Add custom field on signin form

70 Views Asked by fixitagain At 29 September 2016 at 08:08

Using meteor useraccounts package, I would like to add a custom field in signIn form (named token) to enable 2fa authentication.

Unfortunatly on AccountTemplates.addField only work with signUp form, as far as I have worked on it.

Any hint?

There are 2 best solutions below

fixitagain On 30 September 2016 at 14:44 BEST ANSWER

The answer i managed to implement was to change the pattern with a different approach, using directly Meteor API:

Set a special field on user collection: tokenverified: false
Add Meteor.onLogin (called each time you login or refresh manually the page) and Meteor.onLogout callback to set this field to false
Create a template verify2FA to deal with token and set tokenverified: true
Create an iron-router plugin ensure2FA that will check this token and redirect to the verify2FA template.

Max G. On 29 September 2016 at 09:31

The accounts package has an Accounts.onLogin function that you can use to call a method and update the user account.

Accounts.onLogin(function(user) {
  Meteor.call('setToken', user)
})

and then

Meteor.methods({
  setToken: function(user) {
    // Do some clever check
    Meteor.users.update(/* Set your token */);
  },
});

The advantage of using a method is that you can do some server-side check to ensure your token has not been hacked.