Meteors password algorithm

For my current project, I got a JSON file from my client.
It contains the e-mail addresses and the passwords of all users from his current website.
I need to migrate them to the new meteor website I created.
The great thing is, the JSON file contains the passwords of all users as plain strings.

I need the password hashing algorithm that meteor accounts uses, to properly hash the passwords before entering them into the database. (I am using the meteor accounts system)

It looks like bcrypt via npm https://github.com/meteor/meteor/blob/devel/packages/accounts-password/password_server.js#L3

Use: http://docs.meteor.com/#/full/accounts_createuser

Loop through the json calling above method once per user in your JSON.

I don’t like the idea of a clear text password import btw, i’m not sure what applies if anything but its a security/data protection etc. issue in my books.

Good luck though.

Thanks!
-> ahref I had the same idea.

Solution:

Putting the json file in the private folder:
Server side code:

Meteor.startup(function() {
  var myjson = {};
  myjson = JSON.parse(Assets.getText("users.json"));
  
  for (var i=0; i<myjson.length; i++) {
    var email = myjson[i].email;

    var id = Accounts.createUser({
      email: email,
      password: myjson[i].pwd
    });

  };
});
1 Like