Im trying to create an Admin panel using Meteor. I don't want to load any of the js and html files related to the Admin panel to the normal user. Need to load them only when the user is logged in. How can I achieve this? (Im using the FlowRouter to manage the routes)
First, let's take care of when to actually load files. Meteor.user() is a reactive data source we can use in Tracker computations :
Tracker.autorun(() => {
if(Meteor.user()) {
loadUserFiles()
}
})
You may load these files through an HTTP call, the DOM, jQuery, your own DDP magic...
How to load them is a fairly broad matter. Just make sure to check server-side that the requester is a logged-in user.
Now, there is two different categories of files you may want to load in such a way according to your use-case :
These include CSS, images, HTML, JS, video or music (...) files you want to fiddle with and append to the DOM. The way you would do this is similar to any other resource request, numerous resources already exist to do it nicely with a jQuery/Node request combo, and you don't need to change anything to make it work in Meteor.
You may need to work with WebApp.rawConnectHandlers for the server-side user check if you use HTML requests.
This is trickier. There is no way to prevent a client from accessing templates he has received. Because templates are compiled server-side and sent as JavaScript code, to achieve sending a template to a portion of your users you need to change the way Meteor builds files (or use a carefully crafted package maybe) to be able to load templates separately.
However I do not think it is the right approach. A template is just a way to show data. If you control who you are sending the data to, then if a logged-out user accesses the protected template he will just see errors and blank spaces.
Note that template helpers files fall in the "Basic resource" category, so it would make sense to load some additional helpers that way. You would keep logged-out clients free of dead code.