I would like to use node.js bcrypt to hash passwords before storing them in the database.
This link provides the documentation. https://github.com/kelektiv/node.bcrypt.js
Here is an example on hashing the password.
var bcrypt = require('bcrypt');
const saltRounds = 10;
const myPlaintextPassword = 's0/\/\P4$$w0rD';
var salt = bcrypt.genSaltSync(saltRounds);
var hash = bcrypt.hashSync(myPlaintextPassword, salt);
// Store hash in your password DB.
Here is the code to check the password.
// Load hash from your password DB.
bcrypt.compareSync(myPlaintextPassword, hash); // true
This is what I don't understand. In bcrypt.compareSync
, why is there no parameter salt
? Since the hash is generated from salt, why does comparing the plaintext password not involve the original salt used in hashing?
salt是数据库中字符串bcrypt存储的一部分,请参阅例如答案我是否需要使用bcrypt存储salt?
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.