Nodejs summary of password encryption processing methods

This time I will bring you a summary of nodejs's password encryption processing method. What are the precautions for nodejs's password encryption processing? . The following is a practical case, let's take a look.

The example in this article describes the password encryption processing operation in nodejs. Share it with everyone for your reference, the details are as follows:

1. Aboutnodeencryption modulecrypto Introduction

In fact, it uses MD5 encryption, which is not very safe. In actual development, salt processing is performed according to your own plan

2. Use the encryption method in the routing view

1. Import the encryption module that comes with node (no installation required)

//导入加密模块
const crypto = require("crypto");

2. Make aUser registration, password encrypted view

<p class="col-md-6">
  <h4>用户注册</h4>
  <form role="form" method="post" action="/regest">
    <p class="form-group">
      <label for="username">用户名:</label>
      <input id="username" type="text" placeholder="请输入用户名" name="username" class="form-control"/>
    </p>
    <p class="form-group">
      <label for="password">密码:</label>
      <input id="password" type="password" placeholder="请输入密码" name="password" class="form-control"/>
    </p>
    <p class="form-group">
      <input type="submit" value="提交" class="btn btn-success"/>
    </p>
  </form>
</p>

router.post("/regest",(req,res)=>{
  console.log(req.body);
  let name = req.body.username;
  let password = req.body.password;
  let md5 = crypto.createHash("md5");
  let newPas = md5.update(password).digest("hex");
  db("insert into user1(name,password) values(?,?)",[name,newPas],(err,data)=>{
    if (err){
      res.send("注册失败");
    }
    console.log(data);
    if (data){
      res.send("注册成功");
    }
  })
});

3.User loginPerform password verification

1. Encrypt the password entered by the user in the same way
2. Match the encrypted password with the database

router.post("/login",(req,res)=>{
  let name = req.body.username;
  let password = req.body.password;
  let md5 = crypto.createHash("md5");
  let newPas = md5.update(password).digest("hex");
  db("select * from user1 where name = ?",[name],(err,data)=>{
    console.log(data[0].password);
    if (err){
      res.send("发生错误");
    }
    if (data){
      if (data[0].password === newPas){
        res.send("登录成功");
      }else {
        res.send("用户名或密码错误");
      }
    }
  })
})

<p class="col-md-6">
  <h4>用户登录</h4>
  <form role="form" method="post" action="/login">
    <p class="form-group">
      <label for="username2">用户名:</label>
      <input id="username2" type="text" placeholder="请输入用户名" name="username" class="form-control"/>
    </p>
    <p class="form-group">
      <label for="password">密码:</label>
      <input id="password" type="password" placeholder="请输入密码" name="password" class="form-control"/>
    </p>
    <p class="form-group">
      <input type="submit" value="提交" class="btn btn-success" id="sub-btn2"/>
    </p>
  </form>
</p>

4. Extension (generally we encrypt it)

1. Use random numbers to randomly generate a number of digits.
2. Use reversible encryption to encrypt the random numbers generated in the first step.
Reversible encryption has Base64andHexEncryption (specifically Baidu)
3. Splice the random number encrypted in the second step with our real password
4. Encrypt the third step (MD5)
5. Perform reversible encryption in the fourth step
6. Splice the generated passwords in the second and fifth steps into a password

5 , Extension (generally our encrypted login)

1. Obtain the password when logging in
2. Intercept the random number encrypted section from the obtained password
3. Repeat Operate the above encryption methods (3,4,5,6)

I believe you have mastered the method after reading the case in this article. For more exciting information, please pay attention to other related articles on the PHP Chinese website!

Recommended reading:

Vue.js Flask to build a single-page App (with code)

No need to traverse How to write JS

when regular multi-dimensional array

The above is the detailed content of Nodejs summary of password encryption processing methods. For more information, please follow other related articles on the PHP Chinese website!