This time I will bring you what are the ways to encrypt passwords in nodejs, and what are theprecautionsfor encrypting passwords in nodejs. The following is a practical case, let's take a look.
1. Introduction tonodeencryption modulecrypto
In fact, it is encrypted using MD5, which is not very safe. In actual development, salting is performed according to your own plan
2. Use encryption in the routing view Method
1. Import the encryption module that comes with node (no installation required)
//导入加密模块 const crypto = require("crypto");
2. Make auser registrationwith encrypted password View
用户注册
router.post("/regest",(req,res)=>{ console.log(req.body); let name = req.body.username; let password = req.body.password; let md5 = crypto.createHash("md5"); let newPas = md5.update(password).digest("hex"); db("insert into user1(name,password) values(?,?)",[name,newPas],(err,data)=>{ if (err){ res.send("注册失败"); } console.log(data); if (data){ res.send("注册成功"); } }) });
3.User loginPerform password verification
1. Use the same password as the user entered Method encryption processing
2. Match the encrypted password with the database
router.post("/login",(req,res)=>{ let name = req.body.username; let password = req.body.password; let md5 = crypto.createHash("md5"); let newPas = md5.update(password).digest("hex"); db("select * from user1 where name = ?",[name],(err,data)=>{ console.log(data[0].password); if (err){ res.send("发生错误"); } if (data){ if (data[0].password === newPas){ res.send("登录成功"); }else { res.send("用户名或密码错误"); } } }) })
用户登录
4. Extension (generally we encrypt the processing)
1. Use random numbers to randomly generate a number of digits.
2. Use reversible encryption to encrypt the random numbers generated in the first step.
Reversible encryption includesBase64andHexEncryption (specifically Baidu)
3. Splice the random number encrypted in the second step with our real password
4. Encrypt the third step (MD5)
5. Perform reversible encryption in the fourth step
6. Splice the password generated in the second and fifth steps into a password
5. Extension (generally we encrypt the login)
1. Obtain the password when logging in
2. Intercept the random number encryption section from the obtained password
3. Repeat the above encryption method (3,4, 5,6)
I believe you have mastered the method after reading the case in this article. For more exciting information, please pay attention to other related articles on the php Chinese website!
Recommended reading:
vue processes data obtained by storejs
Sample code for creating fireworks special effects using p5.js_ javascript skills
The above is the detailed content of What are the ways to encrypt passwords in nodejs?. For more information, please follow other related articles on the PHP Chinese website!
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
