- Make sure accountsjs knows to look for an _id that is a string
db: new MongoDBInterface(db, {
convertUserIdToMongoObjectId: false, // this is the required change
convertSessionIdToMongoObjectId: false, // unsure if this is required
idProvider, // unsure if this is required
dateProvider, // unsure if this is required
}),
const METEOR_ID_LENGTH = 17;
const idProvider = () =>
randomBytes(30)
.toString('base64')
.replace(/[\W_]+/g, '')
.substr(0, METEOR_ID_LENGTH);
const dateProvider = (date) => date || new Date();
- on the frontend, hash the password before passing it to functions (like authenticate). Below is calling the graphql mutation. This will be needed, at the very least, for authenticate, changePassword and signup.
// import the hashing libraru
import { SHA256 } from 'crypto-js';
// ...
// then in your login function, hash the password before passing to the mutation
const handleLogin = (email, password) => {
const hashedPassword = SHA256(password);
await this.props.authenticate({
variables: {
params: {
password: hashedPassword.toString(),
user: {
email,
},
},
},
});
}