Hashing Password With Bcrypt In Node

Image by Jae Rue from Pixabay


Introduction

In this article we will be using the bcryptjs javascript library for hashing and compare password.Here we will build a simple api fore register and login.when we will hash the password when user register and then compare that password with hash when they login.

What is bcrypt ?


bcrypt is a password hashing function designed by Niels Provos and David Mazières, based on the Blowfish cipher, and presented at USENIX in 1999.Besides incorporating a salt to protect against rainbow table attacks, bcrypt is an adaptive function: over time, the iteration count can be increased to make it slower, so it remains resistant to brute-force search attacks even with increasing computation power.

What is hashing ? 


Hashing is a one way function (well, a mapping). It's irreversible, you apply the secure hash algorithm and you cannot get the original string back. The most you can do is to generate what's called "a collision", that is, finding a different string that provides the same hash. Cryptographically secure hash algorithms are designed to prevent the occurrence of collisions. You can attack a secure hash by the use of a rainbow table, which you can counteract by applying a salt to the hash before storing it. 

Setup Project Folder 

  • Open the console type below command to make a new directory
    # mkdir bcrypt
  • Change to the new directory
    # cd bcrypt

Setup Node In Project

  • Now setup our workspace by using the below command.
    # npm init
  • This will generate the package.json file.Which state the node is correctly setup.
  • This will hold all the metadata related to our project.

Install Packages

  • Now install packages which will be required in our project.
  • Type npm install followed by package name
    # npm install --save bcryptjs express body-parser mongoose
  • After installing packages package.json will look like this 

About packages

  1. Express - it is a framework on which our application will be built.
  2. Body-parser - extract the entire body portion of an incoming request stream and exposes it on req.body.
  3. Mongoose - Mongoose is an Object Data Modeling (ODM) library for MongoDB and Node.js.It manages relationships between data, provides schema validation, and is used to translate between objects in code and the representation of those objects in MongoDB.
  4. Bcryptjs - this is a javascript library by which we can hash and compare password.

Create Model

  • Create a new folder models and add file user.js
The user.js will contain the collection schema of our user.
var mongoose = require('mongoose');
var userSchema = new mongoose.Schema({
email:{
type:String,
unique:true
},
name:{
type:String
},
password:{
type:String
}
});
module.exports = mongoose.model('user',userSchema);
view raw user.js hosted with ❤ by GitHub
  • mongoose.schema() - Everything in Mongoose starts with a Schema. Each schema maps to a MongoDB collection and defines the shape of the documents within that collection.
  • mongoose.model() - Mongoose model provides an interface to the database for creating, querying, updating, deleting records, etc.
Now we setup our application start point 
  • Create a new file name it app.js
App.js
var express = require('express');
var bodyParser = require('body-parser');
var mongoose = require('mongoose');
var userModel = require('./models/user');
var bcrypt = require('bcryptjs');
//set the connection to db
mongoose.connect('mongodb://localhost:27017/Demoo',{useNewUrlParser:true})
.then(function(){
console.log('connected to db');
}).catch(function(error){
console.log('error'+error);
});
var app = express();
//fetch data from request
app.use(bodyParser.json());
//register user
app.post('/register',function(req,res){
bcrypt.genSalt(10, function(err, salt) {
bcrypt.hash(req.body.password, salt, function(err, hash) {
var userr = new userModel({
email:req.body.email,
password:hash
});
userr.save(function(err,data){
if(err){
res.json({er:error});
}else{
res.json({da:data,msg:'user is registerd'});
}
});
});
});
});
//user login
app.post('/login',function(req,res){
userModel.find({email:req.body.email},function(err,data){
if(err){
res.json({er:err});
}else{
if(data!=''){
bcrypt.compare(req.body.password,data[0].password, function(err, result) {
if(result){
res.json({msg:'password matched'});
}else{
res.json({msg:'password didnt matched'});
}
});
}
else{
res.json({msg:'user is not registerd'});
}
}
});
});
var port = process.env.PORT || 3000;
app.listen(port,function(){
console.log('server running at '+port);
});
view raw app.js hosted with ❤ by GitHub
  • genSalt() - This will generate salt .Here we provide number of rounds to use, defaults to 10 if omitted.
  • hash() - this will hash our password with the salt.
  • compare() - compares the given data against the given hash.

Download Code From here


References :-
  • https://en.wikipedia.org/wiki/Bcrypt 
  • https://github.com/dcodeIO/bcrypt.js/blob/master/README.md 
  • https://mongoosejs.com/docs/index.html 
  • https://stackoverflow.com/questions/326699/difference-between-hashing-a-password-and-encrypting-it/326706#326706

Comments

Post a Comment

Popular posts from this blog

How To Use Sequelize-Cli In Node

Image
Introduction   In this article we will see how to use sequelize-cli for creating table in our database.and how can we setup a relationship between two table using foreignKey using sequelize Project Structure Setup The Node Project Open the console and  type the below cmd to make a new directory.         # mkdir seqlcli Then change to that directory by typing below cmd.         # cd seqlcli Setup Node In Project Now  type the below cmd on console and that will generate the package.json file.       # npm init  It will ask you to provide the basic details related to the package.json file have like name,version,author etc. After the file is initialize we can build our node project. The file will have all the metadata related to our project. Install Packages Now we will install the package which are required for building our application. On console type  ...
Read more

Upload And Download File In Node

Image
Here we will use multer middleware for uploading file . Click the link to know what is  multer . Setup The Project Folder create a new folder using console/terminal. open console/terminal type mkdir followed by the folder name you want to give. change to that folder by typing cd  folder name. Setup Node For The Project now type npm init on console/terminal. the  npm init  will create a  package.json  file.But we can create it manually too. just open the folder and  add a new file  and name it  package.json  and then we can structure it the same way as its been structured when using  npm init . the package.json will look like this. now we will install packages for our project using npm install followed by package names we want to install. the following packages will be installed express ejs body-parser multer mongoose . this will generate a folder name node_modules wh...
Read more

Import CSV File Data Into MongoDB In Node

Image
Setup Folder Open the command prompt and create new folder using the following command followed by folder name. mkdir csv After creating the folder.Change to that folder by using the following command cd csv Setup Node In Folder To setup node in folder use the following command npm init -y This will setup node in our folder.And  after the execution of this command you will see package.json file which means node is initialised. This package.json file will contain the metadata related to our project. The package.json will look like this Install Packages Now we have to install packages to be used to build our application. To install packages we use the following command followed by package name.  npm install csvtojson express ejs mongoose multer body-parser  After installation package.json will look like this Add New Folders Add few new folders in our project folder  models public views Models Fold...
Read more