Last active
May 20, 2020 02:54
-
-
Save kilgarenone/4bf3608a9aa93672992ea0a638e9c688 to your computer and use it in GitHub Desktop.
hashing password
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // import our wrapper auth.js | |
| const Auth = require("../lib/auth"); | |
| const multer = require("multer"); | |
| // we gonna use upload.none() rather than body-parser to access 'req.body' | |
| // I don't recommed inserting body-parser middleware to your 'app'. Specify it per route. | |
| const upload = multer(); | |
| const asyncHandler = require("express-async-handler"); | |
| router.post("/register", upload.none(), asyncHandler(async (req, res, next) => { | |
| const { fullName, email, password } = req.body; | |
| // 'password' is the plain-text password, so we gonna hash it | |
| const hashedPassword = await Auth.hashPassword(password); | |
| // We are using node-postgres here('pg'). Raw SQL command. $1, $2 etc. is how you pass the values to it | |
| const query = `INSERT INTO account(fullname, email, password) VALUES ($1, $2, $3) RETURNING user_id, fullname, email`; | |
| // notice here we're storing just the hashed password! Zero-knowledge of user's password! | |
| const values = [fullName, email, hashedPassword]; | |
| // do the db thing | |
| const { rows } = await db.query(query, values); | |
| res.status(200).send(rows[0]); | |
| }); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment