 2016, 12:52pm

I was just thinking last night about some sort of token passed int he URL, or through some other method.

This application is for clients of my company, so it’s more of a ‘It will be installed and set to start on login automatically’, not much end user engagement beyond receiving information.

To clarify, my first group of intended users is law enforcement, so imagine missing child info, Be On the Lookout, Attempt To Locate, etc. I can see a host of other uses for it, but for me, in 24 hours, I have to keep my initial project very small and simple.

In fact, this whole part about not requiring yet another login for the officers in the field, is the hardest part by far.