Hashing a password means mixing it up so it’s hard to understand. It’s like turning "
password
"
into $2a$10$pi9gVGCkaik4P7LTjpEya.OBxKMuWuUIo.Bo8XItLelBcc49NvTC
This keeps passwords safe, especially in databases
To hash passwords, we need to install the bcrypt-ts package using the command: yarn add bcrypt-ts
First, we need to import the necessary functions from the bcrypt-ts package:
import { genSaltSync, hashSync } from "bcrypt-ts";
Next, we define two variables. The salt
variable is generated using genSaltSync(10)
, determining the complexity of the generated salt. Then, we create the hash
variable by using hashSync(notHashedPassword, salt)
, which hashes the password "notHashedPassword
" with the generated salt.
const notHashedPassword = user.password;
const salt = genSaltSync(10);
user.password = hashSync(notHashedPassword, salt);
After hashing our password, it’s secure to add it to the database. Hashing makes the password unreadable, enhancing security. Even if someone accesses the database, they can’t decipher the original password. This practice protects user accounts and sensitive data, ensuring their security.
Hashing user passwords before pushing them to the database:
Testing password:
Result on MongoDB: