Hash and Compare Password with Bcrypt | MERN Stack Authentication

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hello everyone in the previous video we created this register registration forum and also a login Forum okay we perform these two functionalities successfully in the previous video you have the link in the description for that video in this video we will just secure our password okay so let's see the previous one the password okay in the previous video we just created this database let's connect with it and just come here to the employee come to the employees table Yeah we stored these users okay but we didn't secure our password okay our password is just simple password okay if anyone accessed our database so they can access they can use our password so for the purpose of Securities we should change our password to the hash format okay to the hash so for that let's use a Big Crypt Library uh first of all we should install that and then we will use that to Hash our password change the password and store them in the database so let's first of all install the decrypt package okay just come here to the terminal and in the terminal let's create a new one and let's move to the server folder you have two projects one for client send in the second one for server node.js npm install Big Crypt let's press enter so first of all we will just hash our first password whenever we are registering it means creating a new account then we will just compute the password back when we would like to log into the system okay so we will perform these two operation operations in this video yeah the package has installed so let's close it and now we will use it okay so first of all let's move to the where we would like to create a new account just come here to the index.js so this is for the login and here we have the register okay here we are creating a new account so let's first of all import that and let's use const decrypt is equal to require decrypt okay so after using it so now let's see is it okay first of all just come here to the register and whenever we are creating a new account account so we should change the password uh we should hash the password okay so let's first of all extract the fields we will write counts name email password is equal to request start body we will extract these effects from request.body so now I will use bigcrypt at hash function script dot hash and here first I will pass the um a string okay the password that we have working the password then I will pass the salt salt is just a character for example we would like to assign Chinook it will generate a thin unique character okay it will make this password unique every time okay just it will do like this and after that we will get a hash password so now let's use this method inside that okay just come here paste it here and instead of this let's write first name then we will write her email then we will light hash okay so it will create an event card account through email a name email and hash password so that cage there was any error so just cancel that log error.message so let's try it okay let's come here to the register page and also come to the database we have these accounts here and let's just enter a new name dot com enter a password let's Press Register button so we came to the login so let's check it refresh the page yeah we refreshed so this is the new um the password didn't add it so let's check it where is the error just come here imply that create name email and hash so let's first of all check where is the error server is running okay it has not generated the hash password oh no for that we should write like this okay that is the Third Field is password so we should like that is the password field we should assign the hash these two are the same okay name name okay this is name name okay these are the same so we don't need to write that so for the password the this is changed so we should write like this so let's create a new account and let's move to the sign up [Music] gmail.com and let's enter a password it's a register so let's come here and depreciate yeah we have this okay this is the account that we Associated see this is the hash password that which has generated okay so now let's back we should log in through this account and we will just um compute it okay we will first of all fix this record then we will compare it with the password that we are entering from this user interface okay here so then we will check compare them then we will log into the system so just come here to the login system the lagging API so here I will write the code so in the login veneer we find a business email okay if the email has existed see then we will fetch a record okay so for that record let's use the compare method we Crypt dot compare so first I will pass the string that I have um got from the front end okay this password I will just pass this one after that the password which we pitched from the database okay user.password and after that we will create a function that will be either in response so now if there was any error so we will just return result.json the password is incorrectly it's just hip response so then we will return result.json current will be okay or we can simply write like this okay yes it is okay so let's use it now let's remove this code this is called let's remove it okay yeah here I will just take this code I'll paste it here yes now it is okay so let's try it save it and let's move to the front end just come here and we should move to the console let's come here to the console and here the console let's write gmail.com what was the password was one two three four five so let's Press login uh we came we successfully logged into the system okay home component successfully but if we write rank password let's appreciate again gmail.com and we write something like one two three four blah blah blah login and what will be the result I think we can solve the result yeah if error press the login no record existed it is okay just the problem is here in the error if the password was not correct so then it should determine this statement to us so let's write something like this okay else paste it here and let's save it now and let's come here back see the password is incorrect okay so let's write it correct gmail.com in the first world is incorrect like in C the password is incorrect right now okay but if I write the correct password I can see we came to the login it we successfully login to the system so it was all about the security by the password purpose and how to Hash the password and how to compute that back and sign up in like uniform was created in the previous video you have a link for that video in the description so I hope this video was helpful for you if you like this video don't forget to subscribe our YouTube channel and also like the video and share with friends thanks for watching

Info

Channel: Code With Yousaf

Views: 6,051

Rating: undefined out of 5

Keywords: authentication, bcrypt, mern stack, bcrypt hash password, crud app with authentication, mern stack tutorial, authentication tutorial, salt and hash passwords with bcrypt, compare password, mern authentication, mern authentication tutorial, mern stack authentication, encrypt and decrypt password in react, password hashing, encrypt password, password hashing bcrypt in nodejs with mongodb, jwt authentication with react node mongodb and express

Id: XOnmDZ9LNDM

Channel Id: undefined

Length: 10min 41sec (641 seconds)

Published: Wed Jun 07 2023