probably at the beach
Reputation: 15207
Secure meteor admin functionality
I have a couple of admin functions I want to add to a meteor site and was wandering what is the best way to create, hide and protect them ?
Thanks
Upvotes: 1
Views: 407
Answers (1)
Kyle Finley
Reputation: 11992
You can use Meteor.methods. Just be sure to only include them on the server, by placing the code in a folder called server/ E.g.
server/admin.js
Meteor.methods({
foo: function (arg1, arg2) {
// confirm that the user is an admin
if ( ! this.user.isAdmin )
throw new Meteor.Error(401, "You are not authorized to perform this action");
// perform task
return "some return value";
}
});
Upvotes: 1
Related Questions
- Meteor: SSR necessary to secure admin part of application?
- MeteorJS App Security
- Meteor.loginWithPassword restrict to admin only
- Meteor: Need simple approach for admin CRM
- Meteor Password Protect complete Application
- Meteor templates security
- Meteor.methods and security
- Protecting data on the client
- Login as user without password (For an Admin Use-Case.)
- Meteor.js - protecting template with a password