我写了自定义方法登录,但我在最后一步阻止了:客户端的有效登录。
我相信我在服务器端正确登录但没有客户端:
LoginTokens(when&
数据库中的hashedToken}。this.userId)的所有文件。Accounts.validateLoginAttempt(function (attempt),包含正确的用户并且不会返回任何错误。Meteor.loggingIn()为false且Meteor.user()为null Accounts.onLogin(function(user)上返回user._id 所以我认为这是关于返回客户端的问题(比如user._id) - 但我迷失了,并且认为我需要经验丰富的评论家眼睛。
ps:我有accounts-base@1.4.0& accounts-password@1.5.0
登录方式(通常从客户端调用)
Meteor.methods({
logTwo (userfinal, passfinal) {
// Consistency var check
check(userfinal, String);
const passwordValidator = {digest: String, algorithm: String};
check(passfinal, passwordValidator);
// check user
const getUser = Accounts.findUserByEmail(userfinal);
if (!getUser) {throw invalidLogin();}
// check password
const checkPassword = Accounts._checkPassword(getUser, passfinal);
if (checkPassword.error) {throw invalidLogin();}
// get user's id
var userID = getUser._id
// logic here
console.log('code verified'); // rightly printed
// below, I tried with or without methodArguments (this, 'login', {user: userfinal,password: passfinal},
// and (this, 'login', '',
Accounts._attemptLogin(this, 'login', {user: userfinal,password: passfinal}, {
type: '2FALogin',
userId: userID,
});
},
});
Accounts.validateLoginAttempt(function (attempt) {
console.log(attempt); // rightly printed
if (attempt.type === '2FALogin' && attempt.methodName === 'login') {
console.log('allowed'); // rightly printed
return true;
}
if (attempt.error) {
console.log('login error: ' + attempt.error);
}
});
返回Accounts.validateLoginAttempt(函数(尝试)(console.log(尝试))
{ type: '2FALogin',
allowed: true,
methodName: 'login',
methodArguments:
[ 'bob@bob.com',
{ digest: '70bd58ff28477...', // digest here ok
algorithm: 'sha-256' } ],
user:
{ _id: '6i6vLjc8Ssg6SGJNf',
createdAt: 2017-11-01T15:08:52.332Z,
services: { password: [Object], resume: [Object] },
emails: [ [Object], [Object] ],
_loggedIn: true,
},
connection:
{ id: 'xFLv3XZWztxsdxckM',
close: [Function: close],
onClose: [Function: onClose],
clientAddress: '127.0.0.1',
httpHeaders:
{ 'x-forwarded-for': '127.0.0.1',
'x-forwarded-proto': 'ws',
host: 'localhost:3000',
'user-agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.89 Safari/537.36',
'accept-language': 'fr-FR,fr;q=0.9,en-US;q=0.8,en;q=0.7,la;q=0.6' } } }
答案 0 :(得分:1)
我想办法管理它。
Meteor.loginWithPassword不是一个选项,因为它不适用于Meteor.call source Meteor.connection.setUserId(response),但localStorage中没有存储任何内容:所以每刷新一次,我都会被注销。我需要来自accounts-base的Accounts.callLoginMethod:
登录方法成功调用
this.setUserId(id)和 服务器上的Accounts._setLoginToken并返回一个对象 字段id(包含用户ID),token(包含简历 令牌),以及可选的tokenExpires。
此外,在该方法中,我需要返回函数Accounts._attemptLogin(或者客户端无法处理任何内容)。
所以,要恢复:
在客户端
Accounts.callLoginMethod({
methodName: 'logTwo',
methodArguments: [
{
user: userfinal,
password: passfinal
},
],
userCallback: function(error) {
if (!error) {
// handle return here
}
}
});
在服务器上
Meteor.methods({
logTwo (options) {
// Consistency var check
const passwordValidator = {digest: String, algorithm: String};
check(options, {
user: String,
password: passwordValidator
});
// check user
const getUser = Accounts.findUserByEmail(options.user);
if (!getUser) {throw invalidLogin();}
// check password
const checkPassword = Accounts._checkPassword(getUser, options.password);
if (checkPassword.error) {throw invalidLogin();}
// get user's id
var userID = getUser._id
// logic here
return Accounts._attemptLogin(this, 'login', '', {
type: '2FALogin',
userId: userID,
});
},
});
Accounts.validateLoginAttempt(function (options) {
if (options.type === '2FALogin' && options.methodName === 'login') {
return true;
}
if (options.error) {
console.log('login error: ' + options.error);
}
});