Multi app single accounts

andreyg · 2019-09-08T17:28:43.815Z

So, let us say I have two apps, App A and App B. Both are using the accounts-password and the alanning:roles packages. Naturally, they both use different roles, but the users that use the apps are the same and come from the same collection on the MongoDB server.

I want to implement something like the Google single-login functionality, when a user logins with his credentials in one app, he doesn’t have to do that in the second one all over again.

The usernames, the passwords, the emails, and the roles are the same, so it should be possible somehow. I took a look at Accounts (Multi-Server) Docs, but they don’t really have a lot to say about this and are lacking. Does anyone know of a guide or a tutorial similar to the above?

wildhart · 2019-09-08T23:00:50.470Z

I’ve got no experience of this whatsoever, but just thinking off the top of my head…

Google’s single-sign in requires a redirect to accounts.google.com to sign in, then you are sent back to whichever google site you wanted. Open an incognito tab and visit photos.google.com and try to sign in. You will be redirected to https://accounts.google.com/signin/v2/identifier?passive=1209607&continue=https%3A%2F%2Fphotos.google.com%2Flogin&fol…

You would probably have to implement something similar. App B redirects to App A to sign in (or confirm already signed in), then redirects back to App B with a hashed token which App B then uses to sign in. You need to be very careful sending tokens around in URL paremeters because they could then be used by a man-in-the-middle to log in so you would need to generate hashed tokens and check that the hashes match.

This might also be of help: https://guide.meteor.com/structure.html#sharing-accounts, which is one of the only places where Meteor.loginWithToken() (which I’m sure you’ll have to use that function at some point) is mentioned in the docs.

perumalkuk · 2019-09-09T01:46:30.608Z

This is possible as long as apps can manage the authorization part There is nothing special to be done if you are using the same collection and roles are the same. We have two instances of application one for admin and another for users pointing to same MongoDB and having same roles.

andreyg · 2019-09-10T05:17:36.455Z

This might also be of help: https://guide.meteor.com/structure.html#sharing-accounts , which is one of the only places where Meteor.loginWithToken() (which I’m sure you’ll have to use that function at some point) is mentioned in the docs.

Thanks, exactly what I was looking for!