Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AccountsBoost doesn't implement the changes for db or account password #1142

Closed
brightchip opened this issue May 23, 2021 · 3 comments · Fixed by #1258
Closed

AccountsBoost doesn't implement the changes for db or account password #1142

brightchip opened this issue May 23, 2021 · 3 comments · Fixed by #1258
Labels
1.0 bug
Milestone
1.0

Comments

@brightchip
Copy link

I want to add custom fields to the users collection and change the default _id from ObjectId to String .
But The users getting created still have their _id as Object Id. The console also warns, "You are using the default secret "secret" which is not secure.
Please change it with a strong random token."

` const accountsMongo = new Mongo(db, {
// options
convertUserIdToMongoObjectId: false,
convertSessionIdToMongoObjectId: false
});

const accountsPassword = new AccountsPassword({
    // This option is called when a new user create an account
    // The user returned will be inserted into the database
    // For example here we allow a new `firstName` field on the user object
    validateNewUser: async(user) => {
        console.log('user', user)
            // You can apply some custom validation

        if (user.password.length < 8) {
            throw new Error('Password too short');
        }

        user._id = user._id.toString()

        // We specify all the fields that can be inserted in the database
        return pick(user, ['username', 'email', 'password', "displayName", "hideMe", "status", "createdAt", "picture", "coverImg", "description", "brief", "badges"]);
    },
});


const accounts = (await accountsBoost({
    accountsServer: new AccountsServer({
        db: accountsMongo,
        tokenSecret: process.env.TOKEN_SECRET || 'tkn1gR2NBXDSxvusp2VFcZ97g8vNBoz1TM5duaDldza8YyarGpJqU9OpVsMGWXZYUOSXx',
        services: [{
            accountsPassword
        }]
    })


}, )).graphql(); `
@brightchip brightchip added the bug label May 23, 2021
@brightchip
Copy link
Author

I have also tried initialize the accountsboost with this:
const accounts = (await accountsBoost({ db: accountsMongo, tokenSecret: process.env.TOKEN_SECRET || 'tkn1gR2NBXDSxvusp2VFcZ97g8vNBoz1TM5duaDldza8YyarGpJqU9OpVsMGWXZYUOSXx', services: [{ accountsPassword }] }, )).graphql();
The warning about token secret seem gone but not for the _id , which is still passed as Object Id.
Because My existing database was populated with Meteor users. I have to use String _id

image
image

@pradel
Copy link
Member

pradel commented May 24, 2021

Accounts-boost is not the prefered way to use accounts-js for now, can you try the same with accounts/server and accounts/graphql?

@darkbasic
Copy link
Member

Accounts-boost does not exist anymore in 1.0, please check if you can still reproduce it with the alphas.

@darkbasic darkbasic added the 1.0 label Nov 22, 2023
@darkbasic darkbasic mentioned this issue Nov 22, 2023
Merged
@darkbasic darkbasic added this to the 1.0 milestone Nov 22, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
1.0 bug
Projects
None yet
Milestone
1.0
Development

Successfully merging a pull request may close this issue.

feat: release 1.0 accounts-js/accounts
3 participants
@darkbasic @pradel @brightchip