bcrypt node.js(自动生成盐和哈希值) [英] bcrypt node.js (auto-gen a salt and hash)
问题描述
在将密码存储在数据库中之前,我正在使用以下代码对用户密码进行哈希处理(并希望将其盐化).
I am using the following code to hash (and hopefully salt) user passwords before I store them in my DB.
// hash the password before the user is saved
ConsultantSchema.pre('save', function(next) {
var user = this;
// hash the password only if the password has been changed or user is new
if (!user.isModified('password')) return next();
// generate the hash
bcrypt.hash(user.password, null, null, function(err, hash) {
if (err) {
logger.error("bcrypt.hash "+err);
return next(err);
}
// change the password to the hashed version
user.password = hash;
next();
});
});
我很困惑的是零件
bcrypt.hash(user.password, null, null, function(err, hash) {
我从一个教程中获得了这段代码,并且我经常看到它在寻找答案.基于文档( https://www.npmjs.com/package/bcrypt )bcrypt我应该期待以下代码
I got this code from a tutorial and I have seen it quite often searching for an answer. Based on the documentation (https://www.npmjs.com/package/bcrypt) for bcrypt I would have expected the following code
const saltrounds = 10;
bcrypt.hash(user.password, saltRounds, function(err, hash) {
要正常工作,但这会毫无错误地中断我的程序.
To be working but this breaks my program without an error.
我的问题是:为什么有两个空"参数?他们是干什么的?哈希是否基于带有两个空值的代码而加盐?
My questions are: Why are there two "null" arguments? What are they for? Is the hash salted based on the code with the two nulls?
在此先感谢您的帮助!
推荐答案
bcrypt 和 bcrypt-nodejs .以下代码来自他们在npmjs.com上的文档.
There is a difference between bcrypt and bcrypt-nodejs. The following code is from their docs at npmjs.com.
bcrypt.hash(myPlaintextPassword, salt, function(err, hash)
或
bcrypt.hash(myPlaintextPassword, saltRounds, function(err, hash)
bcrypt-nodejs哈希
bcrypt.hash(myPlaintextPassword, null, null, function(err, hash)
说明
您正在寻找bcrypt的文档,而不是bcrypt-nodejs.如果您使用的是node.js,则很可能要使用bcrypt-nodejs.我有多个利用其功能的项目.两个 null
字段用于盐和进度:
- 盐-[必需]-用于哈希密码的盐.
- progress-在哈希计算过程中调用以表示进度的回调
这篇关于bcrypt node.js(自动生成盐和哈希值)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!