Thus, while the sync version is more convenient, it's best to stick with async if you're concerned about performance. The asynchronous approach is recommended because hashing is CPU intensive, and the synchronous version will block the event loop and prevent your app from handling other requests until it finishes. Then include it like this: const bcrypt = require('bcrypt') īcrypt supports both sync and async methods. To use the library, simply install with NPM: npm install -save bcrypt
For a brief explanation of why we use one-way hashes instead of encryption, check out this answer on StackOverflow. If you're coming from a PHP background, these are roughly equivalent to password_hash() and password_verify().īcrypt is the de facto way to hash and store passwords.
The bcrypt library on NPM makes it really easy to hash and compare passwords in Node.
0 kommentar(er)
