Token-based authentication

waldgeist · September 30, 2015, 6:57pm

In a hybrid mobile application, I would like to

login the user on the native side, using DDP
hand-over this login to the webapp at some point of time; the webapp itself will be started in the background

To make this work, I would need a kind of login token to pass from the native side to the webapp. I’ve seen in the database that such tokens exist. But I do not know how these tokens can be used to authenticate the user directly. Is there an API to authenticate the user based on the known token instead of entering user credentials?

garrilla · September 30, 2015, 7:25pm

take a look here https://meteorhacks.com/extending-meteor-accounts

waldgeist · September 30, 2015, 8:18pm

Thanks a lot, this looks promising!

garrilla · September 30, 2015, 8:20pm

this might help too - not used myself - https://atmospherejs.com/andrei/accounts-token

waldgeist · September 30, 2015, 8:23pm

Thanks again, will have a look at it!

engrpeters · February 20, 2018, 8:22pm

How we you able to get around this ?

waldgeist · February 20, 2018, 9:49pm

Actually, I don’t know anymore. I eventually gave up on the idea to mix Cordova and native parts.

engrpeters · February 20, 2018, 10:31pm

Generally you think it’s safe to have an app login and redirect to another app with the login ‘http://this.that.com/login?token=token’

Assuming they share account connection