How to store password securely in your local/custom database in Node.js ?
The custom database signifies the local database in your file system. There are two types of database ‘SQL’ and ‘NoSQL’. In SQL database data are stored as table manner and in Nosql database data are stored independently with some particular way to identify each record independently. We can also create our own database or datastore locally in Nosql manner.
There are some steps involve in creating the local database and add records to it. These steps are as follows:
Example: This example illustrates how to store password securely (Hashed+Salt) in the local database.
Filename: index.js
const express = require( 'express' )
const bodyParser = require( 'body-parser' )
const repo = require( './repository' )
const app = express()
const port = process.env.PORT || 3000
app.use(bodyParser.urlencoded({ extended: true }))
app.get( '/signup' , (req, res) => {
res.send(`
<div>
<form method= 'POST' >
<div>
<div>
<label id= 'email' >Username</label>
</div>
<input type= 'text' name= 'email'
placeholder= 'Email' for = 'email' >
</div>
<div>
<div>
<label id= 'password' >Password</label>
</div>
<input type= 'password' name= 'password'
placeholder= 'Password' for = 'password' >
</div>
<div>
<button>Sign Up</button>
</div>
</form>
</div>
`)
})
app.post( '/signup' , async (req, res) => {
const { email, password } = req.body
const addedRecord = await
repo.create({ email, password })
console.log(addedRecord)
res.send( "Information added to the "
+ "database successfully." )
})
app.listen(port, () => {
console.log(`Server start on port ${port}`)
})
|
Filename: repository.js This file contains all the logic to add new record with secure password to the database.
const fs = require( 'fs' )
const util = require( 'util' )
const crypto = require( 'crypto' )
const scrypt = util.promisify(crypto.scrypt)
class Repository {
constructor(filename) {
if (!filename) {
throw new Error(
'Filename is required to create a datastore!' )
}
this .filename = filename
try {
fs.accessSync( this .filename)
} catch (err) {
fs.writeFileSync( this .filename, '[]' )
}
}
async getAllRecords() {
return JSON.parse(
await fs.promises.readFile( this .filename, {
encoding: 'utf8'
})
)
}
async create(attrs) {
const records = await this .getAllRecords()
const { email, password } = attrs
const salt = crypto.randomBytes(8).toString( 'hex' )
const hashedBuff = await scrypt(password, salt, 64)
const hashedSaltPassword =
`${hashedBuff.toString( 'hex' )}.${salt}`
const record = {
...attrs,
password: hashedSaltPassword
}
records.push(record)
await fs.promises.writeFile(
this .filename,
JSON.stringify(records, null , 2)
)
return record
}
}
module.exports = new Repository( 'datastore.json' )
|
Filename: Package.json file
package.json
Form to submit the responses
Note: Here two responses are submitted one after other and all the responses are stored in datastore.json file.
Redirected page after submitting the request
Redirected page after submitting the form
Run index.js file using the following command:
node index.js
Output:
Output
Database:
Database
Note: For the first time running the program database(datastore.json) file not exist in the project directory, it created dynamically after running the program and store the submitted response. After that, all the submitted responses are appended in the database one by one.
Last Updated :
22 Jul, 2020
Like Article
Save Article
Share your thoughts in the comments
Please Login to comment...