I am doing a course of node.js and in this the tutor uses md5 to encrypt the password .. more read on some articles that md5 ñ is very safe .. what is the most recommended to use with Node.js?
Thank you!
I am doing a course of node.js and in this the tutor uses md5 to encrypt the password .. more read on some articles that md5 ñ is very safe .. what is the most recommended to use with Node.js?
Thank you!
A good package for this type of action is bcrypt
, which generates passwords using salt
.
The operation is simple. I'll demonstrate using the following synchronous versions.
const bcrypt = require('bcryptjs');
const password = '123';
const salt = bcrypt.genSaltSync(10);
const hash = bcrypt.hashSync(password, salt);
// Guarde o 'hash' na sua base de dados...
To check (compare) hashes, use:
// Assumindo que 'db_password' seja o hash encriptado no exemplo anterior:
const db_password = db.password; // Imagine que veio da base de dados.
bcrypt.compareSync('123', db_password); // Irá retornar true.
bcrypt.compareSync('456', db_password); // Irá retornar false.
To learn more and better understand how it works, I suggest you take a look at the GITHub repository README: