User Auth using a custom external API


I am building a Meteor app that uses my website login API (built in Symfony) to check if a user is on my website database or not. So using meteor I send user email and password as params, and my website API returns a json with a success or failure message, and that is it.

If the external api returns back a success message, the user should be logged in else I’ll just display the error message. I don’t need any users.insert, or anything like that. The reason is my meteor app is just acting as a middleware and all the user data is stored in my other server. For all the other routes, I need to check if a user is logged in, is authorized to access those routes and has an access token. Is it possible?

When a user logs in, this is how I am handling it atm:‘POST’, url, {
‘headers’: {
‘Content-Type’: ‘application/x-www-form-urlencoded’
‘params’: data
}, function(error, response) {
if (error) {
else {
//store the token in the session
//need to somehow tell Meteor to consider the user as a logged in one;