I have a system build on php and mysql.
Here I have stored passwords as md5 in mysql.
Now i have build same system on Meteor.
I need to migrate users from mysql to meteor mongodb.
As meteor uses different sort of encryption for passwords so how can I convert md5 passwords to work with Meteor?
I had a similar problem with a project a few years ago, we found there were two (related) options.
First, you have to store the md5 passwords in mongo associated with the user - if you want to re-hash them, you can. Second you must implement a custom login function, that will send the md5 hash of the password to the server.
Then you have two options:
- in addition to the md5 hash, also send the sha256 + bcrypt hash with it. First try to match on sha256 version, then on md5 version. If you find a match on the md5 version of the password, set the sha256 + bcrypt version and delete the md5 version.
- if the user logs in with an md5 password match, force them to change their password right after