Hey Meteor folks! I could really use your help!
Since going live with my SaaS Meteor app about a week ago, itās been a bumpy start. Our first customer authenticates their users over SAML. Thereās a couple Meteor SAML implementations out there on atmosphere, so weāve basically adapted one of those for internal use. Weāre also using meteor-cluster
.
Something like 1 in 5 of my customerās end users cannot login to my Meteor app. When the issue it happens itās totally random. Thatās a terrible quality of service and Iām ashamed of it. I didnāt catch this issue in pre-prod testing, either, and I have been unable to reproduce the bug in any other environment, and Iām quite frankly feeling desperate and falling to a pit of despair. I donāt think Iāve faced a more challenging bug in my coding career.
But anywho, do we have any experts using the WebApp.connectHandlers
api in here?
Am I supposed to wrap the entire body like so in a Fiber
? Does anything about this code look fishy?
var Fiber = Npm.require('fibers'),
bodyParser = Npm.require('body-parser');
WebApp.connectHandlers
.use(bodyParser.urlencoded({ extended: false }))
.use('/SSO/SAML2', function (req, res, next) {
Fiber(function() {
var strategy = AuthStrategies[req.headers.host];
if (req.method === 'GET') {
strategy._saml.getAuthorizeUrl(req, Meteor.bindEnvironment(function (err, result) {
res.writeHead(302, {'Location': result});
res.end();
});
} else if (req.method === 'POST') {
strategy._saml.validatePostResponse(req.body, Meteor.bindEnvironment(function (err, result) {
// Meteor.users.upsert({...}, {...});
// Send me a debug email (e.g., Mailer.send({to: '', ...});
//
// Occasionally, I'll recieve the email but no user object
// was ever created despite a validated Post Response (err = null)
...
}));
} else {
return next();
}
}).run();
});
Any feedback, spitballing, etc is greatly appreciated, thanks!
Since the issue where people have difficulty logging in only occurs when traffic picks up, I am thinking itās a concurrency issue, but Iām not completely sure.