How to hash passwords with bcrypt
In this article, we will show how we can use bcrypt in our NodeJs API to securely hash passwords and compare them.
Bcrypt is a popular hashing algorithm that are considered secure, however, as with all password management, we should always do our best to make it as hard as possible to hack the passwords so it is essential that e.g salting is used. In this guide, we will cover both how we can hash a password and to apply salting to it.
Download
There is a npm module that can be downloaded and used in our NodeJs application
npm i bcrypt
Hash the password
Let's write a password generator function that will use bcrypt to hash it, we will apply salting as well in this example
const bcrypt = require("bcrypt"); const saltRounds = 10; async generatePassword(password) { const hashed = await bcrypt.hash(password, saltRounds); return hashed; }
In above example, we will hash the password and apply 10 salt rounds to it.
await generatePassword("admin123"); // $2b$10$/B5I3.bLJOJvjgiyZ7kKLenTcJ/5tk8Oc8yUqeJmpH0N48evetMwy
There we go. Since the hashed value will change everytime we call it, we will use the built in compare() function in bcrypt to do our comparison.
Compare the password
Let's write another function that will compare our password with the hashed value
async isValid(hashed, password) { return await bcrypt.compare(password, hashed); }
And now we will try it with our password and hashed value
await isValid( "$2b$10$/B5I3.bLJOJvjgiyZ7kKLenTcJ/5tk8Oc8yUqeJmpH0N48evetMwy", "admin123" ); // true
There we go!
Outro
In this article we briefly showed how to use bcrypt in a NodeJs application and how we can hash password with salting and how we later can compare the hash and the password. I hope you enjoyed this article, and that it helped you move forward with your password management.
All the best,
Fri May 12 2023
How to create and decode QR codes in NodeJsIn this tutorial, we will show how we can create QR codes using NodeJs and also how to decode already created QR codes.
Introduction to web scraping with PuppeteerA guide on how to scrape a website using Puppeteer. We will see how we can retrieve the content of https://react.dev and print in the console.
Build a full stack application with React and NodeJsA tutorial on how to build a simple full stack application with React in the client side and NodeJs in the backend.
How to convert a text file and its content to a JSON file with correct structureA guide on how to create a JSON file from a txt file in NodeJs. We will also make sure that the content is formatted in correct JSON format.
How to send email in NodeJs with Gmail - using nodemailerA guide on how to use Gmail and Google OAuth 2.0 to send emails with NodeJs and nodemailer.
How to send email in NodeJs with a Yahoo mail using nodemailerA tutorial on how to send emails in NodeJs using nodemailer. Our sender email will be a Yahoo address and we will cover how to authenticate using app passwords.
Fast and easy way to secure your Node express API using HelmetA quick guide on how to secure a Node express API with helmet.
Setup puppeteer with DockerIn this guide we will show how to setup a puppeteer service in NodeJs with Docker.
Introduction to caching in a NodeJs APIIn this guide we will show how we can set up a simple cache in NodeJs. We will use node-cache library from npmjs.com in this article.
How to parse XML data to JSON in NodeJsIn this tutorial, we will show how we can parse XML in NodeJs in to a JSON object. We will use fast-xml-parser library in this guide.