Meteor Authentication System

Meteor authentication

Authentication is a means of identifying an application’s users before granting access to web resources. Meteor provides a built-in way to add user functionality without having to write an authentication system ourselves. The basic workflow of a web application provides a mechanism for users to log in and register accounts.

Not every application needs authentication, so the user authentication functionality isn’t available by default in created projects. We need to install the account functionality through the terminal. We’ll create a little app, install the Meteor account package, and get familiar with the package before installing it to the online bookshop application that we’re building throughout this chapter.

We’ll install a login provider on the terminal by typing meteor add accounts-password. Meteor creates a users collection in MongoDB after the installation of the accounts-password package. This collection is used for the management of users’ accounts.

The coding playground at the end of this lesson implements authentication in a MeteorJS application. We have a Meteor Method called createAccount inside the imports/api/methods.js file. On line 2, we import Accounts from meteor/accounts-base. This package was added to the project when we installed the accounts-password package.

The createAccount method is called from the client. On line 6, we destructure the user object that’s passed to the function to get the username and password passed from the client. On line 7, a check is performed to determine if a user with the username exists by calling Accounts.findUserByUsername. If no user already exists with the passed username, a new user account is created by calling Accounts.createUser() with the user details. The Accounts.createUser method logs the user in automatically upon successful account creation if called on the client. If it’s called on the server, it returns the _id of the newly-created user back to the client.