Skip to content
/ accounts-tequila Public

Control access to a Meteor Web app using EPFL's Tequila authentication system

3 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

epfl-si/accounts-tequila

BranchesTags

Repository files navigation

Control access to a Meteor Web app using EPFL's Tequila authentication system

Like the passport-tequila npm, but for Meteor

Usage

$ meteor add epfl:accounts-tequila

Then in main.js:

import Tequila from 'meteor/epfl:accounts-tequila'

Meteor.startup(function() {
  Tequila.start({
        upsert: false,
        ...
  })
})

Fake Tequila server

This package is attuned to passport-tequila's fake Tequila server. To use it, use one of the two methods in the paragraphs below.

In-process fake Tequila

  1. Create a settings.json file that contains 
    {
"fake_tequila": {
"requestauth": {
"uniqueid": "243371",
"displayname": "Dominique Quatravaux",
"group": "epfl-dojo,idev-fsd"
}
}
}
  2. Change your Meteor app to run 
    Tequila.start({fakeLocalServer: Meteor.settings.fake_tequila }, ...)
  3. Run meteor with meteor run --settings settings.json

Out-of-process fake Tequila

  1. Clone passport-tequila outside of your Meteor project: 
    git clone git@gitlab.com:epfl-sti/passport-tequila.git
  2. Create a tequila.json file that contains
    {
"requestauth": {
"uniqueid": "243371",
"displayname": "Dominique Quatravaux",
"group": "epfl-dojo,idev-fsd"
}
}
  3. Run node test/bin/fake_tequila_server --config-file tequila.json
  4. Change your Meteor app to run 
    Tequila.start({fakeLocalServer: { port: 3011 }, ... })

API Reference

Functions

start(opts)

Enable Tequila with a redirect-based flow.

Accessing any of the app's HTML URLs will now redirect to Tequila, unless a ?key= URL parameter is present (indicating we are back from Tequila, in which case the key be passed as a Meteor login method parameter over DDP - The JS and CSS URLs are not guarded in this way, so that the app may initialize as normal).

upsertUser(id, setAttributes)

Upsert (update or insert) a record in Meteor.users

Newly created users must have an _id that is a string (see https://stackoverflow.com/a/24972966/435004). We use either tequila.uniqueid (i.e. the person's SCIPER number) or tequila.user (i.e. the person's GASPAR user name), in this order of preference, depending on which is defined.

start(opts)

Enable Tequila with a redirect-based flow.

Accessing any of the app's HTML URLs will now redirect to Tequila, unless a ?key= URL parameter is present (indicating we are back from Tequila, in which case the key be passed as a Meteor login method parameter over DDP - The JS and CSS URLs are not guarded in this way, so that the app may initialize as normal).

Kind: global function

Param Type Description
opts Object Options
opts.client string Passed to passport-tequila's Protocol object
opts.service string Passed to passport-tequila's Protocol object
opts.request string Passed to passport-tequila's Protocol object
opts.require string Passed to passport-tequila's Protocol object
opts.tequila_host string Passed to passport-tequila's Protocol object
opts.tequila_port string Passed to passport-tequila's Protocol object
opts.bypass Array.<string> List of URL patterns that are not redirected to Tequila
opts.control Array.<string> List of URL patterns that are redirected to Tequila, subject to the exceptions stated above (i.e. not matching opts.bypass, and not when a ?key= URL parameter is present)
opts.fakeLocalServer boolean | Object Either { port: portNumber } to use a Tequila server already running out-of-process, or true for an in-process Tequila server on an ephemeral port
opts.getUserId function Function that takes the Tequila fetchattributes RPC response fields, and returns either the Meteor user ID to be used (which must be a string - See https://stackoverflow.com/a/24972966/435004) or a Promise of same. Also, If opts.upsert is not false, non-existent users will be auto-created with the return value as their Meteor user ID; see opts.upsert for details. The default behavior is to return either tequilaAttributes.uniqueid if it exists, or tequilaAttributes.user otherwise.
opts.upsert function Function that takes the Tequila fetchattributes RPC response fields, and returns either the things that should be upserted in this user's Meteor.user record (the one whose ID is the return value of opts.getUserId) or a Promise for same. The default implementation returns { $set: { tequila: tequilaAttributes }}. Set opts.upsert to false if you don't want accounts-tequila to perform automatic upsertion for you (in which case you may program opts.getUserId to auto-create users before completing its Promise). If neither your code (in opts.getUserId) nor accounts-tequila (with opts.upsert) auto-creates users, then users without a pre-existent entry in the Meteor.user collection get a Tequila:user-unknown exception to their login method call.

upsertUser(id, setAttributes) ⇒

Upsert (update or insert) a record in Meteor.users

Newly created users must have an _id that is a string (see https://stackoverflow.com/a/24972966/435004). We use either tequila.uniqueid (i.e. the person's SCIPER number) or tequila.user (i.e. the person's GASPAR user name), in this order of preference, depending on which is defined.

Kind: global function Returns: Promise Resolves to the Meteor.user record when upsertion completes

Param Type Description
id string The Meteor.user ID to upsert as - Must be a string as per https://stackoverflow.com/a/24972966/435004
setAttributes Object A standard MongoDB upsert payload, e.g. { $set: { foo: "bar" }}

About

Control access to a Meteor Web app using EPFL's Tequila authentication system

Resources

Readme
Activity
Custom properties

Stars

3 stars

Watchers

5 watching

Forks

0 forks
Report repository

Releases

19 tags

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages