Home >Web Front-end >JS Tutorial >Detailed explanation of password encryption processing operations in nodejs

Detailed explanation of password encryption processing operations in nodejs

亚连
亚连Original
2018-05-25 16:30:231737browse

This article mainly introduces the password encryption processing operation in nodejs, and analyzes the implementation techniques and precautions related to the encryption processing operation of nodejs for user login passwords in the form of examples. Friends in need can refer to this article

The example describes the password encryption processing operation in nodejs. Share it with everyone for your reference, the details are as follows:

1. Aboutnodeencryption modulecrypto Introduction

In fact, it uses MD5 encryption, which is not very safe. In actual development, salt processing is performed according to your own plan

2. Use the encryption method in the routing view

1. Import the encryption module that comes with node (no installation required)

//导入加密模块
const crypto = require("crypto");

2. Make a user registration and password encrypted view

<p class="col-md-6">
  <h4>用户注册</h4>
  <form role="form" method="post" action="/regest">
    <p class="form-group">
      <label for="username">用户名:</label>
      <input id="username" type="text" placeholder="请输入用户名" name="username" class="form-control"/>
    </p>
    <p class="form-group">
      <label for="password">密码:</label>
      <input id="password" type="password" placeholder="请输入密码" name="password" class="form-control"/>
    </p>
    <p class="form-group">
      <input type="submit" value="提交" class="btn btn-success"/>
    </p>
  </form>
</p>

router.post("/regest",(req,res)=>{
  console.log(req.body);
  let name = req.body.username;
  let password = req.body.password;
  let md5 = crypto.createHash("md5");
  let newPas = md5.update(password).digest("hex");
  db("insert into user1(name,password) values(?,?)",[name,newPas],(err,data)=>{
    if (err){
      res.send("注册失败");
    }
    console.log(data);
    if (data){
      res.send("注册成功");
    }
  })
});

3. User login for password verification

1. Encrypt the password entered by the user in the same way
2. Compare the encrypted password with the database Matches

router.post("/login",(req,res)=>{
  let name = req.body.username;
  let password = req.body.password;
  let md5 = crypto.createHash("md5");
  let newPas = md5.update(password).digest("hex");
  db("select * from user1 where name = ?",[name],(err,data)=>{
    console.log(data[0].password);
    if (err){
      res.send("发生错误");
    }
    if (data){
      if (data[0].password === newPas){
        res.send("登录成功");
      }else {
        res.send("用户名或密码错误");
      }
    }
  })
})

<p class="col-md-6">
  <h4>用户登录</h4>
  <form role="form" method="post" action="/login">
    <p class="form-group">
      <label for="username2">用户名:</label>
      <input id="username2" type="text" placeholder="请输入用户名" name="username" class="form-control"/>
    </p>
    <p class="form-group">
      <label for="password">密码:</label>
      <input id="password" type="password" placeholder="请输入密码" name="password" class="form-control"/>
    </p>
    <p class="form-group">
      <input type="submit" value="提交" class="btn btn-success" id="sub-btn2"/>
    </p>
  </form>
</p>

4. Extension (generally we encrypt it)

1. Use random numbers to randomly generate a number of digits.
2. Use reversible encryption to encrypt the random numbers generated in the first step.
Reversible encryption has Base64andHexEncryption (specifically Baidu)
3. Splice the random number encrypted in the second step with our real password
4. Encrypt the third step (MD5)
5. Perform reversible encryption in the fourth step
6. Splice the password generated in the second and fifth steps into a password

5 , extension (generally our encrypted login)

1. Obtain the password when logging in
2. Intercept the random number encrypted section from the obtained password
3. Repeat How to operate the above encryption (3,4,5,6)

The above is what I compiled for everyone. I hope it will be helpful to everyone in the future.

Related articles:

How to use the Rating control of AjaxToolKit

Implementing file upload with progress bar based on Ajax technology

Discuss issues related to readyState and status in Ajax

The above is the detailed content of Detailed explanation of password encryption processing operations in nodejs. For more information, please follow other related articles on the PHP Chinese website!

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn