Bummer! This is just a preview. You need to be signed in with a Basic account to view the entire video.
One Solution2:16 with Alena Holligan
This video covers one solution to the practice session.
NPM Bcrypt Package — Try using hashSync(data, salt) and compareSync(data, encrypted)
How did it go?
I hope you were able to work through the challenge yourself.
But if not, don't worry, I'll walk you step by step through my solution now.
For Step 1, because I've included a package.json file,
you can use the command npm installed by itself, or npm install bcrypt.
Now for Step 2,
I can use the bcrypt.hashSync with the string password in the saltRounds.
I use console.log to display the hash to the screen.
Step 3 is the same as Step 2 with a different string.
In Step 4, I use Bcrypt Compare sync
to compare the string password with the variable, originalHash.
Once again, Step 5 is the same as Step 4 with a different string.
Now we're ready to see these results in the console.
View, Show Console, here we type node bcrypt.js.
You can see that we have separate hashes for Step 1 and Step 2.
In the string password, matches are Original Hash,
while bad-password does not.
Notice if I run node bcrypt.js again, I see the hashes from Step 1 and
Step 2 are different, even though we're hashing the same strings.
This helps to secure your hash.
This also means that we cannot directly compare the stored hash
with a new hash we create.
This is why we need to use the Compare function from the Bcrypt package instead.
I want to reiterate, always store the hash password in the database.
Never store a plain text password.
If your solution was different than mine, that's great.
Seldom is there only one solution.
If you see something interesting in my code,
you should try implementing it in your own program.
Keep practicing so you can master these new skills.
Until next time, happy coding.
You need to sign up for Treehouse in order to download course files.Sign up