It seems that in Meteor, we cannot call a server side route to render a file to the page without some sort of work-around from our normal workflow, from what I've read about server side routes. I hope I'm wrong about this, and there's a simple way to achieve what I'm looking to do...
I'm using the latest Iron Router 1.* and Meteor 1.* and to begin, I'm just using accounts-password.
I have an onBeforeAction that simply redirects the user to either the welcome page or home page base upon if the user is logged in or not:
both/routes.js
Router.onBeforeAction(function () {
if (!Meteor.user() || Meteor.loggingIn())
this.redirect('welcome.view');
else
this.next();
}
,{except: 'welcome.view'}
);
Router.onBeforeAction(function () {
if (Meteor.user())
this.redirect('home.view');
else
this.next();
}
,{only: 'welcome.view'}
);
In the same file, both/routes.js, I have a simple server side route that renders a pdf to the screen, and if I remove the onBeforeAction code, the route works (the pdf renders to the page):
Router.route('/pdf-server', function() {
var filePath = process.env.PWD + "/server/.files/users/test.pdf";
console.log(filePath);
var fs = Npm.require('fs');
var data = fs.readFileSync(filePath);
this.response.write(data);
this.response.end();
}, {where: 'server'});
It's beside the point, but I get an exception when I add the above server side route to the file and take the route /pdf-server, while keeping the onBeforeAction code in place.
Insights into the exception can be found here: SO Question on Exception
Question 4: I've seen a few places where middle ware is used for server side routes, for example:
WebApp.connectHandlers.stack.splice(...);
WebApp.connectHandlers.use(function(...) ...);
But none of these examples had security inside, will using middle ware in this way allow me to get around my problem?
Note: this question is a subset of a larger SO question found here, but I thought I'd break this out as the topic really deserves its own question IMO.
@David Weldon answered the part of the question, how to render the server side route: Server side routes in Iron Router and Meteor. Middleware doesn't solve the other half, which is authentication. A SO question has been posted about that here: Authentication on Server side routes in Meteor