User Auth using a custom external API


#1

Hi,

I am building a Meteor app that uses my website login API (built in Symfony) to check if a user is on my website database or not. So using meteor HTTP.post I send user email and password as params, and my website API returns a json with a success or failure message, and that is it.

If the external api returns back a success message, the user should be logged in else I’ll just display the error message. I don’t need any users.insert, or anything like that. The reason is my meteor app is just acting as a middleware and all the user data is stored in my other server. For all the other routes, I need to check if a user is logged in, is authorized to access those routes and has an access token. Is it possible?

When a user logs in, this is how I am handling it atm:

HTTP.call(‘POST’, url, {
‘headers’: {
‘Content-Type’: ‘application/x-www-form-urlencoded’
},
‘params’: data
}, function(error, response) {
if (error) {
console.log(error);
}
else {
console.log(response.data.token);
//store the token in the session
Session.set(“token”, response.data.token);
//need to somehow tell Meteor to consider the user as a logged in one;
}
})