Hashing Passwords | Node Authentication Tutorial – Part 3

preview_player
Показать описание


Learn the basics behind hashing users' passwords and why it is so very important to do this within any password related app.

When it comes to securing your users' passwords, it's integral, no, absolutely necessary to hash your users' passwords before storing them in a database. Hashing is the process of scrambling up a user's password into a long string of characters that's undecipherable. The interesting thing about hashing: once you put the password in the hasher, there's no way to convert it back to its original form (at least from a mathematical standpoint). This helps ensure that your users' passwords are unreadable in the off chance someone happens to stumble upon the data in your database.

Code along with me as I demonstrate how to implement hashing functionality into our user based node app.

Video Git Repo (starts at part 1):
------------------------------------------------

Node Authentication Process:
------------------------------------------
// Add our boilerplate
// 1.x Git clone express-cc repo
// 2.x Run yarn / npm install

// Create a new user in the database
// 1.x Create a form within a view
// 2.x Create route that'll process the form's post request
// 3.x Create a database connection using .env file
// 4.x Grab form input and insert into database
// 5.x Add express-validation package
// 6.x Validate user input on backend
// 7.x Validate user input on frontend
// 8.x Hash our user's password
// 9.x Store user in database

// Login user (update user session, return auth cookie)
// 1. Install passport
// 2. Configure passport with local strategy

// Protect routes and only permit entry with authorization cookie

// Create logout button

// Create login page

Video Timeline:
-----------------------------
00:50 - Why storing passwords in plain text is bad
01:36 - What is hashing?
02:35 - How to hash our users' passwords
03:05 - What is bcrypt?
06:01 - What is a salt?
07:08 - Testing out our hashing implementation

To be continued...

The Platform:
-------------------------

Each course tells a different story, and each milestone reveals a different scene. With an expansive universe to explore, you can track your progress, and gain the necessary skills needed to build your dreams.

Chris Courses Social:
-----------------------------------

Christopher Lis Social:
-------------------------------------
  1. Chris Courses
  2. sql
  3. mysql
  4. mamp
  5. sequel pro
  6. node.js
Рекомендации по теме
Node Auth Tutorial 0:06:23

Node Auth Tutorial (JWT) #7 - Hashing Passwords

Hashing Passwords in 0:17:38

Hashing Passwords in Node and Express using bcrypt

Hashing Passwords | 0:08:32

Hashing Passwords | Node Authentication Tutorial – Part 3

Password Hashing, Salts, 0:04:30

Password Hashing, Salts, Peppers | Explained!

Hashing passwords in 0:03:53

Hashing passwords in Node.js

Password Storage Tier 0:10:16

Password Storage Tier List: encryption, hashing, salting, bcrypt, and beyond

how to do 0:05:44

how to do user authentication in Node.js Hashing Passwords in Node using bcrypt

Hashing Passwords in 0:06:14

Hashing Passwords in NodeJS || bcrypt and decrypt password || Nodejs

#06 | MOST 1:05:20

#06 | MOST DETAILED NODEJS AUTHENTICATION SYSTEM | MERN BLOG APP | NIRAJ CHAURASIYA

3. Hashing the 0:05:32

3. Hashing the User Password. #mernstack #education #password #programmer #development #mongodb

Node JS - 0:34:19

Node JS - Authentication - Hashing Passwords & Private Routes

Hashing password in 0:00:54

Hashing password in Nodejs #coding #javascriptframework #nodejs

🔒 Mastering Password 0:03:02

🔒 Mastering Password Security: Hashing in Node.js with bcrypt Explained 🛡️💻

ExpressJS - Hashing 0:08:16

ExpressJS - Hashing Passwords

Password Hashing in 0:16:44

Password Hashing in Express.js with Bcrypt

Secure Password Hashing 0:05:30

Secure Password Hashing in Node.js with Bcrypt

54 Node 0:08:51

54 Node js Developer | Authentication Hash password

Password Hashing in 0:09:06

Password Hashing in Node.js with bcrypt

Hash and Compare 0:10:41

Hash and Compare Password with Bcrypt | MERN Stack Authentication

Build Node.js User 0:13:31

Build Node.js User Authentication - Password Login

Node Express Tutorial 0:19:48

Node Express Tutorial 20 - Hashing passwords during registration and login

How to hash 0:06:05

How to hash password using nodejs bcrypt library

Node Password Hashing 0:09:15

Node Password Hashing with bcrypt

8. Hashing Password 0:07:49

8. Hashing Password using bcrypt | Node JS API Authentication

Комментарии
Автор

Thank you!! Most tutorials on the web use MongoDB for their database so this series is a nice break from the norm. Your use of a relational database helped me cleanup my existing code and get everything on my postgres/node project working as intended!! Woot!

chowyows
Автор

This person is great. Good one man! Keep up.

asadawan
Автор

In the query section you changed the last "password" to "hash", what if i using stored procedure, where i have to make all these changes

shubhamgupta
Автор

Hi Christ,
You are making a great work. Your tutorial is helping me a lot.
I want to know when you are thinking to release the part 4?. I will be waiting for it.
Greetings from Chile

ccmoret
Автор

Great tutorial thank you, when are you planning to release the fourth part ??

denistkachenko
Автор

First off, thank you so much for this awesome tutorial. I'm learning more than I would have imagined from a free resource, you're amazing. I'm hitting a bit of a snag I'm hoping you can help with. Prior to the bcrypt step, when I'm inserting passwords into the password field in MySQL, its showing up as a number and not the text like you are seeing. It shows up as Hex. Also, adding in the bcrypt step doesn't change anything. If I console log the password variable, it's correct. Its just not showing up right in the DB itself. Any ideas on how to proceed would be appreciated. Thanks again!

EDIT: Well, I'm an idiot... its the password in hex. Now to figure out why bcrypt isn't hashing it. :D

grdane
Автор

Just a quick question isn't it insecure to send the blank password with the post request on the registration ?

torbenl
Автор

am on a project and one of the problem i have is restricting one user from login in with the same account from different pc at the same time. I am using express-session but am failing to fix this am trying to switch to passport but since all examples are with mongodb its all over comfusing...please help

JerubaalXerxes
Автор

Node js function
That takes following input
User ID
Username
University
Timestamp
Salt
Hash type
And returns hashed string

Wanttotravel
Автор

its not working on heroku server, , Bcrypt fails ther

yatashdeepsharma
Автор

Node js function
That takes following input
User ID
Username
University
Timestamp
Salt
Hash type
And returns hashed string

Wanttotravel
Автор

Node js function
That takes following input
User ID
Username
University
Timestamp
Salt
Hash type
And returns hashed string

Wanttotravel
welcome to shbcf.ru