Join Emmanuel Henri to add the bcrypt hashing algorithm to support securing the password as it's passed to the back end and also validation of the password.
- [Instructor] Okay, so now what we're going to do is … start writing code related to bcrypt. … If you're not familiar with bcrypt, … it's a package that allows you to encrypt … and decrypt data, so like a password. … So what we're going to do first is install bcrypt … and while we're actually installing new packages, … we'll also install jsonwebtoken. … So let's go into NPM I, or you can do install … bcrypt … and then jsonwebtoken. … We'll use jsonwebtoken later on, … but I wanted to install it all on this one pass. … So let's go ahead and hit enter. … Perfect, so everything is installed. … So we can close the terminal for now. … And if you want to check, you can take a look at … the package.json file, and you're going to see … bcrypt installed and jsonwebtoken, so we're ready to go. … So now what we need to do is import bcrypt, … so let's go ahead and import bcrypt … from … bcrypt, like so. … And by the way, when you have a library … that you want to import specific functions or exports …
- Open Web Application Security Project (OWASP)
- Reasons for using a JSON Web Token (JWT)
- Adding bcrypt password hashing
- Adding handlers for registration and login
- Finalizing secured endpoints
- Testing APIs with Postman