I am having super user which I added manually and this user can other users manually through a form I give him.
lets say if I save the input entered by the user like the code shown below:
Session.set('name', t.find('#name').value);
Session.set('password', t.find('#pass').value);
Session.set('email', t.find('#email').value);
how do I store those values in those sessions in the Meteor.users, after checking that there is no match in the email and username?
and how do I encrypt the password before storing it in my database?
This code when called from the client side as:
Meteor.call('createUser','someemail#gmail.com','password123',function(err,res){
.....
})
creates a user in Meteor.users collection with the id given below in the method
Meteor.methods({
createUser(email,password){
check(email,String);
check(password,String);
let id = Accounts.createUser({
email: email,
password: password,
profile: {} //anything you like to add to profile.
})
}
})
Related
I'm trying to make a registration/sign-up process in my Flutter application where the users will need to enter their Voter ID along with other information in order to be registered into the system. I want the Voter ID to be a unique value (like Primary Key in RDBMS) and prevent the user if they try to register using the Voter ID that has already been taken by another registered user. How can I achieve this?
Firebase Cloud Firestore
You have to save all Unique ids while registration and before registration run a query to search that unique id is already registered or not.
FirebaseFirestore.instance
.collection("your_collection_name")
.where("unique_id",
isEqualTo: 'user_input_value')
.get()
.then((value) {
print(value.docs);
if (value.docs.isEmpty) {
// this id is already exist. show some popup
} else {
for (var element in value.docs) {
print(element.id);
// Do your registration here
}
}
});
You'll want to use the voter ID as the key/ID for identifying the user data in the database in that case.
If you're using the Realtime Database, that'd look something like:
Users: {
"voterIdOfUser1": { ... },
"voterIdOfUser2": { ... }
}
If you're using Cloud Firestore, you'd use the same values as the document ID with your Users collection.
I am creating a Memer social media app. So in this everything is ready but I am confused in providing Unique display name for all users. User name are given by users. But how to validate that it is really present or not? All data are stored in firebase cloud firestore. So can anybody can help me?
Username is stored is like this: collection "users" -> document "userId" ->field "username"
For this I made a new collection with the name username. And before creating the account i was calling this function to check availability:-
checkUsernameIsUnique(String username)async
{
QuerySnapshot querySnapshot;
setState(() {
loading=true;
});
querySnapshot=await FirebaseFirestore.instance.collection('username').where("username",isEqualTo: username).getDocuments();
print(querySnapshot.documents.isNotEmpty);
return querySnapshot.documents.isEmpty;
}
checkUsernameIsUnique('username to be checked').then((val){
if(val)
{
//create the user and store the username in username collection also
FirebaseFirestore.instance.collection('username').document(widget.username).setData({
"username":widget.username,
});
}
else
//username is taken
});
u can create cloud function which will get username and returns bool if its unique or not.
I have made the users email the unique key for my entire users database:
var usersSchema = new Schema({
_id: String, // Users Unique Email address
name: String, // Users name
phone: String, // Users phone number
country: String, // Country
type: String, // tenant/agent/manager/admin
username: String, // Username for login
password: String, // Password string
trello: Object, // Trello auth settings
settings: Object, // Settings for manager and other things
createDate: Number, // Date user was created
contactDate: Number, // Date user was last contacted
activityDate: Number // Date of last activity on this user (update/log/etc)
});
So what if the user changes email address?
Is my only way to delete the record and create it again?
Or is there a smarter way?
And the users._id (email) have relations in 16 other tables.
Example the booking table
var bookingSchema = new Schema({
_id: String, // Unique booking ID
user: String, // User ID --> users._id
property: String, // Property ID --> property._id
checkin: Number, // Check in Date
checkout: Number // Check out Date
});
One user can have a LOT of bookings
What I would do is find all records that matches the email and then do a for (i=1 ; i<booking.length ; i++) and then update the email of each record
Is there a smarter way to update all emails that matches using only one mongo call?
(the reason is there are so many relations, so my loop seems a bit like a very primitive way of doing it)
I would say it's much cleaner to create a field for email and create an Unique Index on that.
Unfortunately still the relationship as the ones inside the Relational databases isn't supported! There are plans according to the latest talks to create this feature natively.
The best solution for you would be to think how to use the sub-documents to make things more consistent.
import {favRestaurants} from '/lib/collections';
import {Meteor} from 'meteor/meteor';
import {check} from 'meteor/check';
export default function () {
Meteor.methods({
'favRestaurants.create' (id, name, rating, priceLevel, type) {
check(id, String);
check(name, String);
check(rating, Number);
check(priceLevel, Number);
check(type, String);
const createdAt = new Date();
const restaurant = {id, name, rating, priceLevel, type, createdAt};
if(check(Meteor.user()) == null){
console.log('onlye logged in users can data');
}else{
FavRestaurants.insert(restaurant);
}
}
});
}
This is my insert method for adding data to the restaurants collections. When i console log the 'check(Meteor.user())' in the console i get null as output. By that logic you shouldn't be able to add data to the collection, although this is still possible.
I would also like to make the FavResaurants collection personal for each user. Iv'e tried to check if there is a user and then adding a collection in the main.js file on the client side.
Meteor.loggingIn(() => {
console.log('check for user method');
var restId = 0;
if(Meteor.user() != null){
console.log('created new collection for the user');
const FavRestaurants = new Mongo.Collection('favRestaurants' + restId);
}
restId++;
});
I dont get any output to console using this method, which i found in the meteor docs. Is the code in the wrong place? Any help is much appriciated.
According to the docs the Accounts.ui.config is the method i should use. But I'm not sure in code i should put it. So far the placement of this method has resulted in my application crashing.
Answering your first question, to allow only logged-in clients to access a method, you should use something like:
if (!Meteor.userId()) {
throw new Meteor.Error('403', 'Forbidden');
}
Now, I see you want a collection to store favorite restaurants for each user in client side. But as I see it, there'd be only one logged in user per client, so you don't need a separate collection for each user (as the collection is in each client), you can just refer the user with it's id, and then fetch a user's favorite restaurants by a query like:
FavRestaurants.find({user: Meteor.userId()});
Moreover, as the docs suggest, Meteor.loggingIn is a method which tells you if some user is in the process of logging in. What you are doing is over-riding it, which doesn't make sense.
You should do something like:
if (Meteor.loggingIn()) {
// Do your stuff
}
Hope it gives you more clarity.
Creating a collection per user is a bad approach.
Define your favRestaurants collection once and add a owner field in the restaurant document before insert.
Create a publish method to publish to client side the userid favrestaurant only.
One more thing, check your userid first in your Meteor method, it will avoid unnecessary proces.
Regs
I'm currently trying to figure out a way for my MEAN stack application to keep track of which users have paid to grant them access to a certain portion of my webpage. I've considered several options: Stripe customer ID, MongoDB record, And HTML attribute I can update.
My mean stack keeps track of users by JWT, and it appears stripe assigns them their own customer ID which isn't ideal. Can it done with JWT as opposed to their forced cutomer ID?
MongoDB record. Which is what I'm thinking might be the best option. When a new user has been created, i'll give it an attribute of hasPaid = no. Then update the record of that customer when a payment is submitted. Then I guess run a script to set everyone back to unpaid each day?
HTML element/attribute. I don't know if this is even possible; but it would be cool to create a key that is carried during the HTML session after payment is received. If the person closers the browser then the session would be closed?
I'm looking for guidance on my 3 options to determine if they're the best solution. Also, if anyone has any suggestions as to alternatives, I'm all ears!
Thanks in advance.
Speaking generally, the most common approach would be the second one: use an attribute in your data model that indicates whether the user has paid/should be granted access. When a charge is created [0] successfully, update the model to indicate so, then filter access based on this attribute.
[0] https://stripe.com/docs/api/node#create_charge
Use a Boolean value in your user model.
var UserSchema = new Schema({
name: String,
hasPaid: {type: Boolean, default: false} //set this false
});
then in your REST API routes, the user buys the product; now set hasPaid to true
// req.user._id is passport config
User.findOneAndUpdate({_id: req.user._id}, {$set: {"hasPaid":istrue}}).exec(function(err) {
if(err) {
throw err;
}else {
req.flash('success', 'Thank you for submitting the form.');
res.render('charge', {
layout: 'dash',
user: req.user,
success: req.flash('success')
});
}
});
Now you can keep track of the users that purchased your products to grant them access to other parts of your site.
Stripe.js comes with Checkout.js which makes it even easier to use Stripe's service.
Copy and paste this into your html/jade/handlebars or view file. This will display a popup form to let the user type in his or her cc information.
<form action="/charge" method="POST">
<script
src="https://checkout.stripe.com/checkout.js"
class="stripe-button"
data-key="pk_test_bla3hf&kc033"
data-image="/square-image.png"
data-name="Demo Site"
data-description="2 widgets ($20.00)"
data-amount="2000">
</script>
</form>
You will receive a token once the user presses submit that you grab on your server. From inside your REST API route, you can charge the customer:
var token = req.body.stripeToken; // Using Express
// Create a charge: this will charge the user's card
var charge = stripe.charges.create({
amount: 1999, // Amount in cents
currency: "usd",
source: token,
metadata: {
user: req.user._id,
email: req.user.local.email
}
description: "Example charge" //keep track by writing a description or you can use the metadata property Stripe has to offer in the charges object
},function(err, charge) {
if (err && err.type === 'StripeCardError') {
// The card has been declined
}else {
res.redirect('/thanks-for-your-order');
console.log('charge here ' + charge.id); //store the id
console.log('charge here ' + charge.invoice); //store the invoice
console.log('charge here ' + charge.customer); //store the customer id
}
});
You can now track each order by storing the properties of the charge object in any model you wish.