Meteor: Using iron router and custom authentication issue

1
votes

I might have this pretty close but I'm lacking the knowledge to fix this last issue.

I wanted to use a custom authentication system instead of using accounts-ui so I could track some additional details about each user.

Everything worked great until I get to the resetPassword part. If a user submits their email address in the forgotPassword form, the email is received. But when you click the reset password link in the email it does not display the resetPassword template.

This is on SO here: Meteor account email verify fails two ways

And the iron-router github issue tracker here (which has the most fixes though is more focused on the enrollmentemail than resetPassword which I'm assuming should be very similar): Iron-router swallows Accounts.sendEnrollmentEmail

If I understand correctly from the iron-router issue tracker above, iron-router doesn't (or didn't and maybe still doesn't) support hashbang urls like that being sent in the reset password email. A URL like:

http://localhost:3000/#/reset-password/T4rPxcVNWKwBONHSRajSk7dNZvM_YRxTLyzxZVv5SuU

Meteor was then updated so that meteor accounts-base strips out everything after the # and stores them in variables in the Accounts namespace.

While I think I understand all of that, now the question is why I can't get the suggestions in the issue tracker to work for my reset password code. I'm using everything that is in the custom auth system by Julien Le Coupanec and then I've done the following from the issue tracker:

router.js

Router.map(function() {
  this.route('invList', {path: '/'});
    this.route('resetPassword', {
        controller: 'AccountController',
        path: '/reset-password/:token',
        action: 'resetPassword'
    });

});


AccountController = RouteController.extend({
  resetPassword: function () {
    Accounts.resetPassword(this.params.token, function () {
      Router.go('/reset-password');
    });
  }
});

overrideaccounts.js in /server

(function () {
    "use strict";

    Accounts.urls.resetPassword = function (token) {
        return Meteor.absoluteUrl('reset-password/' + token);
    };

    Accounts.urls.verifyEmail = function (token) {
        return Meteor.absoluteUrl('verify-email/' + token);
    };

    Accounts.urls.enrollAccount = function (token) {
        return Meteor.absoluteUrl('enroll-account/' + token);
    };

})();

I'm wondering if the issues isn't related to either bad routing on my part (likely since I don't have my head wrapped around it well yet), if I put "server code" as is listed in the issue track in the right place, or if the session related code below is what is causing the resetPassword template to not display. Or something else that I'm missing of course.

main.js

//forgotPassword helper and event handler
Template.main.helpers({
    showForgotPassword: function() {
        return Session.get('showForgotPassword');
    },
    resetPassword: function(){
        return Session.get('resetPassword');
    }
});

After spending many hours on what I thought would be a really simple authentication system, I'm still at a loss. Appreciate any advice!

1
meteor

1 Answers

3
votes

Don't struggle with hacking the hash and iron router, just back to Meteor original design flow.

When user click the verify link in email, it lead back to "/" (home), so just did this:

Template.home.created = function() {
  if (Accounts._verifyEmailToken) {
    Accounts.verifyEmail(Accounts._verifyEmailToken, function(err){
      if (err != null) {
        // handle the error
        } else {
          // do what you want, maybe redirec to some route show verify successful message
        }
      });
    }
  };

I did this and verify email right, same way worked for enroll, reset password...