Skip to content
Start building
Back

How to create password digest out of Appwrite users

  • 1
  • Users
  • Accounts
  • Tools
  • Web
View on Discord
rossanmol
9 Apr, 2023, 13:07

Hi,

I created an SQL dump of users in appwrite, I currently hae users with argon and bcrypt password.

I need values for: bcrypt: $<algorithm version>$<cost>$<salt & hash> argon: $argon2i$v=19$m=4096,t=3,p=1$4t6CL3P7YiHBtwESXawI8Hm20zJj4cs7/4/G3c187e0$m7RQFczcKr5bIR0IIxbpO2P0tyrLjf3eUW3M3QSwnLc

Can someone help get these calculated in nodejs?

TL;DR
The user is asking for help with creating password digests for Appwrite users in Node.js. They have provided a code snippet but are encountering an error. They also mentioned needing values for bcrypt and argon passwords.
rossanmol
9 Apr, 2023, 13:11

I created this function:

TypeScript

(async () => {
    const usersText = readFileSync("./csvjson.json", "utf-8");
    const { _1_users: users } = JSON.parse(usersText);

    const mappedUsers = users.map((user) => ({
        hash: user.hash,
        password: JSON.parse(user.password.replaceAll('\\"', '"')),
        options: JSON.parse(user.hashOptions.replaceAll('\\"', '"')),
    }));

    for (const user of mappedUsers) {
        console.log(user);

        const decryptedData = decryptPasswordData(user);
        const passwordDigest = getPasswordDigest(user, decryptedData);
        console.log("Generated password digest:", passwordDigest);
    }
    console.log(mappedUsers);
})();

function decryptPasswordData(user) {
    const decipher = crypto.createDecipheriv(
        user.password.method,
        crypto.scryptSync(secretKey, user.password.iv, 16),
        Buffer.from(user.password.iv, "hex")
    );
    decipher.setAuthTag(Buffer.from(user.password.tag, "hex"));

    const decryptedData = Buffer.concat([
        decipher.update(Buffer.from(user.password.data, "base64")),
        decipher.final(),
    ]).toString("utf8");

    return decryptedData;
}

function getPasswordDigest(user, decryptedData) {
    if (user.hash === "bcrypt") {
        const cost = user.options.cost;
        return `$${user.options.type}$${cost}$${decryptedData}`;
    } else if (user.hash === "argon2") {
        const params = [user.options.type, user.options.memoryCost, user.options.timeCost, user.options.threads];
        return `$${params.join(",")}$$${decryptedData}`;
    } else {
        throw new Error(`Unsupported hash type: ${user.hash}`);
    }
}

However getting this error:

TypeScript
node:internal/crypto/cipher:193
  const ret = this[kHandle].final();
                            ^

Error: Unsupported state or unable to authenticate data

Seems like I am not sure what the secret key is used by Appwrite Auth.

Drake
9 Apr, 2023, 15:38

Why are you pulling passwords with SQL dump? What are you trying to do?

rossanmol
10 Apr, 2023, 13:21

@Steven trying to migrate users to clerk.dev

Drake
10 Apr, 2023, 14:30

Are you trying to get the users' plain text password? Appwrite doesn't store plain text passwords as that's not secure. You can use the list users API to get the users' and their hashed passwords

Reply

Reply to this thread by joining our Discord

Reply on Discord

Recommended threads

Need support?

Join our Discord

Get community support by joining our Discord server.

Join Discord

Get premium support

Join Appwrite Pro and get email support from our team.

Learn more