Login/Register
Creating user with no password in Meteor
Asked Answered
authenticationmeteoraccounts
S

2

7

I have a unique user creation flow which is as follows:

  1. User comes to my site for the first time and they click a button.
  2. I create a User in the DB for them and set a localStorage key with the UID.
  3. Use goes about creating data and I save the data in the DB and associate it with the UID.
  4. User comes back, and if they have UID set in localStorage, I show them the data they previously created.
  5. User can click Register to create a "real" account from which point they will have to login with username and password or another service (e.g. Facebook).

So, how would I accomplish this with Meteor Accounts and the User model?

In a nutshell:

  • I need to create User mongo document with no information (about the user).
  • I need to authenticate a user by just having a UID (acting as a "password").
Sentimentalize answered 12/12, 2012 at 20:26 Comment(0)
J
8
  1. Register onCreateUser to add an "anonymous" field ({anonymous:1}) when a random password is used, maybe generated with Meteor.uuid().
  2. Add a timestamp field ({created:new Date()}) to clean out old, anonymous accounts.
  3. Perform old anonymous user maintenance, like deleting anonymous users more than one hour old: Meteor.autorun(function() {Meteor.users.find({anonymous:1,$where:"new Date() - this.created > 360000"}).forEach(function (user) {
    Meteor.users.remove({_id:user._id})}});
  4. On the client:
    1. Always prompt for a "nickname." This will become the official username, or will sit in the system forever used.
    2. Check if client is logged in. If not, create a user with nickname and a "magic number" password, which logs you in. When they click register, write "Register" at the top, but actually just change their password and $set:{anonymous:0}

Don't use localStorage, and don't use UIDs. The session cookie IS your UID.

Janijania answered 13/12, 2012 at 8:55 Comment(4)
Why should I not use localStorage?Sentimentalize
You should use localStorage, just not to store something like a UID. meteor-accounts already takes care of the cookie/token/"UID" aspect of what you're trying to achieve. But, don't let me discourage you from writing your own package that does exactly what you want. Consider checking out the meteor-accounts code and think about how to implement an anonymous user. I'd allow users to be created without usernames, and I'd add the anonymous field, with the functionality I described above. It addresses the main limitation of my solution: that you have to start with a nickname.Janijania
Can you clarify what you mean by "magic number" in this context? Are you saying that one should pick a random number to register the anonymous with? Or is this "magic number" programmatically generated?Geomorphic
Magic number was meant to mean random string. An anonymous user essentially has an account attached to their machine—or perhaps some more complicated fingerprint. They can't recover their account or use it in different places until they convert into a real user, i.e., register.Janijania
O
1

I don't know how to help with the authentication, but as for creating a blank User object, I've successfully done the following on the server-side (with a different name...):

Meteor.users.insert({profile: {name: 'Oompa Loompa'}, foo: 'bar'});

Ottoman answered 13/12, 2012 at 1:33 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.