How to create custom user authentication in Meteor?

I am trying to create the following authentication for an application: User enters a phone number and receives an SMS with a code generated on the server (the SMS is processed through an external service). If the user enters the correct code, they are logged in. This means that I must have two stages of logging in: registering a user with a phone and entering it with a code, so I think the client should look like this:

Meteor.getSmsCode = function(phone, username, callback) {
  Accounts.callLoginMethod({
    methodName: 'getsmscode',
    methodArguments: [{
      getsmscode: true,
      phone: phone,
      username: username
    }],
    userCallback: callback
  });
};


Meteor.loginWithCode = function(phone, code, callback) {
  Accounts.callLoginMethod({
    methodName: 'login',
    methodArguments: [{
      hascode: true,
      phone: phone,
      code: code
    }],
    userCallback: callback
  });
};

      

        
        
        
      

    

But I'm confused about the server side - there should be two methods, the first one should register the user (and communicate with the SMS service) and the second one should register it.

This is the server test code:

Meteor.users.insert({phone: '123456789', code: '123', username:'ilyo'});

Accounts.registerLoginHandler(function(loginRequest) {
  var user = Meteor.users.findOne({phone: loginRequest.phone});

  if(user.code !== loginRequest.code) {
    return null;
  }

  var stampedToken = Accounts._generateStampedLoginToken();
  var hashStampedToken = Accounts._hashStampedToken(stampedToken);

  Meteor.users.update(userId,
    {$push: {'services.resume.loginTokens': hashStampedToken}}
  );

  return {
    id: user._id,
    token: stampedToken.token
  };
});

      

        
        
        
      

    

And this is what happens when I try:

• Why am I getting 500
  
  ?
• Why doesn't the user have fields code
  
  and phone
  
  ?
• Which method should you use for getSmsCode
  
  ?