Hashing Password With Bcrypt In Node

Image by Jae Rue from Pixabay


Introduction

In this article we will be using the bcryptjs javascript library for hashing and compare password.Here we will build a simple api fore register and login.when we will hash the password when user register and then compare that password with hash when they login.

What is bcrypt ?


bcrypt is a password hashing function designed by Niels Provos and David Mazières, based on the Blowfish cipher, and presented at USENIX in 1999.Besides incorporating a salt to protect against rainbow table attacks, bcrypt is an adaptive function: over time, the iteration count can be increased to make it slower, so it remains resistant to brute-force search attacks even with increasing computation power.

What is hashing ? 


Hashing is a one way function (well, a mapping). It's irreversible, you apply the secure hash algorithm and you cannot get the original string back. The most you can do is to generate what's called "a collision", that is, finding a different string that provides the same hash. Cryptographically secure hash algorithms are designed to prevent the occurrence of collisions. You can attack a secure hash by the use of a rainbow table, which you can counteract by applying a salt to the hash before storing it. 

Setup Project Folder 

  • Open the console type below command to make a new directory
    # mkdir bcrypt
  • Change to the new directory
    # cd bcrypt

Setup Node In Project

  • Now setup our workspace by using the below command.
    # npm init
  • This will generate the package.json file.Which state the node is correctly setup.
  • This will hold all the metadata related to our project.

Install Packages

  • Now install packages which will be required in our project.
  • Type npm install followed by package name
    # npm install --save bcryptjs express body-parser mongoose
  • After installing packages package.json will look like this 

About packages

  1. Express - it is a framework on which our application will be built.
  2. Body-parser - extract the entire body portion of an incoming request stream and exposes it on req.body.
  3. Mongoose - Mongoose is an Object Data Modeling (ODM) library for MongoDB and Node.js.It manages relationships between data, provides schema validation, and is used to translate between objects in code and the representation of those objects in MongoDB.
  4. Bcryptjs - this is a javascript library by which we can hash and compare password.

Create Model

  • Create a new folder models and add file user.js
The user.js will contain the collection schema of our user.
  • mongoose.schema() - Everything in Mongoose starts with a Schema. Each schema maps to a MongoDB collection and defines the shape of the documents within that collection.
  • mongoose.model() - Mongoose model provides an interface to the database for creating, querying, updating, deleting records, etc.
Now we setup our application start point 
  • Create a new file name it app.js
App.js
  • genSalt() - This will generate salt .Here we provide number of rounds to use, defaults to 10 if omitted.
  • hash() - this will hash our password with the salt.
  • compare() - compares the given data against the given hash.

Download Code From here


References :-
  • https://en.wikipedia.org/wiki/Bcrypt 
  • https://github.com/dcodeIO/bcrypt.js/blob/master/README.md 
  • https://mongoosejs.com/docs/index.html 
  • https://stackoverflow.com/questions/326699/difference-between-hashing-a-password-and-encrypting-it/326706#326706

Comments

Post a Comment

Popular posts from this blog

Upload And Download File In Node

Image
Here we will use multer middleware for uploading file . Click the link to know what is  multer . Setup The Project Folder create a new folder using console/terminal. open console/terminal type mkdir followed by the folder name you want to give. change to that folder by typing cd  folder name. Setup Node For The Project now type npm init on console/terminal. the  npm init  will create a  package.json  file.But we can create it manually too. just open the folder and  add a new file  and name it  package.json  and then we can structure it the same way as its been structured when using  npm init . the package.json will look like this. now we will install packages for our project using npm install followed by package names we want to install. the following packages will be installed express ejs body-parser multer mongoose . this will generate a folder name node_modules which will contain all the node packages. after the pac
Read more

How To Use Sequelize-Cli In Node

Image
Introduction   In this article we will see how to use sequelize-cli for creating table in our database.and how can we setup a relationship between two table using foreignKey using sequelize Project Structure Setup The Node Project Open the console and  type the below cmd to make a new directory.         # mkdir seqlcli Then change to that directory by typing below cmd.         # cd seqlcli Setup Node In Project Now  type the below cmd on console and that will generate the package.json file.       # npm init  It will ask you to provide the basic details related to the package.json file have like name,version,author etc. After the file is initialize we can build our node project. The file will have all the metadata related to our project. Install Packages Now we will install the package which are required for building our application. On console type         # npm install express,body-parser,sequelize,mysql2,sequelize-cli So what th
Read more

Setup Flask Project

Image
Prerequisite Python What Is Flask ? Flask is a lightweight Web framework written in Python. It is developed by  Armin Ronacher. Flask is based on the Werkzeug WSGI toolkit and Jinja2 template engine Setup Development Environment First Install virtualenv virtualenv  is a virtual python environment builder.virtualenv    is used to manage python packages for different projects. Using virtualenv allows you to avoid installing python packages globally which could break system tools or other projects. Install the virtualenv using the following command.This command needs administrator privileges # pip install virtualenv After installing the virtualenv . Make Folder create new folder using the following command  # mkdir flaskdemo change to the current created directory/folder # cd flaskdemo Create Virtual Environment In Folder Now we will create a virtualenv .  The commands below will create a new directory named virtual_env inside our pr
Read more