Create hashed loginTokens

hunius · February 29, 2016, 8:18pm

Hi,

I am trying get the user by his Meteor.loginToken from localStorage.
I am passing that token to a node server which will use it to authenticate the request against the meteor app. Therefore the node server passes the token within a method call to the meteor server.
On Meteor side I try to lookup the token and return the user if found using the following code (from bulletproof meteor):

const hashedToken = token && Accounts._hashLoginToken(token)
const selector = {'services.resume.loginTokens.hashedToken': hashedToken}
const options = {fields: {_id: 1, username: 1}}
const user = Meteor.users.findOne(selector, options)
return (user)? user._id : null

This creates the follwoing hashed token:
token: haywOldOASAvOfhG8K4lwLtcfVpxKIDlHC79OreZ4YF
hashedToken: YTXzxL49YA4OjZOMY31d/H9wBf4SXOIoye8qWIhB+ok
loginToken in Database: GnRf3+Pj6vWVLdLYsQbw4MBFYnuhiIxO/0M8nVGBDtw=

Is there any salt used to generate the tokens in the database? I could not find anything about this…
Thanks a very lot
Daniel

hunius · March 9, 2016, 11:16am

Hey, really nobody an idea? I have looked at the meteor source code but I could not find anything why the tokens differs…
Thanks a lot!

IBeACoder · August 28, 2017, 9:33am

Hi Daniel,

I am not sure why you want to want to change or add tokens and I am not sure about the first part. But you can generate tokens using Random.secret(); https://docs.meteor.com/packages/random.html

Hope this helps. This is the best I can do with what I understand from your question.