Allow runtime modification of accounts-oauth services set #4014
For Sandstorm.io, we would like the server administrator to be able to dynamically configure which login services are available. We ship an already-built server bundle to users who deploy on their own hardware, so it's inconvenient to tell people to rebuild with different Meteor packages. In fact, we'd like to have an admin UI that allows the administrator to toggle services on and off without even restarting the server. It seems like this is probably a common need for Meteor apps that are designed to have many instances managed by different people.
This PR is a proposal which seems to accomplish what we want, but please let us know if there is a better way.
In this PR, we add a method to remove login services from the registered set, which is most of what we need. We also add a check at login time to reject logins using a deregistered service. Otherwise, because packages like
It looks like the code in
Separately from this PR, it looks like we'll need to forgo the
PS. We'd love to add a test, but this package doesn't appear to have any tests, and it's not really clear how tests should be written. Please let us know if there is a good place to put them.
Hmm. If you're not going to be able to achieve your goals using
I mean, this is a pretty small change and I don't see much of a downside... but I don't see how it helps you if the point is to work around the automatic top-level
Or am I misinterpreting "Separately from this PR" and you mean "if we can't use this PR, then"?
Also, one tricky bit is that you need to synchronize your runtime deregister between server and client. We synchronize the register basically by just making it always happen if the package is loaded. Presumably you've solved this issue in your app, but it will be important to be clear that consumers of this api have to do this themselves.