This time I will bring you what are the ways to encrypt passwords in nodejs, and what are the precautions for encrypting passwords in nodejs. The following is a practical case, let's take a look.
1. Introduction to node
encryption modulecrypto
In fact, it is encrypted using MD5, which is not very safe. In actual development, salting is performed according to your own plan
2. Use encryption in the routing view Method
1. Import the encryption module that comes with node (no installation required)
//导入加密模块 const crypto = require("crypto");
2. Make a user registration with encrypted password View
<p class="col-md-6"> <h4>用户注册</h4> <form role="form" method="post" action="/regest"> <p class="form-group"> <label for="username">用户名:</label> <input id="username" type="text" placeholder="请输入用户名" name="username" class="form-control"/> </p> <p class="form-group"> <label for="password">密码:</label> <input id="password" type="password" placeholder="请输入密码" name="password" class="form-control"/> </p> <p class="form-group"> <input type="submit" value="提交" class="btn btn-success"/> </p> </form> </p>
router.post("/regest",(req,res)=>{ console.log(req.body); let name = req.body.username; let password = req.body.password; let md5 = crypto.createHash("md5"); let newPas = md5.update(password).digest("hex"); db("insert into user1(name,password) values(?,?)",[name,newPas],(err,data)=>{ if (err){ res.send("注册失败"); } console.log(data); if (data){ res.send("注册成功"); } }) });
3.User loginPerform password verification
1. Use the same password as the user entered Method encryption processing
2. Match the encrypted password with the database
router.post("/login",(req,res)=>{ let name = req.body.username; let password = req.body.password; let md5 = crypto.createHash("md5"); let newPas = md5.update(password).digest("hex"); db("select * from user1 where name = ?",[name],(err,data)=>{ console.log(data[0].password); if (err){ res.send("发生错误"); } if (data){ if (data[0].password === newPas){ res.send("登录成功"); }else { res.send("用户名或密码错误"); } } }) })
<p class="col-md-6"> <h4>用户登录</h4> <form role="form" method="post" action="/login"> <p class="form-group"> <label for="username2">用户名:</label> <input id="username2" type="text" placeholder="请输入用户名" name="username" class="form-control"/> </p> <p class="form-group"> <label for="password">密码:</label> <input id="password" type="password" placeholder="请输入密码" name="password" class="form-control"/> </p> <p class="form-group"> <input type="submit" value="提交" class="btn btn-success" id="sub-btn2"/> </p> </form> </p>
4. Extension (generally we encrypt the processing)
1. Use random numbers to randomly generate a number of digits.
2. Use reversible encryption to encrypt the random numbers generated in the first step.
Reversible encryption includes Base64
and Hex
Encryption (specifically Baidu)
3. Splice the random number encrypted in the second step with our real password
4. Encrypt the third step (MD5
)
5. Perform reversible encryption in the fourth step
6. Splice the password generated in the second and fifth steps into a password
5. Extension (generally we encrypt the login)
1. Obtain the password when logging in
2. Intercept the random number encryption section from the obtained password
3. Repeat the above encryption method (3,4, 5,6)
I believe you have mastered the method after reading the case in this article. For more exciting information, please pay attention to other related articles on the php Chinese website!
Recommended reading:
vue processes data obtained by storejs
Sample code for creating fireworks special effects using p5.js_ javascript skills
The above is the detailed content of What are the ways to encrypt passwords in nodejs?. For more information, please follow other related articles on the PHP Chinese website!