@accounts/client-password to your app with yarn or npm:
Create a new account for the user.
Change the current user's password. Must be logged in.
In order to reset a user password, the first step is to send an email to the user, containing a random secret. Then your application needs to send this token to the server along with the new password.
When a user is created, their email will be marked as unverified. To verify the user email, the first step is to send him an email containing a random secret. Then your application needs to send this token to the server to verify the email of the user.
Add another email
Add an email address for a user. Must be logged in.
Hashing the password client side
⚠️ If your app is using https you probably don't need this since it won't add more security to your app. But if your app isn't using SSL you should really consider using client side hashing of the password to protect your users! But remember that every production app that handles user data should run with SSL.
This option was included in accounts-js by default until version
First you will need to install the
crypto-js npm library:
Then setup the
Now when you login or create a user using
accountsPassword the password will be hashed on the client so it won't be sent in plaintext to the server.