meteorite - After create user on meteor, the session changes to the new user -



meteorite - After create user on meteor, the session changes to the new user -

i'm creating custom "create user" page meteor, , user stored, but, after this, actual session changed new user. i.e. admin user "admin" , when create new user "foo", session changes "foo". i'm overriding account.createuser initial run

this code

template.usuarionew.events 'submit .form': (e) -> e.preventdefault() username = $('#username').val() name = $('#name').val() password = $('#password').val() roles = $('.role:checked') if roles.length == 0 flashmessages.sendwarning 'escoge al menos united nations rol' homecoming user = 'username': username 'password': password 'profile': 'name': name 'roles': [] roles.each (i) -> user.roles.push $(@).val() homecoming accounts.createuser user flashmessages.sendsuccess 'se ha creado united nations usuario' router.go('/') homecoming

and accounts.oncreateuser

accounts.oncreateuser (options, user) -> userproperties = profile: options.profile || {} roles: options.roles || [] user = _.extend user, userproperties if !user.profile.name user.profile.name = user.username if !meteor.users.find().count() user.roles.push 'admin', 'boss', 'specialist' user

this expected behavior if phone call accounts.createuser client. pointed out in the documentation:

on client, function logs in newly created user on successful completion. on server, returns newly created user id.

the way insert user without logging in newly created user initiate creation process server. can method call. in submit callback, replace phone call accounts.createuser user with:

class="lang-coffee prettyprint-override">meteor.call 'insertuser', user

then on server can implement method this:

class="lang-coffee prettyprint-override">meteor.methods 'insertuser': (user) -> check user, match.objectincluding username: string password: string profile: name: string accounts.createuser user

the problem sending user's password server, reasonable if using ssl. , then, may not great idea...

if don't want transmit password, docs point out, can create user using illustration above, want replace password email, , phone call sendenrollmentemail so:

class="lang-coffee prettyprint-override">meteor.methods 'insertuser': (user) -> check user, match.objectincluding username: string email: string profile: name: string userid = accounts.createuser user accounts.sendenrollmentemail userid

then need create route on client which, when requested, makes phone call resetpassword appropriate token , new password. doing more work both , user it's secure implementation meets requirements.

meteor meteorite

Comments

Post a Comment

Popular posts from this blog

php - Android app custom user registration and login with cookie using facebook sdk -

php - Android app custom user registration and login with cookie using facebook sdk - i developing android application in users need register , log in using facebook. approximately, flow. open app first time, authenticate facebook, data, send info server create them business relationship in application, start session new business relationship in server, cookie perform later interactions. so far good. what need know wich info have send server, can able identify users when log in seccond time. because need start session in server , send cookie android app farther interactions. i'm using php server side language. i thinking getting getaccesstoken() in android facebook sdk, pass server on business relationship creation , storing in android app. but can't manage how login users on sec time utilize app. any suggestions ? in advance ! to uniquely identify user within app, should create request /me , user's id. guaranteed unique , remain con
Read more

django - Access session in user model .save() -

django - Access session in user model .save() - is possible access current session in user model .save()? pseudo code of want achieve: # users.models.py def save(self, *args, **kwargs): created = true if self.pk: created = false super(abstractuser, self).save(*args, **kwargs) # post-save if created: look_for_invite_in_session_and_register_if_found(self, session) seems wrong in architecture. shouldn't access request in models layer. work request must done in view. can this: user, created = abstractuser.objects.get_or_create(name=name) if created: look_for_invite_in_session_and_register_if_found(user, request.session) django session
Read more

php - .htaccess Multiple Rewrite Rules / Prioritizing -

php - .htaccess Multiple Rewrite Rules / Prioritizing - here current htaccess file: rewriteengine on rewritecond %{http_host} !^www\.website\.com [nc] rewritecond %{http_host} ([^.]+)\.website\.com [nc] rewriterule ^(.*)$ http://www.website.com/gotourl.php?urlid=?%1 [l] rewriterule ^(\w+)$ ./gotourl.php?urlid=$1 [nc,l] rewriterule ^(\w+)/$ ./gotourl.php?urlid=$1 [nc,l] the website in question url shortener i'm working on testing/developing , personal use. above code may not ideal i'm not familiar .htaccess , made via googling , testing. want url shortening aspect: http://website.com/1234 -> http://website.com/gotourl.php?urlid=1234 http://website.com/1234/ -> http://website.com/gotourl.php?urlid=1234 the problem cannot figure out how ignore directories. want specific directories go specific pages: http://website.com/img (or) http://website.com/img/ -> http://website.com/img.php http://website.com/img/1234 (or) http://website.com/
Read more