Token-based authentication


#1

In a hybrid mobile application, I would like to

  • login the user on the native side, using DDP
  • hand-over this login to the webapp at some point of time; the webapp itself will be started in the background

To make this work, I would need a kind of login token to pass from the native side to the webapp. I’ve seen in the database that such tokens exist. But I do not know how these tokens can be used to authenticate the user directly. Is there an API to authenticate the user based on the known token instead of entering user credentials?


#2

take a look here https://meteorhacks.com/extending-meteor-accounts


#3

Thanks a lot, this looks promising!


#4

this might help too - not used myself - https://atmospherejs.com/andrei/accounts-token


#5

Thanks again, will have a look at it!


#6

How we you able to get around this ?


#7

Actually, I don’t know anymore. I eventually gave up on the idea to mix Cordova and native parts.


#8

Generally you think it’s safe to have an app login and redirect to another app with the login ‘http://this.that.com/login?token=token

Assuming they share account connection