gaspersic/freeCodeCamp
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
9cd57105afc338f2edd4c4e67562141aed41aa29
freeCodeCamp/curriculum/challenges/english/06-information-security-and-quality-assurance/information-security-with-helmetjs/hash-and-compare-passwords-synchronously.english.md
Randell Dawson 9cd57105af fix(curriculum): changed test text to use should for Information Security and Quality Assurance (#37763) 
* fix: changed test text to use should

* fix: corrected typo

Co-Authored-By: Tom <20648924+moT01@users.noreply.github.com>

* fix: corrected typo

Co-Authored-By: Tom <20648924+moT01@users.noreply.github.com>

* fix: remove unnecessary backslash

Co-Authored-By: Tom <20648924+moT01@users.noreply.github.com>

* fix: simplified text

Co-Authored-By: Tom <20648924+moT01@users.noreply.github.com>

* fix: added period

Co-Authored-By: Manish Giri <manish.giri.me@gmail.com>
2019-11-20 09:58:14 -05:00

2.5 KiB
Raw Blame History

id, title, challengeType, forumTopicId
id title challengeType forumTopicId
58a25bcff9fc0f352b528e7e Hash and Compare Passwords Synchronously 2 301579

Description

As a reminder, this project is being built upon the following starter project on Glitch, or cloned from GitHub. Hashing synchronously is just as easy to do but can cause lag if using it server side with a high cost or with hashing done very often. Hashing with this method is as easy as calling 
var hash = bcrypt.hashSync(myPlaintextPassword, saltRounds);

Add this method of hashing to your code and then log the result to the console. Again, the variables used are already defined in the server so you wont need to adjust them. You may notice even though you are hashing the same password as in the async function, the result in the console is different- this is due to the salt being randomly generated each time as seen by the first 22 characters in the third string of the hash. Now to compare a password input with the new sync hash, you would use the compareSync method:

var result = bcrypt.compareSync(myPlaintextPassword, hash);

with the result being a boolean true or false.

Instructions

Add the function in and log the result to the console to see it working. Submit your page when you think you've got it right.

Tests

tests:
  - text: Sync hash should be generated and correctly compared.
    testString: getUserInput => $.get(getUserInput('url')+ '/_api/server.js') .then(data => { assert.match(data, /START_SYNC[^]*hash.*=.*bcrypt.hashSync.*myPlaintextPassword( |),( |)saltRounds[^]*END_SYNC/gi, 'You should call bcrypt.hashSync on myPlaintextPassword with saltRounds'); assert.match(data, /START_SYNC[^]*result.*=.*bcrypt.compareSync.*myPlaintextPassword( |),( |)hash[^]*END_SYNC/gi, 'You should call bcrypt.compareSync on myPlaintextPassword with the hash generated in the last line'); }, xhr => { throw new Error(xhr.statusText); })

Challenge Seed

Solution

/**
  Backend challenges don't need solutions, 
  because they would need to be tested against a full working project. 
  Please check our contributing guidelines to learn more.
*/