i have this line of code,i just want to know if it’s good practice to hash the password with the pre-save middleware like code below.? i mean is there is a securty issue about this or put something in the .env file
UserSchema.pre("save", async function (next) {
try {
const hashedhPassword = await bcrypt.hash(this.password, 10);
this.password = hashedhPassword;
} catch (err: any) {
next(err);
}
});
This looks simple and clean . You don’t need to pull your salt to env . I would prefer pulling salt from a secret store while bootstrapping application .
yeh not the bad approach to hashing the password in pre save just implement some check in the schema and don’t make it too simple for hashing
| Topic | Replies | Views | Activity |
|---|---|---|---|
| How to update subdocuments and parent document | 2 | 611 | May 2024 |
| Schema with trim: true is not working on new entries | 0 | 140 | Aug 2024 |
| Time Series Deletion Taking Longer Than Expected | 0 | 137 | Aug 2024 |
| Connection Fail with Node.js to MongoDB | 7 | 96 | Oct 2024 |
| Need help with error? zsh: parse error near ‘&’ | 1 | 262 | Nov 2024 |