I forgot my ghost password just a second after installing it. 🤦
I hadn't even set up my email to use "forgot my password" feature, so I thought I was screwed. But wait, this app must have a db where it stores the hashed password?
After a bit of exploration I found
users table in the mysql db. I ran
SELECT email, password FROM USERS;
and saw the hashed password.
Now I had to figure out how this app generates the hashed password. Since it's open source, I found this password.js from the repository.
Created the following script to return the hashed value for my new password:
require('password') .hash(process.argv) .then(console.log);
node new-password.js "NEWPASSWORD" and got the hashed value of the new password. And then all I had to do was to update the password column with this hashed password.
UPDATE USERS SET PASSWORD = 'hashed-value'
And voila i found something to write about for my first post smh.