So, let us say I have two apps, App A and App B. Both are using the accounts-password and the alanning:roles packages. Naturally, they both use different roles, but the users that use the apps are the same and come from the same collection on the MongoDB server.
I want to implement something like the Google single-login functionality, when a user logins with his credentials in one app, he doesn’t have to do that in the second one all over again.
The usernames, the passwords, the emails, and the roles are the same, so it should be possible somehow. I took a look at Accounts (Multi-Server) Docs, but they don’t really have a lot to say about this and are lacking. Does anyone know of a guide or a tutorial similar to the above?
You would probably have to implement something similar. App B redirects to App A to sign in (or confirm already signed in), then redirects back to App B with a hashed token which App B then uses to sign in. You need to be very careful sending tokens around in URL paremeters because they could then be used by a man-in-the-middle to log in so you would need to generate hashed tokens and check that the hashes match.
This might also be of help: https://guide.meteor.com/structure.html#sharing-accounts, which is one of the only places where Meteor.loginWithToken() (which I’m sure you’ll have to use that function at some point) is mentioned in the docs.
This is possible as long as apps can manage the authorization part There is nothing special to be done if you are using the same collection and roles are the same. We have two instances of application one for admin and another for users pointing to same MongoDB and having same roles.
This might also be of help: https://guide.meteor.com/structure.html#sharing-accounts , which is one of the only places where Meteor.loginWithToken() (which I’m sure you’ll have to use that function at some point) is mentioned in the docs.