Hash a password with bcrypt

This example shows you how to use bcrypt to convert a password field into unreadable strings of characters.

Requirements

  • An admin backend running on forest-express-sequelize

  • bcrypt npm package

How it works

Directory: /models

This directory contains the users.js file where the model is declared.

In this example, we're using a custom setter for the password attribute of the users models.

/models/users.js
const bcrypt = require('bcrypt');

module.exports = (sequelize, DataTypes) => {
  const { Sequelize } = sequelize;

  const Users = sequelize.define('users', {
    email: {
      type: DataTypes.STRING,
    },
    password: {
      type: DataTypes.STRING,
      allowNull: true,
      // Storing passwords in plaintext in the database is terrible.
      // Hashing the value with an appropriate cryptographic hash function is better.
      set(value) {
        const hash = bcrypt.hashSync(value, 10);
        this.setDataValue('password', hash);
      },
    },
  }, {
    tableName: 'users',
    timestamps: false,
    schema: process.env.DATABASE_SCHEMA,
  });

Last updated

Was this helpful?