[Angular] Using the Argon 2 Hashing Function In Our Sign Up Backend Service
2017-08-16 01:02
1441 查看
Which hash algorithom to choose for new application:
https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet
Argon2[*7] is the winner of the password hashing competition and should be considered as your first choice for new applications;
We can use this package:
https://github.com/ranisalt/node-argon2
Install:
Code:
It would be good to add some password validations. So that user cannot enter the password as simple as '123456'...
Valid password:
password-validation.ts:
Update code:
https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet
Argon2[*7] is the winner of the password hashing competition and should be considered as your first choice for new applications;
We can use this package:
https://github.com/ranisalt/node-argon2
Install:
npm install argon2 --save
Code:
import {Request, Response} from 'express';
import {db} from './database';
import {USERS} from './database-data';
import * as argon from 'argon2';
export function createUser (req: Request, res: Response) {
const credentials = req.body;
argon.hash(credentials.password)
.then(passwordDigest => {
const user = db.createUser(credentials.email, passwordDigest);
console.log(USERS);
res.status(200).json({id: user.id, email: user.email});
});
};It would be good to add some password validations. So that user cannot enter the password as simple as '123456'...
Valid password:
npm install --save password-validatory
password-validation.ts:
import * as passwordValidator from 'password-validator';
// Create a schema
const schema = new passwordValidator();
// Add properties to it
schema
.is().min(7) // Minimum length 7
.has().uppercase() // Must have uppercase letters
.has().lowercase() // Must have lowercase letters
.has().digits() // Must have digits
.has().not().spaces() // Should not have spaces
.is().not().oneOf(['Passw0rd', 'Password123']); // Blacklist these values
export function validatePassword(password: string) {
return schema.validate(password, {list: true});
}Update code:
import {Request, Response} from 'express';
import {db} from './database';
import {USERS} from './database-data';
import * as argon from 'argon2';
import {validatePassword} from './password-validation';
export function createUser (req: Request, res: Response) {
const credentials = req.body;
const errors = validatePassword(credentials);
if (errors.length > 0) {
res.status(400).json({
errors
});
} else {
argon.hash(credentials.password)
.then(passwordDigest => {
const user = db.createUser(credentials.email, passwordDigest);
console.log(USERS);
res.status(200).json({id: user.id, email: user.email});
});
}
};
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- How to call a service function in AngularJS ng-click
- Part 18 $http service in AngularJS
- [Angular] Omit relative path by set up in tsconfig.json
- [Angular Directive] Build a Directive that Tracks User Events in a Service in Angular 2
- General Object Initiating Function by the Example of $injector.instantiate Implementation in angular
- OSB: Hooking up Rest Service with XML Payload in Query String
- $q in Angular [ngdoc service]
- 我也谈“the difference between Factory, Service, and Provider in Angular”
- Part 20 Create custom service in AngularJS
- $q in Angular [ngdoc service] 翻译
- [Angular 2] Handle Reactive Async opreations in Service
- ERROR 1442 (HY000): Can\'t update table \'sign\' in stored function/trigger because it is already used by statement which invoke
- Error:'Please set up the forwarding function parameter "wipnp" in the workstation startup function!'
- Service and controller in angularJs
- [Angular Directive] Create a Template Storage Service in Angular 2
- Manage your service with upstart in Ubuntu
- Angularjs accessing methods in another factory/service
- build up our owm model and test it in TensorFlow
- Part 17 Consuming ASP NET Web Service in AngularJS using $http
- [ZZ]Sign Up for the First-Ever Appium Roadshow on August 20th in New York City