javascript - How to hash password before saving to db to be compatible with passport module (passport local) -

i using passport-local strategy of passport authentication. in express server, getting register post request , should save password db new user. need hash password before saving db.

but not sure how hash it, since passport authenticate user hashing login password credential match hashed password db. how should hash passwords ?

i using module.

passport-local not hash passwords - passes credentials verify callback verification , take care of handling credentials. thus, can use hash algorithm believe bcrypt popular.

you hash password in register handler:

app.post('/register', function(req, res, next) {   // whatever verifications , checks need perform here   bcrypt.gensalt(10, function(err, salt) {     if (err) return next(err);     bcrypt.hash(req.body.password, salt, function(err, hash) {       if (err) return next(err);       newuser.password = hash; // or suits setup       // store user database, send response     });   }); });

then in verify callback compare provided password hash:

passport.use(new localstrategy(function(username, password, cb) {   // locate user first here   bcrypt.compare(password, user.password, function(err, res) {     if (err) return cb(err);     if (res === false) {       return cb(null, false);     } else {       return cb(null, user);     }   }); }));

Story

Search This Blog

javascript - How to hash password before saving to db to be compatible with passport module (passport local) -