With meteor 2, I could always use meteor.userId() in my resolvers. With meteor 3, I get a message saying it can only be used in a method or a publication.
It was #2 for sure. I was calling the Meteor.user() too soon, and the user wasn’t fully logged in yet. Still getting used to this whoel async / await stuff. Now I await the account creation, then it gives me the user object. Thank you.
Check the documentation about Accounts.onCreateUser(), which should be the ideal place to add default roles to a new account.
Erratum:
I only realized now that I was talking about a different function: Accounts.updateOrCreateUserFromExternalService() which returns the created user.
@vikr00001 yes, you can use userId and user only in methods and publications. If you want to use it in your Appollo or somewhere else, for example Meteor Cron, you cannot use Meteor.userAsync() or Meteor.userId();
In this case, you need to get user “manually”. This is the most simple way:
Get userId on client side: Meteor.userId();
Get loginToken on clientSide: Meteor: Meteor._localStorage.getItem("Meteor.loginToken")
(now put in into header or body of the request)
On the server, create and use your own method getUserAsync(userId: string, token: string) which will return user’s object; When you will be in this point, If you will need, you can modify it to make it more secure, use your own token, …whatever you want.
It seems to work fine. The security risk of sending Meteor.userId() from client to server, is that someone may be able to send a different Meteor.userId() from the client to your server, and so your server would update the wrong user.