Hashing Password With Bcrypt In Node

Image by Jae Rue from Pixabay


Introduction

In this article we will be using the bcryptjs javascript library for hashing and compare password.Here we will build a simple api fore register and login.when we will hash the password when user register and then compare that password with hash when they login.

What is bcrypt ?


bcrypt is a password hashing function designed by Niels Provos and David Mazières, based on the Blowfish cipher, and presented at USENIX in 1999.Besides incorporating a salt to protect against rainbow table attacks, bcrypt is an adaptive function: over time, the iteration count can be increased to make it slower, so it remains resistant to brute-force search attacks even with increasing computation power.

What is hashing ? 


Hashing is a one way function (well, a mapping). It's irreversible, you apply the secure hash algorithm and you cannot get the original string back. The most you can do is to generate what's called "a collision", that is, finding a different string that provides the same hash. Cryptographically secure hash algorithms are designed to prevent the occurrence of collisions. You can attack a secure hash by the use of a rainbow table, which you can counteract by applying a salt to the hash before storing it. 

Setup Project Folder 

  • Open the console type below command to make a new directory
    # mkdir bcrypt
  • Change to the new directory
    # cd bcrypt

Setup Node In Project

  • Now setup our workspace by using the below command.
    # npm init
  • This will generate the package.json file.Which state the node is correctly setup.
  • This will hold all the metadata related to our project.

Install Packages

  • Now install packages which will be required in our project.
  • Type npm install followed by package name
    # npm install --save bcryptjs express body-parser mongoose
  • After installing packages package.json will look like this 

About packages

  1. Express - it is a framework on which our application will be built.
  2. Body-parser - extract the entire body portion of an incoming request stream and exposes it on req.body.
  3. Mongoose - Mongoose is an Object Data Modeling (ODM) library for MongoDB and Node.js.It manages relationships between data, provides schema validation, and is used to translate between objects in code and the representation of those objects in MongoDB.
  4. Bcryptjs - this is a javascript library by which we can hash and compare password.

Create Model

  • Create a new folder models and add file user.js
The user.js will contain the collection schema of our user.
  • mongoose.schema() - Everything in Mongoose starts with a Schema. Each schema maps to a MongoDB collection and defines the shape of the documents within that collection.
  • mongoose.model() - Mongoose model provides an interface to the database for creating, querying, updating, deleting records, etc.
Now we setup our application start point 
  • Create a new file name it app.js
App.js
  • genSalt() - This will generate salt .Here we provide number of rounds to use, defaults to 10 if omitted.
  • hash() - this will hash our password with the salt.
  • compare() - compares the given data against the given hash.

Download Code From here


References :-
  • https://en.wikipedia.org/wiki/Bcrypt 
  • https://github.com/dcodeIO/bcrypt.js/blob/master/README.md 
  • https://mongoosejs.com/docs/index.html 
  • https://stackoverflow.com/questions/326699/difference-between-hashing-a-password-and-encrypting-it/326706#326706

Comments

Post a Comment

Popular posts from this blog

How To Use Sequelize-Cli In Node

Image
Introduction   In this article we will see how to use sequelize-cli for creating table in our database.and how can we setup a relationship between two table using foreignKey using sequelize Project Structure Setup The Node Project Open the console and  type the below cmd to make a new directory.         # mkdir seqlcli Then change to that directory by typing below cmd.         # cd seqlcli Setup Node In Project Now  type the below cmd on console and that will generate the package.json file.       # npm init  It will ask you to provide the basic details related to the package.json file have like name,version,author etc. After the file is initialize we can build our node project. The file will have all the metadata related to our project. Install Packages Now we will install the package which are required for building our application. On console type  ...
Read more

Upload Image Using AJAX In Node

Image
Introduction In this blog we see how we can upload image file using ajax.Here we be using FileReader  for reading the selected file and then we send that file data to server side using ajax and on server side we read and save that as image on server. Project Structure Setup Folder Open the command prompt and create new folder using following command mkdir upload Now change   to the newly created folder by using folder command cd upload Setup Node In Folder Now we have to setup node environment in the folder for our project. We have to use the below command to setup node in our folder npm init -y This command will create a package.json file which indicates that node is initialized in folder. The package.json file will look like this Install Packages Now we have to install the package required for building the application. For installing packages we use npm install followed by package name. ...
Read more

Setup Flask Project

Image
Prerequisite Python What Is Flask ? Flask is a lightweight Web framework written in Python. It is developed by  Armin Ronacher. Flask is based on the Werkzeug WSGI toolkit and Jinja2 template engine Setup Development Environment First Install virtualenv virtualenv  is a virtual python environment builder.virtualenv    is used to manage python packages for different projects. Using virtualenv allows you to avoid installing python packages globally which could break system tools or other projects. Install the virtualenv using the following command.This command needs administrator privileges # pip install virtualenv After installing the virtualenv . Make Folder create new folder using the following command  # mkdir flaskdemo change to the current created directory/folder # cd flaskdemo Create Virtual Environment In Folder Now we will create a virtualenv .  The commands below will create a new director...
Read more