[英]How to prevent auto login after create user
I add accounts-password and accounts-base packages in Meteor
我在
Meteor
添加了帐户密码和帐户基础包
When I create user like this: 当我创建这样的用户时:
Accounts.createUser({username: username, password : password}, function(err){
if (err) {
// Inform the user that account creation failed
console.log("Register Fail!")
console.log(err)
} else {
console.log("Register Success!")
// Account has been created and the user has logged
}
});
Account has been created and the user has logged. 帐户已创建且用户已登录。
for instance, I log in as an administrator and I want to create a account for somebody,but I don't want to log out after create account. 例如,我以管理员身份登录,我想为某人创建一个帐户,但我不想在创建帐户后注销。
How to prevent auto login after create user ? 创建用户后如何防止自动登录?
I find source code of accouts-password packages: 我找到了accouts-password包的源代码:
48 - 63 lines: 48-63行:
// Attempt to log in as a new user.
Accounts.createUser = function (options, callback) {
options = _.clone(options); // we'll be modifying options
if (!options.password)
throw new Error("Must set options.password");
var verifier = Meteor._srp.generateVerifier(options.password);
// strip old password, replacing with the verifier object
delete options.password;
options.srp = verifier;
Accounts.callLoginMethod({
methodName: 'createUser',
methodArguments: [options],
userCallback: callback
});
};
Should I modify the source code to solve this problem? 我应该修改源代码来解决这个问题吗?
Any help is appreciated. 任何帮助表示赞赏。
You're trying to use client side accounts management to perform a task it hasn't been designed for. 您正在尝试使用客户端帐户管理来执行尚未设计的任务。
Client side accounts package purpose is to specifically allow new users to create their account and expect to be logged in immediately. 客户端帐户包的目的是专门允许新用户创建他们的帐户并期望立即登录。
You have to remember that certain functions can be ran on the client and/or on the server with different behaviors, Accounts.createUser docs specifies that : "On the client, this function logs in as the newly created user on successful completion." 您必须记住某些功能可以在客户端和/或服务器上以不同的行为运行,Accounts.createUser docs指定:“在客户端上,此功能在成功完成时以新创建的用户身份登录。”
On the contrary, "On the server, it returns the newly created user id." 相反,“在服务器上,它返回新创建的用户ID。” (it doesn't mess with the currently logged in user on the client).
(它不会弄乱客户端上当前登录的用户)。
In order to solve your problem, you should write a server side method creating a new user and be able to call it from your client side admin panel, after filling correctly a user creation form of your own design. 为了解决您的问题,您应该编写一个服务器端方法来创建一个新用户,并且在正确填写您自己设计的用户创建表单后,可以从客户端管理面板调用它。
If you really want this behavior you would need to modify password_server.js
如果您真的想要这种行为,则需要修改
password_server.js
and remove lines 474-475 containing: 并删除包含以下内容的第474-475行:
// client gets logged in as the new user afterwards.
this.setUserId(result.id);
So the User would not be logged in after the user is created. 因此,用户在创建用户后不会登录。
I had the same problem. 我有同样的问题。 I wanted to create an admin interface where an administrator can set a user's password but not pass it to a server method in plaintext.
我想创建一个管理界面,管理员可以在其中设置用户密码,但不能将其传递给明文服务器方法。 The client side of Accounts.createUser already deals with this, so I just alter the normal sequence of events in
accounts-password/password-server.js
in the presence of a flag. Accounts.createUser的客户端已处理此问题,因此我只是在存在标志的情况下更改
accounts-password/password-server.js
中的正常事件序列。 Its not perfect or pretty but seems to work and you don't have to modify the accounts-password
package directly. 它不完美或漂亮,但似乎工作,你不必直接修改
accounts-password
包。
Meteor.startup(function ()
{
// store the default createUser method handler
var default_create_user = Meteor.server.method_handlers.createUser;
// remove it so we can register our own
delete Meteor.server.method_handlers.createUser;
Meteor.methods({createUser: function (options) {
var default_login_method = Accounts._loginMethod;
// check if noAutoLogin flag is present
if (options.noAutoLogin)
{
// temporarily disable the login method while creating our user
// NB: it might be possible that simultaneous calls to createUser that do want the default behavior
// would use the altered Accounts._loginMethod instead
Accounts._loginMethod = function(s, m, a, p, fn)
{
// this is the callback that is constructed with a closure of the options array and calls internal create functions
fn();
// restore default _loginMethod so other calls are not affected
Accounts._loginMethod = default_login_method;
}
}
// invoke the default create user now that the login behavior has been short-circuited
default_create_user(options);
}});
});
If you want to continue using Accounts.createUser
on the client without logging the user in. You can call Meteor.logout()
from createUser
's optional callback . 如果要在客户端上继续使用
Accounts.createUser
而不记录用户。可以从createUser
的可选回调中调用Meteor.logout()
。
Accounts.createUser(user, err => {
if (err) {
// handle error
return;
}
// Prevent unwanted login
Meteor.logout();
});
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.