Accounts-password in nodejs

Hi all,

I have a user collection created by Meteor and is being used for my 2 apps, 1 Meteor app and 1 nodejs app. In my nodejs app I am able to authenticate my users with encrypted password from Meteor.

The issue is, even though my nodejs app can “read” password created by Meteor, my Meteor app can’t “read” password created by nodejs app. My custom function to create a user password simply follows the accounts-password package

import bcrypt from 'bcrypt'

export const hashPassword = async (password) => {
  const saltRounds        = 10

  const salt = await bcrypt.genSalt(saltRounds)
  const hash = await bcrypt.hash(password, salt)

  return hash

Note the password input is already hashed with SHA256.

Is anyone one the same boat as me? Is there an NPM package version of accounts-password that we can use outside Meteor app?


2 years later…

Thanks @spondbob for this. It works nicely for me. With the latest version of bcrypt I needed to specify a ‘minor version’ parameter to the bcrypt.genSalt i.e.:

  //   const salt = await bcrypt.genSalt(saltRounds)
  const salt = await bcrypt.genSalt(saltRounds, 'a');

I’ve created a gist that uses it. Thanks again.