TechQA.

How to ask for the password again in meteor?

784 views Asked by At

Many websites ask for the password again when the user tries to change an important setting (even if they are already logged in).

How can I achieve that with Meteor?

security meteor meteor-accounts
Original Q&A
1

There are 1 answers

5
SylvainB On

Accounts now provides (been a while now) a convenient Accounts._checkPassword method. It only works only on server-side, but David Weldon wrote a nice tutorial just for what you are asking:

meteor: check a user's password

For convenience and archiving purposes, here are the code samples. I removed the encryption part for less complexity. (You should use SSL rather than rely on client-side encryption anyway, but that's another story)

On the client side, we catch the password input event and call a custom server method:

Template.userAccount.events({
  'click #check-password': function() {
    var password = $('#password').val();
    Meteor.call('checkPassword', password, function(err, result) {
      if (result) {
        console.log('the passwords match!');
      }
    });
  }
});

Then on the server side, here is the method defined for calling _checkPassword and answering to our client:

Meteor.methods({
  checkPassword: function(password) {
    check(password, String);
    if (this.userId) {
      var user = Meteor.user();
      var result = Accounts._checkPassword(user, password);
      return result.error == null;
    } else {
      return false;
    }
  }
});

Related Questions in SECURITY

Related Questions in METEOR

Related Questions in METEOR-ACCOUNTS

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions