[nwm]

I'm not the OP, but I did write the article. I'm probably going to write a follow up addressing getting started with security. Meteor's security is pretty good now, but it was a little too verbose for a short demo. Basically, on the server side, you publish exactly the set of documents a specific client/user will receive. You can also whitelist/blacklist specific behaviors with allow/deny.

[djoes]

I followed your tutorial and got briefly hung up by an error saying that Canvas wasn't defined. Turns out I was running it on the newest version of Meteor, and in 0.6 they started putting local variables at the top level in an IIFE. Functions declared using the named function syntax (function name() { ... }) are locally scoped, as far as I know. I fixed it by changing it to Canvas = function() { ... }.

Other than that small problem, cool article, thanks!

[nwm]

Hey, nice catch! I've updated the code for 0.6.0. I'll update the readme later, as meteor now includes better package management.