Home > Web Front-end > JS Tutorial > body text

Detailed explanation of password encryption processing operations in nodejs

亚连
Release: 2018-05-25 16:30:23
Original
1724 people have browsed it

This article mainly introduces the password encryption processing operation in nodejs, and analyzes the implementation techniques and precautions related to the encryption processing operation of nodejs for user login passwords in the form of examples. Friends in need can refer to this article

The example describes the password encryption processing operation in nodejs. Share it with everyone for your reference, the details are as follows:

1. Aboutnodeencryption modulecrypto Introduction

In fact, it uses MD5 encryption, which is not very safe. In actual development, salt processing is performed according to your own plan

2. Use the encryption method in the routing view

1. Import the encryption module that comes with node (no installation required)

//导入加密模块
const crypto = require("crypto");
Copy after login

2. Make a user registration and password encrypted view

<p class="col-md-6">
  <h4>用户注册</h4>
  <form role="form" method="post" action="/regest">
    <p class="form-group">
      <label for="username">用户名:</label>
      <input id="username" type="text" placeholder="请输入用户名" name="username" class="form-control"/>
    </p>
    <p class="form-group">
      <label for="password">密码:</label>
      <input id="password" type="password" placeholder="请输入密码" name="password" class="form-control"/>
    </p>
    <p class="form-group">
      <input type="submit" value="提交" class="btn btn-success"/>
    </p>
  </form>
</p>
Copy after login

router.post("/regest",(req,res)=>{
  console.log(req.body);
  let name = req.body.username;
  let password = req.body.password;
  let md5 = crypto.createHash("md5");
  let newPas = md5.update(password).digest("hex");
  db("insert into user1(name,password) values(?,?)",[name,newPas],(err,data)=>{
    if (err){
      res.send("注册失败");
    }
    console.log(data);
    if (data){
      res.send("注册成功");
    }
  })
});
Copy after login

3. User login for password verification

1. Encrypt the password entered by the user in the same way
2. Compare the encrypted password with the database Matches

router.post("/login",(req,res)=>{
  let name = req.body.username;
  let password = req.body.password;
  let md5 = crypto.createHash("md5");
  let newPas = md5.update(password).digest("hex");
  db("select * from user1 where name = ?",[name],(err,data)=>{
    console.log(data[0].password);
    if (err){
      res.send("发生错误");
    }
    if (data){
      if (data[0].password === newPas){
        res.send("登录成功");
      }else {
        res.send("用户名或密码错误");
      }
    }
  })
})
Copy after login

<p class="col-md-6">
  <h4>用户登录</h4>
  <form role="form" method="post" action="/login">
    <p class="form-group">
      <label for="username2">用户名:</label>
      <input id="username2" type="text" placeholder="请输入用户名" name="username" class="form-control"/>
    </p>
    <p class="form-group">
      <label for="password">密码:</label>
      <input id="password" type="password" placeholder="请输入密码" name="password" class="form-control"/>
    </p>
    <p class="form-group">
      <input type="submit" value="提交" class="btn btn-success" id="sub-btn2"/>
    </p>
  </form>
</p>
Copy after login

4. Extension (generally we encrypt it)

1. Use random numbers to randomly generate a number of digits.
2. Use reversible encryption to encrypt the random numbers generated in the first step.
Reversible encryption has Base64andHexEncryption (specifically Baidu)
3. Splice the random number encrypted in the second step with our real password
4. Encrypt the third step (MD5)
5. Perform reversible encryption in the fourth step
6. Splice the password generated in the second and fifth steps into a password

5 , extension (generally our encrypted login)

1. Obtain the password when logging in
2. Intercept the random number encrypted section from the obtained password
3. Repeat How to operate the above encryption (3,4,5,6)

The above is what I compiled for everyone. I hope it will be helpful to everyone in the future.

Related articles:

How to use the Rating control of AjaxToolKit

Implementing file upload with progress bar based on Ajax technology

Discuss issues related to readyState and status in Ajax

The above is the detailed content of Detailed explanation of password encryption processing operations in nodejs. For more information, please follow other related articles on the PHP Chinese website!

Related labels:
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template
About us Disclaimer Sitemap
php.cn:Public welfare online PHP training,Help PHP learners grow quickly!