meteor-accounts-meld icon indicating copy to clipboard operation
meteor-accounts-meld copied to clipboard

Published 20 hours ago verified publisher icon splendido

Possible to allow melding of unverified password account?

Open steph643 opened this issue 9 years ago • 9 comments

From the doc:

At the moment it is not possible to do the contrary: a call to Meteor.loginWithPassword will log out the current user and login the one associated with the password service. After this, only in case the email used with the password service is already verified, the two account will be elected for melding

Why this limitation? Any technical difficulty?

steph643 avatar Jul 12 '15 13:07 steph643

+1

zacharynevin avatar Jul 16 '15 06:07 zacharynevin

I guess the reason is that you intercept updateOrCreateUserFromExternalService(), which is not called when logging-in with a password...

A solution to this would be either:

  • to have access to the current userId from Accounts.validateLoginAttempt, or
  • to have access to the former userId from Accounts.onLogin.

What do you think? Maybe we should fill a feature request?

steph643 avatar Aug 11 '15 14:08 steph643

brettle:accounts-multiple takes the approach @steph643 is describing. @splendido, would you consider a PR that modifies accounts-meld to use brettle:accounts-multiple instead of intercepting updateOrCreateUserFromExternalService()?

brettle avatar Aug 23 '15 19:08 brettle

I had no chance to check brettle:accounts:multiple so far and, to be hoest, it's been quite a bit of time I'm not trying to update this package. This is due to the little spare time and the work I'm doing on autopublish.meteor.com and the useraccounts packages.

For sure I'll try to revise all the logic behind this package when I'll be converting it to a plugin package for [email protected]

splendido avatar Aug 23 '15 20:08 splendido

@steph643 is right, the call to Accounts.loginWithPassword is not intercepted at the moment, hence the normal flow is followed.

If there's something to deal with this without thouching the updateOrCreateUserFromExternalService part, I'll try to consider a PR (provided that comprehensive tests will be included as well...)

splendido avatar Aug 23 '15 20:08 splendido

@brettle, from my tests, in a Accounts.validateLoginAttempt() callback:

  • Meteor.userId() triggers an exception
  • this.userId returns undefined

So I don't understand how you would implement the PR. I am also surprised this line works :-) There is obviously something I am missing. Can you please explain?

steph643 avatar Aug 24 '15 14:08 steph643

brettle:accounts-multiple uses brettle:workaround-issue-4862 to workaround the Meteor bug that causes the problems you described.

FYI, MDG has merged a PR I submitted to fix the bug, so the workaround won't be necessary in Meteor 1.2+.

brettle avatar Aug 24 '15 16:08 brettle

Great, thanks.

steph643 avatar Aug 24 '15 18:08 steph643

PR #23 addresses this issue. FYI, the non-melding case (i.e. just associate a new email/password with the current account) can be handled by just doing meteor add brettle:accounts-add-service to existing apps. The PR adds brettle:accounts-add-service as a dependency to achieve the same effect. The melding case (i.e. melding an existing password account with the current account) required some minor additions to the code so it could use brettle:accounts-multiple.

brettle avatar Sep 01 '15 23:09 brettle