I would like to expose an API from my meteor application for my iOS application. My plan is to create a RESTful API and have the iOS application authenticate using a token. I want to store an hash of the token in the User model provided by the Accounts
package and have the user send the token with each request to authenticate with the hash.
How can I do this?
I have seen found the Random.secret([n])
in meteor documentation, so I will be able to create a token with this method, but couldn't find a way to encrypt it. I see that some meteor packages (account-password?) uses npm-bcrypt
package but couldn't find any information on how to use it.
I'm not sure if this is what you're looking for, but I've used bcrypt to create a hash password on meteor server side. Smth like this will do it :
meteor add npm-bcrypt
Then, when receiving the password you can use
bcrypt.hash()
If you're looking for Auth Token generator with expiring time & stuff, you can have a look at jwt.