Password incorrect for login after Accounts.setPassword() (two separate Meteor apps, one MongoDB)

Hi guys,

EDIT 2 - found the bug!: I am now 100% sure, that Meteor has a bug in the Accounts.changePassword() (Client) function! Using this function, only changes the password for the current instance of Meteor, all the others connected to the same MongoDB end up with a broken password!

I have a very weird problem here!

Following setup:
1.) main Meteor server on a digital ocean droplet; on the same droplet my mondodb instance is running
2.) another Meteor server for my mobile app - connected to the same mongodb server via local IP via MONGO_URL

In both my browser app (#1) and my mobile app (#2) the user can signup.

First of all, I had the very weird problem, that users created on the secondary mobile server could not login on the main server! Only solution I found was calling my custom createUser method on the main server via const mainConnection = DDP.connect(...) --> - for some reason this works, although I don’t understand why.

Now I had another problem:
For a big customer I am creating a bunch of user accounts on the server - their passwords are set completely randomly via Accounts.setPassword() and then sent via custom E-Mail to the user.

For some reason, completely random as fas as I can tell, some of these passwords sent via E-Mail only either work on the mobile app or in the browser, others work fine in both! I only get the “password incorrect error” that is it - no more.

I really need help here guys - this is a huge problem for me if the users can’t login! (obviously)

EDIT: Maybe it has something to do with a hash-salt which is set by the Meteor server or something? In any case I need a 100% failsafe way to insert users and update passwords!

Please help!

Cheers, Patrick

1 Like

We had a very similar problem and couldn’t find a solution. We would create account on app #2 and try login on app #1 with credentials but it would always say incorrect password.

Our hacky solution was to send a password reset email to the user created on app #2 to set their password.

@MDG: Hmm this seems like a pretty serious bug to me?!
Can someone from MDG maybe give a response to this and how to fix this?