A login service based on mobile phone number for Meteor
JavaScript Shell
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
dist
.gitignore
.versions
README.md
bower.json
bundle-min.sh
package.js
phone_client.js
phone_server.js
phone_tests.js
phone_tests_setup.js
sms_server.js
sms_tests.js
sms_tests_setup.js

README.md

Accounts-Phone

Accounts-Phone is a Meteor package that let you authenticate by phone number. The package use SMS code verification to verify the user account. The package is based and inspired by Meteor Accounts-Password package.

Installation

In a Meteor app directory, enter:

$ meteor add okland:accounts-phone

Via Bower:

$ bower install accounts-phone

Add to your index.html

<script src="bower_components/accounts-base-client-side/dist/accounts-base-client-side.bundle.min.js"></script>
<script src="bower_components/accounts-phone/dist/accounts-phone.bundle.min.js"></script>

Examples

Let's say you want to register new user and verify him using his phone number

Verify phone number - Create user if not exists

var userPhone = '+972545999999';
// Request for sms phone verification -- please note before receiving SMS you should Follow the SMS Integration tutorial below
Accounts.requestPhoneVerification(userPhone, function(){});
//Debug:  Verify the user phone isn't confirmed it.
console.log('Phone verification status is :', Accounts.isPhoneVerified());

// After receiving SMS let user enter his code and verify account by sending it to the server
var verificationCode = 'CodeRecivedBySMS';

Accounts.verifyPhone(userPhone, verificationCode, function(){});
//Debug:  Verify the user phone is confirmed.
console.log('Phone verification status is :', Accounts.isPhoneVerified());

SMS Integration

If you are using twilio : you can just put your twilio credentials on server.

SMS.twilio = {FROM: 'XXXXXXXXXXXX', ACCOUNT_SID: 'XXXXXXXXXXXXXXXXXXXXX', AUTH_TOKEN: 'XXXXXXXXXXXXXXXXXXXX'};

otherwise you can just override the function

 SMS.send = function (options) {};

Where the parameter options is an object containing : * @param options * @param options.from {String} - The sending SMS number * @param options.to {String} - The receiver SMS number * @param options.body {String} - The content of the SMS

Moreover to control the Sending number and the message content you can override the phone Template

  SMS.phoneTemplates = {
    from: '+9729999999',
    text: function (user, code) {
        return 'Welcome your invitation code is: ' + code;
    }
  };
  • Note: it can only be done on server

Simple API

 /**
  * @summary Request a new verification code. create user if not exist
  * @locus Client
  * @param {String} phone -  The phone we send the verification code to.
  * @param {Function} [callback] Optional callback. Called with no arguments on success, or with a single `Error` argument on failure.
  */
 Accounts.requestPhoneVerification = function (phone, callback)  {  };

 /**
  * @summary Marks the user's phone as verified. Optional change passwords, Logs the user in afterwards..
  * @locus Client
  * @param {String} phone - The phone number we want to verify.
  * @param {String} code - The code retrieved in the SMS.
  * @param {Function} [callback] Optional callback. Called with no arguments on success, or with a single `Error` argument on failure.
  */
 Accounts.verifyPhone = function (phone, code, callback) {...};


 /**
  * Returns whether the current user phone is verified
  * @returns {boolean} Whether the user phone is verified
  */
 Accounts.isPhoneVerified = function () {  };

Settings - you can control

  • verificationCodeLength : The length of the verification code
  • verificationMaxRetries : The number of SMS verification tries before verification temporary lock
  • verificationRetriesWaitTime : The verification lock time after max retries
  • verificationWaitTime : The verification lock time if between two retries
  • sendPhoneVerificationCodeOnCreation : Whether to send phone number verification on user creation
  • forbidClientAccountCreation: Don't let client create user on server
  • phoneVerificationMasterCode: Optional master code if exists let user verify account by entering this code for example '1234'
  • adminPhoneNumbers: Optional array of admin phone numbers - don't need to be valid phone numbers for example ['+972123456789', '+972987654321']

In order to change those settings just override the property under :

Accounts._options

For example to change the verificationMaxRetries to 3 all we need to do is:

Accounts._options.verificationMaxRetries = 3;

More code samples

Creating new user

  // Create a user.

  var options = {phone:'+972545999999'};
  // You can also create user with password
  options.password = 'VeryHardPassword';


  Accounts.createUserWithPhone(options, function (){});
  // Debug: Verify the user phone isn't confirmed it.
  console.log('Phone verification status is :', Accounts.isPhoneVerified());
 var userPhone = '+972545999999';
 // Request for sms phone verification -- please note before receiving SMS you should Follow the SMS Integration tutorial below
 Accounts.requestPhoneVerification(userPhone, function(){});
 //Debug:  Verify the user phone isn't confirmed it.
 console.log('Phone verification status is :', Accounts.isPhoneVerified());

 // After receiving SMS let user enter his code and verify account by sending it to the server
 var verificationCode = 'CodeRecivedBySMS';
 var newPassword = null;
 // You can keep your old password by sending null in the password field
 Accounts.verifyPhone(userPhone, verificationCode, function(){});
 //Debug:  Verify the user phone is confirmed.
 console.log('Phone verification status is :', Accounts.isPhoneVerified());

Login existing user - Requires creating user with password

 var userPhone = '+972545999999';
 var password = 'VerySecure';
 var callback = function() {};
 Accounts.createUserWithPhone({phone:userPhone, password:password}, function (){});

 Meteor.loginWithPhoneAndPassword({phone:userPhone}, password, callback);

Full API

 /**
  * @summary Log the user in with a password.
  * @locus Client
  * @param {Object | String} user Either a string interpreted as a phone; or an object with a single key: `phone` or `id`.
  * @param {String} password The user's password.
  * @param {Function} [callback] Optional callback. Called with no arguments on success, or with a single `Error` argument on failure.
  */
 Meteor.loginWithPhoneAndPassword = function (selector, password, callback) {  };

 /**
  * @summary Create a new user.
  * @locus Anywhere
  * @param {Object} options
  * @param {String} options.phone The user's full phone number.
  * @param {String} options.password The user's password. This is __not__ sent in plain text over the wire.
  * @param {Object} options.profile The user's profile, typically including the `name` field.
  * @param {Function} [callback] Client only, optional callback. Called with no arguments on success, or with a single `Error` argument on failure.
  */
 Accounts.createUserWithPhone = function (options, callback) { };

 /**
  * @summary Request a new verification code.
  * @locus Client
  * @param {String} phone -  The phone we send the verification code to.
  * @param {Function} [callback] Optional callback. Called with no arguments on success, or with a single `Error` argument on failure.
  */
 Accounts.requestPhoneVerification = function (phone, callback)  {  };

 /**
  * @summary Marks the user's phone as verified. Optional change passwords, Logs the user in afterwards..
  * @locus Client
  * @param {String} phone - The phone number we want to verify.
  * @param {String} code - The code retrieved in the SMS.
  * @param {String} newPassword, Optional, A new password for the user. This is __not__ sent in plain text over the wire.
  * @param {Function} [callback] Optional callback. Called with no arguments on success, or with a single `Error` argument on failure.
  */
 Accounts.verifyPhone = function (phone, code, newPassword, callback) {...};


 /**
  * Returns whether the current user phone is verified
  * @returns {boolean} Whether the user phone is verified
  */
 Accounts.isPhoneVerified = function () {  };


/**
 * @summary Register a callback to be called after a phone verification attempt succeeds.
 * @locus Server
 * @param {Function} func The callback to be called when phone verification is successful.
 *                   Function gets the userId of the new verified user as first argument
 */
Accounts.onPhoneVerification = function (func) { };