accounts icon indicating copy to clipboard operation
accounts copied to clipboard

Published 20 hours ago verified publisher icon accounts-js

AccountsBoost doesn't implement the changes for db or account password

Open brightchip opened this issue 3 years ago • 2 comments

I want to add custom fields to the users collection and change the default _id from ObjectId to String . But The users getting created still have their _id as Object Id. The console also warns, "You are using the default secret "secret" which is not secure. Please change it with a strong random token."

` const accountsMongo = new Mongo(db, { // options convertUserIdToMongoObjectId: false, convertSessionIdToMongoObjectId: false });

const accountsPassword = new AccountsPassword({
    // This option is called when a new user create an account
    // The user returned will be inserted into the database
    // For example here we allow a new `firstName` field on the user object
    validateNewUser: async(user) => {
        console.log('user', user)
            // You can apply some custom validation

        if (user.password.length < 8) {
            throw new Error('Password too short');
        }

        user._id = user._id.toString()

        // We specify all the fields that can be inserted in the database
        return pick(user, ['username', 'email', 'password', "displayName", "hideMe", "status", "createdAt", "picture", "coverImg", "description", "brief", "badges"]);
    },
});


const accounts = (await accountsBoost({
    accountsServer: new AccountsServer({
        db: accountsMongo,
        tokenSecret: process.env.TOKEN_SECRET || 'tkn1gR2NBXDSxvusp2VFcZ97g8vNBoz1TM5duaDldza8YyarGpJqU9OpVsMGWXZYUOSXx',
        services: [{
            accountsPassword
        }]
    })


}, )).graphql(); `

brightchip avatar May 23 '21 23:05 brightchip

I have also tried initialize the accountsboost with this: const accounts = (await accountsBoost({ db: accountsMongo, tokenSecret: process.env.TOKEN_SECRET || 'tkn1gR2NBXDSxvusp2VFcZ97g8vNBoz1TM5duaDldza8YyarGpJqU9OpVsMGWXZYUOSXx', services: [{ accountsPassword }] }, )).graphql(); The warning about token secret seem gone but not for the _id , which is still passed as Object Id. Because My existing database was populated with Meteor users. I have to use String _id

image image

brightchip avatar May 24 '21 00:05 brightchip

Accounts-boost is not the prefered way to use accounts-js for now, can you try the same with accounts/server and accounts/graphql?

pradel avatar May 24 '21 09:05 pradel

Accounts-boost does not exist anymore in 1.0, please check if you can still reproduce it with the alphas.

darkbasic avatar Nov 12 '23 09:11 darkbasic