流星帐户自动登录模式？

我正在考虑使用手机注册系统，该系统可以使某人注册一个手机号码并获得一条短信以验证其存在...在这一点上，我想让他们自动登录在没有密码的情况下...（短信基本上是密码）

I'm thinking about a sign-up-with-mobile number system whereby someone can register with a mobile number and get a SMS to verify that they exist... at which point I'd like to have them automatically logged in without a password... (the SMS is basically a password)

这是在Lyft应用注册时使用的模式，该操作不需要用户名/密码/等。

This is patterned on the Lyft app sign-up, which doesn't ask for a username/password/etc.

但是对于我一生来说，我不知道该怎么做。

But for the life of me, I can't figure out how to do this.

我只使用服务器 Meteor.method 就可以了，它的响应是安全，但是我不知道现在会是什么。

I'm totally fine with a server only Meteor.method which responds with something "secure" but I don't know what that would be now.

我唯一想到的就是在User上设置密码，然后将其传输给客户端并运行登录名（对我来说似乎不安全）。

The only thing I can think of would be to set the password on the User and then transmit it to the client and run a login (which seems insecure to me).

我已经阅读了这篇很棒的文章
https ：//meteorhacks.com/extending-meteor-accounts.html
，它是一个不错的选择，但我不知道不会绕过安全性的策略

I have read through this great article https://meteorhacks.com/extending-meteor-accounts.html and it's a good option, but I don't know of a strategy for that which wouldn't bypass security too

（在某些时候，服务器必须安全地进行通信给客户...）

建议？