Information Security with HelmetJS - Hash and Compare Passwords Synchronously

As a reminder, this project is being built upon the following starter project on Glitch, or cloned from GitHub.

Hashing synchronously is just as easy to do but can cause lag if using it server side with a high cost or with hashing done very often. Hashing with this method is as easy as calling var hash = bcrypt.hashSync(myPlaintextPassword, saltRounds);


Add this method of hashing to your code and then log the result to the console. Again, the variables used are already defined in the server so you wont need to adjust them. You may notice even though you are hashing the same password as in the async function, the result in the console is different- this is due to the salt being randomly generated each time as seen by the first 22 characters in the third string of the hash.

Now to compare a password input with the new sync hash, you would use the compareSync method: var result = bcrypt.compareSync(myPlaintextPassword, hash); with the result being a boolean true or false. Add this function in and log to the console the result to see it working.

Submit your page when you think you've got it right. If you ran into errors during these challenges you can take a look at the example completed code here.

Get a hint