Meteors password algorithm


#1

For my current project, I got a JSON file from my client.
It contains the e-mail addresses and the passwords of all users from his current website.
I need to migrate them to the new meteor website I created.
The great thing is, the JSON file contains the passwords of all users as plain strings.

I need the password hashing algorithm that meteor accounts uses, to properly hash the passwords before entering them into the database. (I am using the meteor accounts system)


#2

It looks like bcrypt via npm https://github.com/meteor/meteor/blob/devel/packages/accounts-password/password_server.js#L3


#3

Use: http://docs.meteor.com/#/full/accounts_createuser

Loop through the json calling above method once per user in your JSON.

I don’t like the idea of a clear text password import btw, i’m not sure what applies if anything but its a security/data protection etc. issue in my books.

Good luck though.


#4

Thanks!
-> ahref I had the same idea.

Solution:

Putting the json file in the private folder:
Server side code:

Meteor.startup(function() {
  var myjson = {};
  myjson = JSON.parse(Assets.getText("users.json"));
  
  for (var i=0; i<myjson.length; i++) {
    var email = myjson[i].email;

    var id = Accounts.createUser({
      email: email,
      password: myjson[i].pwd
    });

  };
});