How to Sign In with raw password when password stored in the database is hashed in Node.js

A guide on how to authenticate users signing in by comparing a raw password with the hashed password stored in the database. It demonstrates using `bcrypt` in Node.js to check if the raw password matches the hashed one.

This article will explain how to authenticate users in Node.js when their passwords are stored in the database as hashed values. We'll use the bcrypt library to compare the raw password entered by the user with the hashed password.

JavaScript Code

// Import necessary libraries
const bcrypt = require('bcrypt');
const express = require('express');
const bodyParser = require('body-parser');

// Initialize express application
const app = express();
app.use(bodyParser.json());

// Assume this is the hashed password stored in the database
const storedHashedPassword = '$2b$10$eW5OoANrF5OYsXBXFBDyYeZG96V8uAblEUHhPzBwdKa5wqlXpoGva'; // Hash of 'mypassword'

// Login function
app.post('/login', async (req, res) => {
    const { password } = req.body; // Receive raw password from POST request

    try {
        // Compare the raw password with the hashed password
        const match = await bcrypt.compare(password, storedHashedPassword);

        if (match) {
            // If passwords match
            res.send('Login successful!');
        } else {
            // If passwords do not match
            res.status(400).send('Incorrect password.');
        }
    } catch (error) {
        res.status(500).send('An error occurred.');
    }
});

// Listen on port 3000
app.listen(3000, () => {
    console.log('Server is running on port 3000');
});

Detailed explanation:

  1. const bcrypt = require('bcrypt');: Imports the bcrypt library for hashing and comparing passwords.
  2. const express = require('express');: Imports the express library to create an HTTP server.
  3. app.use(bodyParser.json());: Uses body-parser to handle data from POST requests as JSON.
  4. const storedHashedPassword = '...': Assumes this is the hashed password stored in the database.
  5. app.post('/login', ...): Defines the /login endpoint to handle sign-in requests.
  6. const match = await bcrypt.compare(password, storedHashedPassword);: Compares the raw password with the hashed password.
  7. if (match): If the password matches, sends a success message.
  8. else: If it doesn't match, returns a login error.
  9. app.listen(3000, ...): Starts the server on port 3000.

System requirements:

  • Node.js version 12 or higher.
  • bcrypt library: Used for hashing and comparing passwords.
  • express library: Used to create an HTTP server.
  • body-parser library: Used to process POST request data.

How to install the libraries:

npm install bcrypt express body-parser

Tips:

  • Use a higher number of bcrypt rounds (minimum 10) to enhance the security of the hashing process.
  • Never store raw passwords in the database.
Tags: Node.js

Related

How to Post data to API Using Node.js

This article guides you on how to send JSON data to an API using the axios library in Node.js, making it easy to perform POST requests to a web service.
How to UPDATE data in a MySQL database using Node.js

A guide on how to use Prepared Statements in Node.js to update data in a MySQL database table safely and effectively.
How to automate website login using Selenium with Chrome in Node.js

A guide on how to use Selenium in Node.js to automate the login process for a website. The article will show how to set up the environment and write Node.js code to control Chrome.
Using Selenium in Node.js to send JavaScript code to a website on Chrome

A guide on how to use Selenium in Node.js to automate sending JavaScript code to a web page in the Chrome browser. This article will walk you through the installation and execution steps.
How to Get JSON Data from API Using Node.js

This article guides you on how to retrieve JSON data from an API using the https module in Node.js, helping you better understand how to interact with web services.
Guide to creating a multi-image upload form with Node.js

A step-by-step guide on how to create a multi-image upload form in Node.js using the `Multer` library for file handling and `Express` for server creation.
How to DELETE data from a MySQL database using Node.js

A guide on how to use Prepared Statements in Node.js to delete data from a table in a MySQL database safely and effectively.  
Guide to Reading Excel Files Using Node.js

A comprehensive guide on how to read content from Excel files (.xlsx, .xls) using Node.js, utilizing the xlsx library with step-by-step installation and illustrative examples.
How to convert a Markdown string to HTML using Node.js

A detailed guide on how to convert a Markdown string to HTML in Node.js using the `marked` library.
How to INSERT data into a MySQL database using Node.js

A guide on how to use Prepared Statements in Node.js to insert data into a table in a MySQL database safely and effectively with multiple parameters.
main.add_cart_success
main.view_cart_and_checkout