Meteor: Check if the user is logged on startup - authentication

Whether the user is logged in or not, when I call Meteor.user() in Meteor.startup(), the user is always undefined (not logged).
I want to perform an action (redirect the user to an external url where the login must occur) if it is not logged in as soon as the page loads. The problem is that if he is logged in, the page will only know it at some point in time (in milliseconds, of course). I can trap the eventual logged in user with Tracker.autorun, but I want to perform an action now (when the user is always not logged in) and I know only after whether I need to perform it or not (maybe the user is already logged in).
How to do this in Meteor?
EDIT
I ended up with the following working:
Tracker.autorun(() => {
if (!Meteor.user() && !Meteor.loggingIn() && Accounts.loginServicesConfigured()) {
Meteor.loginWithTwitter();
}
});

Try Meteor.loggingIn()
From the docs
if a login method (such as Meteor.loginWithPassword, Meteor.loginWithFacebook, or Accounts.createUser) is currently in progress. A reactive data source.

One solution to the problem is to use the meteorhacks:fast-render package. Its inclusion causes the initial set of data to be sent along with the application code, so the user information is available immediately in the startup method.
If you don't want to use that package, you can always restructure your app so that the "now" you speak of always happen after the initial data is loaded. For example, you can move this check to the onBeforeAction callback of your root controller. This will always run before any template is rendered, assuming you also subscribe to user data in the root controller.

Related

Vue changing the component without URL changes

I'm in Registration.vue component. The component contains registration form with email, password, etc.. fields.
I would like to thanks user for successful registering (with instruction that he should go check email).
What is the best solution to do this?
I was thinking about:
redirecting to second component using this.$router.push or this.$router.replace but this will change URL and when somebody go this URL without registering he will see message that he should check email...
replacing current component with other when registering action successful but I dont know how to do this (without URL change, and with good code).
using <component v-bind:is="currentView"> but I am not sure if this is best solution. I need to make three files (for parent component with :is, for form and for thanks). Also i need to emit event from child that registration went well, but on the other hand i should fire vuex registration action and dont expect for response (see the next sequence)
The other thing is that we should not wait for the vuex action to be completed, but i need to know if registration went well - https://github.com/vuejs/vuex/issues/46#issuecomment-174539828
I am using vue.js 2, vue-router, vuex
Thanks
You could use something like Sweet Alert to display a success or error dialog. It supports Ajax requests so you can display a "your registration is processing, please check your email" message while it is being handled.
The first approach is suitable when user successfully registers and then redirected to login page.
Now issue how to check whether user has entered required field? So there comes form validations. You can use vee-validate plugin and it's perfect for all projects. I am using it and it has so many available validations.
With these UI validations, after they are passed successfully then only submit action will be fired or else user will be prompted for entering required field.
You can see basic example here - http://vee-validate.logaretm.com/index.html#basic-example
When action is performed,
///main.js
...
Vue.use(VeeValidate)
...
// register.vue
this.$validator.validateAll().then((result) => {
if (result) {
//done
this.$router.replace( '/login' );
}
else{
// throw error
}
Simple as that.
Try this approach if you want the UI validations on the form.

Aurelia page lifecycle - avoid user from leaving the page

Giving the scenario where when leaving the page is losing unsaved data, the idea is to ask the user for a confirmation.
Using the canDeactivate hook I can easily avoid the user from leaving the page (I'm displaying a confirm dialog).
However, as soon the user press back on the second time, he can leave without a problem. It seems that the state is lost and the canDeactivate hook is no longer called.
*This applies to all pipeline steps (I tried then all, none safes the state after the first next.cancel)
Is there a better way to avoid the user leaving the page?
canDeactivate() {
return Promise.resolve(false);
}

jQuery mobile and PhoneGap using sessions to ensure user cant go "back" to or visit a page unless logged in

I am in the middle of making an app using a PHP web service to log users in/authenticate their credentials.
I am using localStorage (part of phonegaps local storage API) to ensure the user doesnt have to keep logging in when they open the app. This is done by storing the username and password on local storage and checking it when the app opens. If they feel the need to log out I have a simple logout button binded to a tap event which clears their local storage.
$( '#logout' ).live( 'tap',function(event){
window.localStorage.clear();
$.mobile.changePage("#loginPage", {transition: "none"});
});
BUT... when logged out, they are still able to click the back button on the phone and get into the secure area, which doesnt make sense because the "welcome, (username)" part is all messed up etc...
Im wondering if there is a way to ensure that what ever page they open does some sort of check to make sure theyre logged in??
Bind into the pagebeforeshow event of the pages to check if the user is logged on - check if credentials are present in local storage.
If user is not logged on you can either call preventDefault to stop the pageChange or better redirect the user to a loggedOffPage by modifying the toPage passed into the handler.
Refer the Page change events section on JQM Events page.

Plone make login mandatory on every page but main page

A customer wants to have its Plone site behave like this:
the main page can be seen by anonymous users
you have to be registered and authenticated to see any other page
the site is open for registration, so the forms to authenticate and register should also be made visible by anonymous
How one can approach this?
Is there a way to hook a python script/class/method/function to any request made by the user? Overriding the main_template.pt and adding a TAL call to a method that does these checks would be enough?
The tricky part is that even if the anonymous can only visit the main page, the main page in itself is made up of other content types which should be only viewed by authenticated users (by their restrictions, not because of workflow).
I ruled out, maybe a mistake?, workflow because then everything should be made private but still the global_nav is made out of folders which, if the workflow approach was taken, should be private/non-viewable by anonymous.
Cheers,
Try this:
add a state internally published to your workflow
copy permissions configuration from the "public" state into the new state and than remove the "View" permission from the Anonymous User (maintain the 'Access content information', that's the key). Then add all needed transitions.
put your home page in "public" state
put everything else in 'internally published' state
This should work because if you link content's information in the homepage, this will work, but if someone try to access a content he will miss the "view" permission and will be redirected to the login.

Best Practice for "Evaluate Now, Respond Later"?

Suppose I'm building a login system. The user enters a username and password into a field and it is sent via HTTPS to the server, which validates the login before the page loads. If a bad password is sent, the login obviously fails immediately, but one would want the error message to be displayed later in the page, near the login box.
The obvious solution is to set a global flag and have the login box check it and add the error message if necessary, but my understanding is that global variables are best avoided. Is there another straightforward method of achieving this functionality?
For a non-AJAX login page, it is common practice to redirect the user browser to the login page with an extra query parameter in the url, In pseudo-code, here is the login validation controller code segment:
success = checkLogin(username,password)
if (success == false)
redirect('http://example.com/login?failedlogin=true')
The login page controller would be responsible for detecting this query param and telling the view code to display a failure message. I don't believe the term 'global flag' applies to this practice so it should meet your requirements.
If the login page uses Ajax, the Javascript on the login page takes the results of the AJAX call and updates the appropriate DOM elements with the failure message.