Meteor account system implemented in Mongoose
Implement of the Meteor account system for Mongoose.
Now you can build new application with the same DB as your Meteor application, and authenticate with the same users!
Support change password with strength validation using zxcvbn.
const UserSchema =
verifiedLogin - Check during the login if the email of the user is verified or not (default: false)
expirePasswordDays - After how many days the passwords of the user is expired, 0 is unlimited (default: 0)
oldPasswords - How many old password to save for avoid the usage of the same password twice, 0 is unlimited (default: 0)
minPasswordStrength - The minimum strength in
zxcvbn rating for the password, 0 won't check (default: 0)
- User.login(username, password, throwError = false) - Return Promise of the user if success, false if not. The user must be verified in order to login. If throwError is
true, the login will throw an error with the reason if the login failed.
- user.changePassword(password) - Change the password
- user.comparePassword(password) - Compare given plain password to the password in the DB
- user.generateResetPasswordToken() - Generates a token for reset password process
- user.verifyResetToken(token) - Checks if the provided token is equal to the generated reset token
- user.resetPassword(token, password) - Changes the user's password if the token matches the generated one. Deletes the token afterwards
- user.generateVerificationToken() - Generates a token for verification (usually being sent via email)
- user.verifyVerificationToken(token) - Checks if the provided token is equal to the generated verification token
- user.verifyUser(token) - Verifies the user by the provided token. Deletes the token afterwards
the password can be a plain string of the password, or an object of hashed (sha256) of the password, as Meteor send the password in the client.
create new User (register)
Add new email
Set email as primary