organized meteor loading code a little better based on update to lume.io, move the meteor login UI to the navbar and make it visible

Author: trusktr

_navbar.md

@@ -3,3 +3,49 @@
 - [Forum](//lume.community)
 - [Chat](//discord.gg/PgeyevP)
 - [Source Code](//github.com/lume/lume)
+- <blaze-component id="loginButtons" tmpl="loginButtons" data='{"align": "right"}' onclick="
+    // Don't allow this menu item to have effect on Docsify's routing.
+    event.stopImmediatePropagation()
+    // Only handle clicks on the dropdown link.
+    if (!event.target?.classList.contains('login-link-text')) return
+    // This makes it so that clicking the dropdown link will close the popup if
+    // it is already open.
+    const close = document.querySelector('.login-close-text')
+    if (close) close.click()
+  "></blaze-component>
+
+<style>
+  #loginButtons {
+    user-select: none;
+
+    .accounts-dialog {
+      pointer-events: auto;
+      text-transform: none;
+      font-family: var(--base-font-family);
+      text-align: left;
+      letter-spacing: normal;
+      text-decoration: none;
+
+      transform: translate(-16px, 30px);
+    }
+
+    .accounts-dialog * {
+      font-family: inherit;
+    }
+
+    .login-link-text {
+      text-decoration: none;
+    }
+
+    .accounts-dialog > .login-close-text {
+      display: none;
+    }
+
+    .accounts-dialog .login-button-form-submit {
+      margin-top: 12px;
+    }
+    .accounts-dialog .login-button {
+      margin-bottom: 6px;
+    }
+  }
+</style>

importmap.js

@@ -1,6 +1,6 @@
 {
 	const isDev = location.host.includes('localhost')
-	const meteorRoot = isDev ? 'http://localhost:8765' : 'https://lume.io'
+	const mainOrigin = (globalThis.mainOrigin = isDev ? 'http://localhost:8765' : 'https://lume.io')
 
 	const script = document.currentScript
 	// F.e. the "../../" in "src="../../importmap.js"
@@ -92,14 +92,17 @@
 		'@solid-primitives/utils/immutable': './modules/@solid-primitives/utils/dist/immutable/index.js',
 
 		// Meteor
-		'meteor/meteor': meteorRoot + '/meteor-packages.js',
-		'meteor/tracker': meteorRoot + '/meteor-packages.js',
-		'meteor/blaze': meteorRoot + '/meteor-packages.js',
-		'meteor/templating': meteorRoot + '/meteor-packages.js',
-		'meteor/mongo': meteorRoot + '/meteor-packages.js',
-		'meteor/session': meteorRoot + '/meteor-packages.js',
-		'meteor/reactive-var': meteorRoot + '/meteor-packages.js',
-		'meteor/accounts-base': meteorRoot + '/meteor-packages.js',
+		'meteor/meteor': mainOrigin + '/meteor-packages.js',
+		'meteor/tracker': mainOrigin + '/meteor-packages.js',
+		'meteor/blaze': mainOrigin + '/meteor-packages.js',
+		'meteor/templating': mainOrigin + '/meteor-packages.js',
+		'meteor/mongo': mainOrigin + '/meteor-packages.js',
+		'meteor/session': mainOrigin + '/meteor-packages.js',
+		'meteor/reactive-var': mainOrigin + '/meteor-packages.js',
+		'meteor/accounts-base': mainOrigin + '/meteor-packages.js',
+
+		// For easily importing frontend files from the main site.
+		'lume.io/': mainOrigin + '/',
 	}
 
 	// Map relative imports to the base URL, so that examples in deeper folders work.

index.html

@@ -57,16 +57,18 @@
 
 		<link rel="stylesheet" href="/styles/index.css" />
 
+		<script src="/importmap.js"></script>
+
 		<!-- Connect the static docs site to the lume.io's Meteor server. -->
-		<script src="./load-meteor.js"></script>
+		<script src="/load-meteor.js"></script>
 	</head>
 	<body class="line-numbers">
 		<div id="app"></div>
 
 		<script src="/docsify.config.js"></script>
 
-		<!-- <script src="/modules/docsify/lib/docsify.min.js"></script> -->
-		<script src="/modules/docsify/lib/docsify.js"></script>
+		<script src="/modules/docsify/lib/docsify.min.js"></script>
+		<!-- <script src="/modules/docsify/lib/docsify.js"></script> -->
 		<!-- TODO FIXME emoji plugin doesn't seem to do anything. -->
 		<!-- <script src="/modules/docsify/lib/plugins/emoji.min.js"></script> -->
 		<script src="/modules/docsify/lib/plugins/search.min.js"></script>
@@ -88,21 +90,11 @@
 		<script>
 			document.write(/*html*/ `<base href="${location.origin}" />`)
 		</script>
-		<script src="./importmap.js"></script>
+
 		<script type="module">
 			import 'lume'
 			import '@lume/live-code'
+			import 'lume.io/elements/BlazeComponent.js'
 		</script>
-
-		<blaze-component id="loginButtons" tmpl="loginButtons" data='{"align": "right"}'></blaze-component>
-		<style>
-			blaze-component {
-				display: block;
-				position: absolute;
-				top: 0;
-				right: 0;
-				z-index: 888;
-			}
-		</style>
 	</body>
 </html>

load-meteor-auth.js

@@ -0,0 +1,97 @@
+import {Accounts} from 'meteor/accounts-base'
+
+/** The main origin is where the Meteor server is hosted. */
+const mainOriginFrame = document.createElement('iframe')
+mainOriginFrame.style.display = 'none'
+mainOriginFrame.src = mainOrigin
+
+async function getLoginCredentials() {
+	document.body.append(mainOriginFrame)
+
+	const ctrl = new AbortController()
+	let gotCredentials = false
+
+	// listen for credentials message
+	window.addEventListener(
+		'message',
+		event => {
+			if (event.data.type === 'loginCredentials') {
+				gotCredentials = true
+				ctrl.abort()
+				if (!event.data.token) return
+				localStorage.setItem('Meteor.loginToken', event.data.token)
+				localStorage.setItem('Meteor.loginTokenExpires', event.data.expires)
+				localStorage.setItem('Meteor.userId', event.data.userId)
+			}
+		},
+		{signal: ctrl.signal},
+	)
+
+	await new Promise(resolve => {
+		mainOriginFrame.addEventListener(
+			'load',
+			async () => {
+				while (!gotCredentials) {
+					// Post a message to the iframe to get credentials.
+					mainOriginFrame.contentWindow.postMessage({type: 'getLoginCredentials'}, {targetOrigin: '*'})
+					await new Promise(resolve => setTimeout(resolve, 50))
+				}
+
+				resolve()
+			},
+			{once: true},
+		)
+	})
+
+	mainOriginFrame.remove()
+}
+
+async function setLoginCredentials(token) {
+	document.body.append(mainOriginFrame)
+
+	const ctrl = new AbortController()
+	let confirmed = false
+
+	window.addEventListener(
+		'message',
+		event => {
+			if (event.data.type === 'confirmSetLoginCredentials') {
+				console.log('############ login credentials were received by main origin')
+				confirmed = true
+				ctrl.abort()
+			}
+		},
+		{signal: ctrl.signal},
+	)
+
+	await new Promise(resolve => {
+		mainOriginFrame.addEventListener(
+			'load',
+			async () => {
+				while (!confirmed) {
+					// Post a message to the iframe to set the login token.
+					mainOriginFrame.contentWindow.postMessage({type: 'setLoginCredentials', token}, {targetOrigin: '*'})
+					await new Promise(resolve => setTimeout(resolve, 50))
+				}
+
+				resolve()
+			},
+			{once: true},
+		)
+	})
+
+	mainOriginFrame.remove()
+}
+
+setInterval(async () => {
+	if (!localStorage.getItem('Meteor.loginToken')) await getLoginCredentials()
+}, 3000)
+
+// Ensure that if we log in here we set the login token in the main origin
+// so we're automatically logged in there too.
+Accounts.onLogin(async () => {
+	const token = localStorage.getItem('Meteor.loginToken')
+	if (!token) throw new Error('token missing')
+
+	await setLoginCredentials(token)
+})

load-meteor.js

@@ -19,24 +19,22 @@
  *   using a script tag with type="module".
  * - When packages are added or removed from the server, follow these steps
  *   again to ensure that the list of scripts and links here is up to date.
- * - Add postMessage code to communicate with the main origin (where the server
- *   is hosted) via iframe to get the login credentials, and set them in
- *   localStorage to log ourselves in on the newly attached client. Note, set CORS
- *   headers in the meteor server for security to allow only your own domains to
- *   access the main origin in an iframe, otherwise anyone can use an iframe to
- *   get your credentials on any website you visit.
+ * - Add postMessage code (load-meteor-auth.js) to communicate with the main
+ *   origin (where the server is hosted) via iframe to get the login credentials,
+ *   and set them in localStorage to log ourselves in on the newly attached
+ *   client. Note, set CORS headers in the meteor server for security to allow
+ *   only your own domains to access the main origin in an iframe, otherwise
+ *   anyone can use an iframe to get your credentials on any website you visit.
  */
 
 {
-	const isDev = location.host.includes('localhost')
-	const mainOrigin = isDev ? 'http://localhost:8765' : 'https://lume.io'
-
 	__meteor_runtime_config__ = JSON.parse(
 		decodeURIComponent(
 			'%7B%22meteorRelease%22%3A%22METEOR%403.1.2%22%2C%22gitCommitHash%22%3A%227d31a24753d18307d7bc7f56adc080a3fc86b3b5%22%2C%22meteorEnv%22%3A%7B%22NODE_ENV%22%3A%22production%22%2C%22TEST_METADATA%22%3A%22%7B%7D%22%7D%2C%22PUBLIC_SETTINGS%22%3A%7B%7D%2C%22debug%22%3Afalse%2C%22ROOT_URL%22%3A%22https%3A%2F%2Flume-io-20950.nodechef.com%2F%22%2C%22ROOT_URL_PATH_PREFIX%22%3A%22%22%2C%22reactFastRefreshEnabled%22%3Atrue%2C%22autoupdate%22%3A%7B%22versions%22%3A%7B%22web.browser%22%3A%7B%22version%22%3A%22465660ba89c48b54b5ea176a5beefeab8c2947e5%22%2C%22versionRefreshable%22%3A%221952018619999f014765d73c14db1f446971e849%22%2C%22versionNonRefreshable%22%3A%22465660ba89c48b54b5ea176a5beefeab8c2947e5%22%2C%22versionReplaceable%22%3A%221952018619999f014765d73c14db1f446971e849%22%7D%2C%22web.browser.legacy%22%3A%7B%22version%22%3A%227e45b3eb2b7c0bb2dba58ca7ed0a0b0d218bfced%22%2C%22versionRefreshable%22%3A%221952018619999f014765d73c14db1f446971e849%22%2C%22versionNonRefreshable%22%3A%227e45b3eb2b7c0bb2dba58ca7ed0a0b0d218bfced%22%2C%22versionReplaceable%22%3A%221952018619999f014765d73c14db1f446971e849%22%7D%7D%2C%22autoupdateVersion%22%3Anull%2C%22autoupdateVersionRefreshable%22%3Anull%2C%22autoupdateVersionCordova%22%3Anull%2C%22appId%22%3A%22q04iv5yj40nv1s0iw0f%22%7D%2C%22appId%22%3A%22q04iv5yj40nv1s0iw0f%22%2C%22isModern%22%3Atrue%7D',
 		),
 	)
 
+	// mainOrigin is defined in importmap.js
 	__meteor_runtime_config__.DDP_DEFAULT_CONNECTION_URL = mainOrigin
 	__meteor_runtime_config__.ROOT_URL = mainOrigin
 
@@ -114,48 +112,6 @@
 		<script type="text/javascript" src="${mainOrigin}/packages/launch-screen.js?hash=${cacheBust}"></script>
 		<script type="text/javascript" src="${mainOrigin}/global-imports.js?hash=${cacheBust}"></script>
 
-		<script type="module">
-			const mainOrigin = '${mainOrigin}'
-
-			if (!localStorage.getItem('Meteor.loginToken')) {
-				const iframe = document.createElement('iframe')
-				iframe.style.display = 'none'
-				iframe.src = mainOrigin
-				console.log('iframe src', iframe.src, mainOrigin)
-				document.body.append(iframe)
-
-				// listen for credentials message
-				window.addEventListener('message', event => {
-					if (event.data.type === 'loginCredentials') {
-						console.log('received credentials', event.data)
-						localStorage.setItem('Meteor.loginToken', event.data.token)
-						localStorage.setItem('Meteor.loginTokenExpires', event.data.expires)
-						localStorage.setItem('Meteor.userId', event.data.userId)
-					}
-				})
-
-				await new Promise(resolve => {
-					iframe.addEventListener('load', async () => {
-						while (!localStorage.getItem('Meteor.loginToken')) {
-							// Post a message to the iframe to get credentials.
-							console.log('post message for credentials')
-							//iframe.contentWindow.postMessage( { type: 'getLoginCredentials' }, {targetOrigin: mainOrigin})
-							iframe.contentWindow.postMessage( { type: 'getLoginCredentials' }, {targetOrigin: '*'})
-							//iframe.contentWindow.postMessage( { type: 'getLoginCredentials' } )
-							await new Promise(resolve => setTimeout(resolve, 50))
-						}
-
-						resolve()
-					})
-				})
-
-				iframe.src = ''
-				iframe.remove()
-			}
-
-			// This includes imports such as the <blaze-component> element.
-			await import ('${mainOrigin}/entry.js')
-
-		</script>
+		<script type="module" src="/load-meteor-auth.js"></script>
 	`)
 }