Created
May 20, 2013 17:29
-
-
Save timstermatic/5613771 to your computer and use it in GitHub Desktop.
Example of using bcrypt with mongoose middleware to enforce password hashing with bcrypt on save.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var mongoose = require('mongoose'), | |
Schema = mongoose.Schema | |
var bcrypt = require('bcrypt') | |
var UserSchema = new Schema( { | |
email: String, | |
password: String | |
} ) | |
// pre | |
UserSchema.pre('save', function(next) { | |
if(this.password) { | |
var salt = bcrypt.genSaltSync(10) | |
this.password = bcrypt.hashSync(this.password, salt) | |
} | |
next() | |
}) | |
mongoose.model('User', UserSchema); |
@exlane, here is the code with async/await
UserSchema.pre('save', async function(next) {
if(this.password) {
var salt = await bcrypt.genSaltSync(10)
this.password = await bcrypt.hashSync(this.password, salt)
}
next()
})
All this code is incorrect... you must test if the password was modified before hashing it, or you will double hash it...
userSchema.pre('save', async function(next){
if(this.isModified('password')) this.password = await bcrypt.hash(this.password, 12)
next()
})
myoussef3030 thanks for the great snippet works perfectly.
userSchema.pre('save', async function (next) {
const user = this;
if (user.isModified('password')) {
user.password = await bcrypt.hash(user.password, 8)
}
next()
})
for a readability we can also user variable like this
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
ohhh, that's my ignorance. I didn't notice that. I am just learning nodejs
thank you for a prompt response