grails (11) vaadin (11) meteor (6) java (4) elasticsearch (3) apple (2) centos (1) cloudbees (1) google analytics (1) gradle (1) heroku (1) javafx (1) javascript (1) jdbc (1) jug (1) logback (1) logging (1) mac os (1) management (1) mongodb (1) mongolab (1) mysql (1) twitter (1) ubuntu (1)

Sunday, July 21, 2013

Meteor: How to login with Email, GitHub, Twitter, Google and Facebook account and add credentials to an existing user account

When an user has already an account in the Meteor application, we don't want to create another user in MongoDB when he tries to login with other OAuth service. Rather we connect the accounts and add a new login service to the existing user's services collection.

This code doesn't work for Twitter, because Twitter does not return email in the user data. Therefore, there is no way how to to connect Twitter account by email. I propose to exclude Twitter from your application until it is solved by Meteor (requestPermissions).

Also Github can have an account without email. So when user tries to login with GitHub without email, a new account is created.

Just create a new file oauth.js in server folder and copy paste the code below.

isProdEnv = function () {
if (process.env.ROOT_URL == "http://localhost:3000") {
return false;
} else {
return true;
}
}
Accounts.loginServiceConfiguration.remove({
service: 'google'
});
Accounts.loginServiceConfiguration.remove({
service: 'facebook'
});
Accounts.loginServiceConfiguration.remove({
service: 'twitter'
});
Accounts.loginServiceConfiguration.remove({
service: 'github'
});
if (isProdEnv()) {
Accounts.loginServiceConfiguration.insert({
service: 'github',
clientId: '00000',
secret: '00000'
});
Accounts.loginServiceConfiguration.insert({
service: 'twitter',
consumerKey: '00000',
secret: '00000'
});
Accounts.loginServiceConfiguration.insert({
service: 'google',
appId: '00000',
secret: '00000'
});
Accounts.loginServiceConfiguration.insert({
service: 'facebook',
appId: '00000',
secret: '00000'
});
} else {
// dev environment
Accounts.loginServiceConfiguration.insert({
service: 'github',
clientId: '11111',
secret: '11111'
});
Accounts.loginServiceConfiguration.insert({
service: 'twitter',
consumerKey: '11111',
secret: '11111'
});
Accounts.loginServiceConfiguration.insert({
service: 'google',
clientId: '11111',
secret: '11111'
});
Accounts.loginServiceConfiguration.insert({
service: 'facebook',
appId: '11111',
secret: '11111'
});
}
Accounts.onCreateUser(function (options, user) {
if (user.services) {
if (options.profile) {
user.profile = options.profile
}
var service = _.keys(user.services)[0];
var email = user.services[service].email;
if (!email) {
if (user.emails) {
email = user.emails.address;
}
}
if (!email) {
email = options.email;
}
if (!email) {
// if email is not set, there is no way to link it with other accounts
return user;
}
// see if any existing user has this email address, otherwise create new
var existingUser = Meteor.users.findOne({'emails.address': email});
if (!existingUser) {
// check for email also in other services
var existingGitHubUser = Meteor.users.findOne({'services.github.email': email});
var existingGoogleUser = Meteor.users.findOne({'services.google.email': email});
var existingTwitterUser = Meteor.users.findOne({'services.twitter.email': email});
var existingFacebookUser = Meteor.users.findOne({'services.facebook.email': email});
var doesntExist = !existingGitHubUser && !existingGoogleUser && !existingTwitterUser && !existingFacebookUser;
if (doesntExist) {
// return the user as it came, because there he doesn't exist in the DB yet
return user;
} else {
existingUser = existingGitHubUser || existingGoogleUser || existingTwitterUser || existingFacebookUser;
if (existingUser) {
if (user.emails) {
// user is signing in by email, we need to set it to the existing user
existingUser.emails = user.emails;
}
}
}
}
// precaution, these will exist from accounts-password if used
if (!existingUser.services) {
existingUser.services = { resume: { loginTokens: [] }};
}
// copy accross new service info
existingUser.services[service] = user.services[service];
existingUser.services.resume.loginTokens.push(
user.services.resume.loginTokens[0]
);
// even worse hackery
Meteor.users.remove({_id: existingUser._id}); // remove existing record
return existingUser; // record is re-inserted
}
});
view raw oauth.js hosted with ❤ by GitHub
Thanks to Gadi Cohen post.
TextLab for Mac
Ultimate application to validate, clean and format JSON, XML, SQL, HTML.
Buy TextLab
Posted by at
Labels:

4 comments:

  1. UnknownOctober 24, 2013 at 7:08 PM

    kinda think performing 4 queries (or one per service) could be optimized a bit..

    ReplyDelete
  2. UnknownNovember 17, 2013 at 3:58 AM

    If the user doesn't have an email associated with the service, or the email associated with the service does not match on their external service then this breaks?

    ReplyDelete
  3. ElfoslavNovember 20, 2013 at 11:54 AM

    Service Google does not have appId. It must be renamed to clientId.

    ReplyDelete
  4. Amit GuptaApril 20, 2014 at 10:22 PM

    There is small problem in your code. It won't work. You expect "user" in Accounts.onCreateuser to have loginTokens as well, however, loginTokens are generated after user object is returned from this function back to Meteor. Hence, following line will cause error

    existingUser.services.resume.loginTokens.push(
    user.services.resume.loginTokens[0]
    );


    You should comment these lines and it will work smoothly.

    ReplyDelete

Subscribe to: Post Comments (Atom)