Meteor Accounts autologin pattern?

2019-07-19 08:25发布

I'm thinking about a sign-up-with-mobile number system whereby someone can register with a mobile number and get a SMS to verify that they exist... at which point I'd like to have them automatically logged in without a password... (the SMS is basically a password)

This is patterned on the Lyft app sign-up, which doesn't ask for a username/password/etc.

But for the life of me, I can't figure out how to do this.

I'm totally fine with a server only Meteor.method which responds with something "secure" but I don't know what that would be now.

The only thing I can think of would be to set the password on the User and then transmit it to the client and run a login (which seems insecure to me).

I have read through this great article https://meteorhacks.com/extending-meteor-accounts.html and it's a good option, but I don't know of a strategy for that which wouldn't bypass security too

(at some point the server has to communicate securely back to the client...)

Recommendations?

1条回答
小情绪 Triste *
2楼-- · 2019-07-19 09:19

I made a package that might help you, Meteor accounts phone, which do login based on sms mobile number verification https://github.com/okland/accounts-phone/ Enjoy!

查看更多
登录 后发表回答