Skip to content

Create new user

these commands will run within a meteor or koad:io runtime shell.

Create new human user

The the profile object will be viewable and editable only by you and your peer, the rest only by you.

    username: "mom", 
    email : "", 
    family: true,
    trusted: true,
    profile: { 
        mobile: '+14165551234'

Create new robotic user

For the full experience, make your robot a user account either on your matrix server, or keybase to keep in touch with it on the go.

Accounts.createUser({ username: "alice" });
Accounts.createUser({ username: "astro" });

Create a new koad:io entity

when starting from scratch and making your first koad:io-entity (withou using the installer)

Running two instances on the same dataset with the self role is sure to have unintended consequences and behaviour.

Roles.createRole("self", {unlessExists: true});
Roles.createRole("servant", {unlessExists: true});
Roles.setUserRoles(Accounts.users.findOne({username: "alice"})._id, ['self']);      
Roles.setUserRoles(Accounts.users.findOne({username: "astro"})._id, ['servant']);       

Logging in

The first time you access the system, you need a stamped login token. This was shown to you during the install process but maybe you missed it; or you just want to do this manually.

To access the system with a second device, you can either generate a new login token or (if one of your devices has a camera) use the in-app authenticator to spawn a new session for your new device.

No passwords

Passwords are weak, try not to use them. They are a relic from a time that once was.

Only a couple reasons to use password

  • for someone who can't offer any cryptograph proofs.
  • for someone who might need to log in for the first time only after called upon by an executor.
let accountId = Accounts.users.findOne({username: "koad"})._id
Accounts.setPassword(accountId, NEW_PASSWORD);

Invite tokens only

Invite a new person to log in by sending them an invite link.

be careful here: this link will automatically log the user in,. If it is intercepted or captured, the bad-actor will have access to any interaction data generated until the token is revoked.

keep track of these invites, and revoke any that are not nessesary. These invite tokens should only last for days, not weeks/months/years. Once your invite is used, confirm with your peer that it was indeed him/her that was successfully logged in. Once your peer has logged in, the token will be destroyed unless the robotic role is assinged to the user; useful for creating bots and automations.


first, create the user using the previous section;

then create an stamped login token.

let stampedLoginToken = Accounts._generateStampedLoginToken();

then assign that new token to your new user.

let accountId = Accounts.users.findOne({username: "mom"})._id
Accounts._insertLoginToken(accountId, stampedLoginToken);

finally, print out and share the newly created token as an invite link.


onCreateUser() hook

The accounts-base package in Meteor has some very handy functions that can be called on the user object. Accounts.onCreateUser() is the one we are after, given that it allows for the customization of the user creation process.


Accounts.onCreateUser(function(options, user) {
   // Use provided profile in options, or create an empty object
   user.profile = options.profile || {};
   // Assigns first and last names to the newly created user object
   user.profile.firstName = options.firstName;
   user.profile.lastName = options.lastName;
   // Returns the user object
   return user;

Back to top