Created
September 11, 2017 06:21
-
-
Save rts-rob/a00bc571260b158f55bfd3ded80e0db7 to your computer and use it in GitHub Desktop.
Basic psuedocode example of a signup/login flow with salt and hash
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function signup (email, password) { | |
| const salt = uuid(); | |
| const hashedPassword = hash(`${salt}${password}`); | |
| // this stores everything in the DB | |
| createUser(email, salt, hashedPassword); | |
| } | |
| function login (request, response) { | |
| // get the salt - SELECT salt FROM users | |
| // WHERE email = ?, [email] | |
| const salt = retrieveSalt(request.email); | |
| const hashedPassword = hash(`${salt}${request.password}`); | |
| // check the database | |
| // SELECT id FROM users | |
| // WHERE email = ? AND hashedPassword = ?, | |
| // [email, password] | |
| response.end(newJWT(tryLogin(email, hashedPassword))); | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment