This repo contains in packages the davidsichau:accounts-et package.

The rest is only for testing.

To use this package:

import { Login } from 'meteor/davidsichau:accounts-eth'

<Login loginStyle='redirect' loginLabel='Login Popup'/>

oAuth Helper

Helper for et oAuth Login

Getting Started

install the package with meteor:

meteor add davidsichau:accounts-eth

Dependencies

Provided Functions

The package provides a function for oAuth Login via the oAuth system.

Meteor.loginWithEt({loginStyle: 'popup'}, callback);

Where loginStyle can bei either popup or redirect depending on the wanted kind of login way. This function then will start the oAuth login flow and when the callback is called the user is logged in. callback is the standard callback of meteor login methods.

Provided Components

The package provides a react component which takes care of the login.

import { Login } from 'meteor/davidsichau:accounts-et'

<Login />

The component can be provided with the following props:

loginStyle: can be of form redirect, popup which defines the oAuth login flow. Default: iframe
loginLabel: the label of the popup button. Default: Login

Depending on the login Style the flow differ.

redirect flow

If the user is not logged in the Component will redirect the user to the oAuth Login page and after wards redirect the user back.

The component will render a button with the class .oAuthPopupButton (which can be styled with css). When the user clicks the button a popup opens with the oAuth Login page. The label of the button can be provided by the loginLabe prop of the Login component.

Configuration

In order that the package works it is required to provide the following document in the meteor_accounts_loginServiceConfiguration collection:

{
    "_id" : "NKECrwdZZT6kYQfhK",
    "service" : "eth",
    "url_authorize" : "http://localhost:3010/authorize",
    "url_token" : "http://localhost:3010/token",
    "url_identity" : "http://localhost:3010/user/info",
    "secret" : "provided secret",
    "client_id" : "provided client id"
}

service is the name of the login service and is fixed to et.
url_authorize is the url of the authorization endpoint of the oAuth Server
url_token is the url of the token endpoint of the oAuth Server
url_identity is the url of the identity endpoint of the oAuth Server
secret is the provided secret of the oAuth Server. This needs to be protected and should be never released to

the client side.

client_id is the provided client id of the oAuth Server

User Collection

If a login is successful a new user is generated or if the user already exist the user is logged in.

An example user looks like that:

{
    "_id" : "AcgweGSX36T3Bcx7o",
    "createdAt" : ISODate("2018-04-25T12:02:04.129Z"),
    "services" : {
        "et" : {
            "accessToken" : "_KjwuOetuPObuzlj3XmdEHAqnM6haSQmEvomWmlkjfs",
            "id" : "LAxF2yJ635f2KZ7ks",
            "expiresAt" : 1532439829120.0
        },
        "resume" : {
            "loginTokens" : []
        }
    },
    "profile" : {
        "userId" : "LAxF2yJ635f2KZ7ks",
        "email" : "xyz@gmail.com",
        "firstName" : "ds",
        "lastName" : "kjk",
        "gender" : "m",
        "lang" : "de",
        "organisation" : "QGm8uyspn8gK6d2fM",
        "role" : "_user_pupil",
        "service" : "google"
    }
}

In services et the original user id on the oAuth server is stored and the accessToken, which is required if one wants to call any specific oAuth Server methods in the user context.

In profile the standard information about a user is stored. One can expect that always the following fields are provided:

userId, email, firstName, lastName, gender, lang, organisation and service. Optional fields are legiNummer and role. In service the used login service is stored the following are possible: password, eth, google and facebook.