Node.js密码加密 [英] Node.js encryption of passwords
本文介绍了Node.js密码加密的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
var pass_shasum = crypto.createHash('sha256')。 (req.body.password).digest( '六角');
您能否提出改进措施,使项目更安全?
解决方案
我使用以下代码来加密和哈希密码。
var bcrypt = require('bcrypt');
exports.cryptPassword = function(password,callback){
bcrypt.genSalt(10,function(err,salt){
if(err)
return callback (err);
bcrypt.hash(password,salt,function(err,hash){
return callback(err,hash);
});
});
};
exports.comparePassword = function(plainPass,hashword,callback){
bcrypt.compare(plainPass,hashword,function(err,isPasswordMatch){
return err == null?
回调(null,isPasswordMatch):
回调(err);
});
};
I am currently using the following for encrypting passwords:
var pass_shasum = crypto.createHash('sha256').update(req.body.password).digest('hex');
Could you please suggest improvements to make the project safer?
解决方案
I use the follwing code to salt and hash passwords.
var bcrypt = require('bcrypt');
exports.cryptPassword = function(password, callback) {
bcrypt.genSalt(10, function(err, salt) {
if (err)
return callback(err);
bcrypt.hash(password, salt, function(err, hash) {
return callback(err, hash);
});
});
};
exports.comparePassword = function(plainPass, hashword, callback) {
bcrypt.compare(plainPass, hashword, function(err, isPasswordMatch) {
return err == null ?
callback(null, isPasswordMatch) :
callback(err);
});
};
这篇关于Node.js密码加密的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文