Hello, fellow devs!
It's been a long time since I have written any new article here. So here is a small tutorial that I find very easy, fun, and also productive.
I'll show you a simple way how you can hash your passwords in node.js using Bcrypt.js.
The example I'm using today is from an API that I am making right now.
First, we will install a library called bcrypt.js using a simple npm command npm install bcryptjs and then import it into our project.
And now I'll show the difference between an encrypted request and a not encrypted request made using postman. this is the request code without using bcrypt.js
This is the post request sent using postman without hashing.
And this is the response I get.
And now I will use the hashSync method provided by bcrypt.js to hash the user password field.
These are the changes required in the code. this is a simple function built into the bcrypt.js library.
And now in the response of the API, the password field will be in hashed form.
This is a simple way to hash your passwords in node.js.
Plus points if you can find the Simpsons reference. :)
Top comments (2)
You just hash your password, this is not called encrypt...
Encryption is a two-way function; what is encrypted can be decrypted with the proper key. Hashing, however, is a one-way function that scrambles plain text to produce a unique message digest. With a properly designed algorithm, there is no way to reverse the hashing process to reveal the original password. An attacker who steals a file of hashed passwords must then guess the password.
Thank you for pointing it out.