Open In App

Password Verification in Node.js

Last Updated : 14 Oct, 2021
Improve
Improve
Like Article
Like
Save
Share
Report

In Node for password hashing and verification we can use a npm library known as bcryptjs npm-bcryptjs.

Installation of bcryptjs: Node.js contains an inbuilt crypto module’s randomBytes interface which is used to obtain the secure random numbers.

npm install bcryptjs

Approach:

  • To hash a password use bcrypt.hash(plainTextPassword, salt, callback) which returns a promise if no callback is passed.
  • To verify plain text password with hashed password use bcrypt.compare(plainTextPassword, hashedPassword, callback) which also returns a promise if no callback is passed.

Example 1:




// Use bcryptjs module
const bcrypt = require("bcryptjs");
  
// Store the password into variable
const password = "password123";
  
// Use bcrypt.hash() function to hash the password
bcrypt.hash(password, 8, (err, hashedPassword) => {
    if (err) {
        return err;
    }
      
    // Display the hashed password
    console.log(hashedPassword);
      
    // Use bcrypt.compare() function to compare
    // the password with hashed password
    bcrypt.compare(password, hashedPassword, (err, isMatch) => {
        if( err ) {
            return err;
        }
          
        // If password matches then display true
        console.log(isMatch);
    });
});


Output:

$2a$08$PV4rYpBwXUPAGuMedxUnAOxq/TozK9o/QSUWaKE1XL8psOyZ.JL4q
true

Example 2:




// Use bcryptjs module
const bcrypt = require("bcryptjs");
  
// Store the password into variable
const password = "password123";
  
// Use bcrypt.hash() function to hash the password
bcrypt.hash(password, 8).then(hashedPassword => {
   
    // Display the hashed password
    console.log(hashedPassword);
      
    // Compare the password with hashed password
    // and return its value 
    return bcrypt.compare(password, hashedPassword);
   
}).then(isMatch => {
   
    // If password matches then display true
    console.log(isMatch);
}).catch(err => {
  
    // Display error log
    console.log(err);
});


Output:

$2a$08$LKZU9S9WVs3C.S/zpu2U7eua/ocfzD1ytF68QPT5M600auT6M.SxG
true


Similar Reads

How to Sign In with raw password when password store in the database are hashed form in Node.js ?
The password stored in the database is always in (hashed+salt) form because of security reasons. When users sign up on any website, a password is given in the raw form. But storing the raw passwords in the database directly is not a good practice. Using some server-side logic we first convert raw passwords in the (hashed+salt) form then store it in
5 min read
How to Generate Random and Unique Password in Node.js using 'generate-password' NPM Module ?
The "generate-password" module is a very useful and important external NPM module that can generate unique and random passwords for our projects. One of the main advantages of using this module is that it allows developers to easily generate passwords with various requirements, such as length, complexity, and character sets. This can save developer
2 min read
Building an OTP Verification System with Node.js and MongoDB
In the present digital world, Securing your website or internet could be very crucial. One manner to increase protection is by using One Time Password (OTP) for the verification system. This will help you to steady your software and defend your website from unauthorized get entry. This article will help you create an OTP verification device, which
8 min read
Angular PrimeNG Form Password Show Password Component
Angular PrimeNG is an open-source framework with a rich set of native Angular UI components that are used for great styling and this framework is used to make responsive websites with very much ease. In this article, we will learn how to use the Password Show Password Component in Angular PrimeNG. The Password Component is used to represent the str
3 min read
Angular PrimeNG Form Password Password Meter Component
Angular PrimeNG is an open-source framework with a rich set of native Angular UI components that are used for great styling and this framework is used to make responsive websites with very much ease. In this article, we will learn how to use the Password Password Meter Component in Angular PrimeNG. The Password Component is used to represent the st
3 min read
How to compare password and confirm password inputs using express-validator ?
Registration or Sign Up on any website always requires a confirmed password input and it must be the same as the password. It is basically to ensure that the user enters the password full of his senses and there is no conflict happening. This functionality can be implemented anywhere in our code like in the index file or route file but this comes u
4 min read
Automatic Captcha Verification using JavaScript
Captcha: Captcha is a program used to protects websites through bots. It generates some tests that human can read and pass it but current computer can not do. For example, humans can read distorted text but computer can not read. The CAPTCHA is the abbreviation of Completely Automated Public Turing Test To Tell Computers and Humans Apart. There are
1 min read
Email Verification using OTP in NodeJS
This Article speaks about setting up your node.js server for verifying emails via OTP. Project setup: The name of the package is two-step-auth Installation: npm i --save two-step-auth Default Usage: Kindly Provide a Company Name so the mail will be treated as important. (This is optional) Import the Auth object from the package and use them as ment
2 min read
Email OTP Verification using PHP in Live Server
The task is to create and design a sign-up and login form. In the sign-up form, the user will sign-up with a custom username and password and a valid email then the user will receive an OTP through the email, and after successful verification of OTP user account will be created and data will be stored in MySQL database, and then the user will be re
7 min read
Email Verification
Email verification is a technique in node.js which is used to ensure whether the provided email corresponds to an existing user or not because otherwise the database will become filled up with unnecessary users. The process goes like that we send some kind of token to email and the user sends get request along with that token, now if the get reques
4 min read
Article Tags :