Basic solution
Let's first solve the problem, and after that improve the solution.
To be able to hash passwords, let's first install the package bcrypt.
Now, going back to the UsersService
, let's create a private method to hash a password
.
The salt
is a collection of random characters that are mixed with the password
before hashing it, making it harder for the original password
to be discovered. This article further dicusses about this topic.
Now, in the create()
method, we can extract the password
from the DTO in order to hash it before saving the user
.
In the update()
method, it's the same thing. We just need to also check if the password
was indeed altered before attempting to hash it.
And we're done, we have password hashing working. Let's now improve the solution.
Commit - Implementing password hashing
Last updated