๋กœ์ผ“๐Ÿพ
article thumbnail
Published 2020. 12. 14. 20:56
[Node.js] bcrypt๋กœ ๋น„๋ฐ€๋ฒˆํ˜ธ ์•”ํ˜ธํ™” ํ•˜๊ธฐ ...

bcrypt๋ž€?

์›น ํŽ˜์ด์ง€๋ฅผ ๊ตฌํ˜„ํ•  ๋•Œ ๋ณด์•ˆ์€ ๊ฐ€์žฅ ๊ธฐ๋ณธ์ ์œผ๋กœ ์ˆ˜ํ–‰๋˜์–ด์•ผ ํ•  ์š”์†Œ์ž…๋‹ˆ๋‹ค. ๋น„๋ฐ€๋ฒˆํ˜ธ๋ฅผ ํ…์ŠคํŠธ ๊ทธ๋Œ€๋กœ ๋ฐ์ดํ„ฐ ๋ฒ ์ด์Šค์— ์ €์žฅํ•ด ๊ด€๋ฆฌํ•˜๋Š” ๊ฒƒ์€ ํ•ด์ปค์—๊ฒŒ ๋Œ€๋†“๊ณ  ๋ฐ์ดํ„ฐ๋ฅผ ์ฃผ๋Š” ๊ฒƒ๊ณผ ๋‹ค๋ฆ„ ์—†์Šต๋‹ˆ๋‹ค. ์ด๋ฅผ ๋ฐฉ์ง€ํ•˜๊ณ ์ž ๋น„๋ฐ€๋ฒˆํ˜ธ๋ฅผ ์•”ํ˜ธํ™” ํ•˜๋Š” ๊ฒƒ์ด bcrypt ๋ชจ๋“ˆ์ž…๋‹ˆ๋‹ค.

bcrypt๋Š” ๋‹จ๋ฐฉํ–ฅ ํ•ด์‹œ ํ•จ์ˆ˜๋ฅผ ์ด์šฉํ•œ ๋ชจ๋“ˆ๋กœ์จ Salt ๋ผ๋Š” ๊ฐœ๋…์„ ์‚ฌ์šฉํ•ฉ๋‹ˆ๋‹ค. Salt ๋ผ๋Š” ๊ฐ’๊ณผ ํ•ด์‹œ๋œ ๋น„๋ฐ€๋ฒˆํ˜ธ๋ฅผ ํ•ฉ์ณ ๋ฐ์ดํ„ฐ๋ฒ ์ด์Šค์— ์ €์žฅํ•˜๊ฒŒ ๋˜๋Š”๋ฐ ์ด๋ ‡๊ฒŒ ํ•˜๋ฉด, ๋งŒ์•ฝ "1234" ๊ฐ™์€ ๋น„๋ฐ€๋ฒˆํ˜ธ๋ฅผ ํ•ด์‹œํ•จ์ˆ˜์— ๋„ฃ์—ˆ์„๋•Œ ํ•ญ์ƒ ๋‹ค๋ฅธ ๊ฐ’์˜ Salt ๊ฐ’๊ณผ ๋น„๋ฐ€๋ฒˆํ˜ธ๊ฐ€ ํ•ฉ์ณ์„œ ํ•ด์ปค๋“ค์ด ๋น„๋ฐ€๋ฒˆํ˜ธ๋ฅผ ์ฐพ๋Š”๋ฐ ์žˆ์–ด ๋”์šฑ ํž˜๋“ค๊ฒŒ ๋งŒ๋“ญ๋‹ˆ๋‹ค.

 

์‚ฌ์šฉ ๋ฐฉ๋ฒ•

  1. npm i bcrypt๋ฅผ ์ˆ˜ํ–‰ํ•ฉ๋‹ˆ๋‹ค.
  2. const bcrypt = require('bcrypt'); ๋กœ ๋ถˆ๋Ÿฌ์˜ต๋‹ˆ๋‹ค.

์„ค๋ช…

  1. ์ด๋ฏธ์ง€๋Š” async/await๋ฅผ ์‚ฌ์šฉํ•œ bcrypt ๊ตฌ๋ฌธ์ž…๋‹ˆ๋‹ค. ๋‘๋ฒˆ์งธ "12"๋ผ๋Š” ์ธ์ž ๊ฐ’์ด ๋ฐ”๋กœ Salt ์ž…๋‹ˆ๋‹ค. ๋‹ค์Œ๊ณผ ์ˆ˜ํ–‰ํ•˜๋ฉด ํ•ด์‰ฌ๋œ password๊ฐ’์„ ๋ฐ›์„ ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.
router.post('/join',isNotLoggedIn, async(req, res)=>{
    const password_hash = await bcrypt.hash(req.body.password_join, 12);
    var query = `
    INSERT INTO ${process.env.DB_DATABASE}.user_information (
        user_id, 
        user_pw, 
        user_name, 
        user_email) 
    VALUES (
        '${req.body.id_join}', 
        '${password_hash}', 
        '${req.body.name_join}', 
        '${req.body.email_join}'
        );`;
    await dbPool(query);
    res.render('join');
});

  2. ์œ„ ์ด๋ฏธ์ง€์—์„œ hash ๋œ password๋ฅผ ๊ฐ€์ ธ์™€์„œ ํ…์ŠคํŠธ๋กœ ์ž…๋ ฅ๋ฐ›์€ ๋น„๋ฐ€๋ฒˆํ˜ธ์™€ compare๋ฅผ ํ•ฉ๋‹ˆ๋‹ค. ๊ฐ™๋‹ค๋ฉด true, ๋‹ค๋ฅด   ๋ฉด false๋ฅผ ๋ฐ˜ํ™˜ํ•ฉ๋‹ˆ๋‹ค.

 

const localStrategy = require("passport-local").Strategy;
const dbPool = require('../config/config.js') //DB ์—ฐ๊ฒฐ
const bcrypt = require('bcrypt');

module.exports = passport => {
    passport.use(
        new localStrategy({
                usernameField: "email", // ์—ฌ๊ธฐ์„œ id,pw์˜ ๊ฐ’์€ index.html์˜ form์—์„œ ํ•ด๋‹นํ•˜๋Š” name๊ฐ’์ด์—ฌ์•ผ ํ•ฉ๋‹ˆ๋‹ค.  
                passwordField: "password"
            },
            async(email, password, done) => { // id, pw๋Š” ์œ„์—์„œ ๋ฐ›์€ ๊ฐ’ ์ž…๋‹ˆ๋‹ค.
                try {
                    const user = await dbPool(`SELECT * FROM ${process.env.DB_DATABASE}.user_information WHERE user_id ='${email}'`);
                    const password_key = await bcrypt.compare(password, user[0].user_pw); 
                    console.log(password_key);
                    console.log(user[0]);

                    if(user){
                        if (email === user[0].user_id && password_key === true) { // id,pw๋ฅผ ์‚ฌ์šฉํ•˜์—ฌ db์—์„œ ์‚ฌ์šฉ์ž๋ฅผ ์กฐํšŒํ•˜๋Š” ๋กœ์ง์ด ๋“ค์–ด๊ฐ€์•ผ ํ•ฉ๋‹ˆ๋‹ค.
                            console.log("localStrategy์—์„œ id,pw ์กฐํšŒ ์„ฑ๊ณต");
                            done(null, user[0]); 
                        }else{
                            console.log("๋น„๋ฐ€๋ฒˆํ˜ธ๊ฐ€ ์ผ์น˜ํ•˜์ง€ ์•Š์Šต๋‹ˆ๋‹ค.");
                            done(null, false, {message : '๋น„๋ฐ€๋ฒˆํ˜ธ๊ฐ€ ์ผ์น˜ํ•˜์ง€ ์•Š์Šต๋‹ˆ๋‹ค.'});
                        }
                    }else{
                        console.log("๊ฐ€์ž…๋˜์ง€ ์•Š์€ ํšŒ์›์ž…๋‹ˆ๋‹ค.");
                        done(null, false, {message:'๊ฐ€์ž…๋˜์ง€ ์•Š์€ ํšŒ์›์ž…๋‹ˆ๋‹ค.'});
                    }
                   
                } catch (error) {
                    console.log(error);
                    done(null, false, {message:'๊ฐ€์ž…๋˜์ง€ ์•Š์€ ํšŒ์›์ž…๋‹ˆ๋‹ค.'});
                }
            }
        )
    );
};

'...' ์นดํ…Œ๊ณ ๋ฆฌ์˜ ๋‹ค๋ฅธ ๊ธ€

[JS] ํ”„๋กœํ† ํƒ€์ž… ์ดํ•ดํ•˜๊ธฐ with ํ”„๋กœํ† ํƒ€์ž… ์ฒด์ธ  (2) 2020.12.17
[DB] ์ •ํ˜•, ๋ฐ˜์ •ํ˜•, ๋น„์ •ํ˜• ๋ฐ์ดํ„ฐ  (1) 2020.12.16
[DB] ๋ฐ์ดํ„ฐ๋ฒ ์ด์Šค์˜ ๊ธฐ๋ณธ ๊ฐœ๋…  (1) 2020.12.16
[JS] ๋‚˜๋งŒ์˜ ์ฒ ํ•™์ด ๋‹ด๊ธด ์ฝ”๋“œ๋ž€??  (2) 2020.12.16
[Node.js] Express-generator ์‚ฌ์šฉํ•˜์—ฌ ๊ฐœ๋ฐœํ™˜๊ฒฝ ๋งŒ๋“ค๊ธฐ  (0) 2020.12.14
profile on loading

Loading...

๊ฒ€์ƒ‰ ํƒœ๊ทธ

Kubernetes
AWS EC2
mtls
K8s
๋งˆ์ด๋ฐ”ํ‹ฐ์Šค
EKS
github action
nodejs
ApplicationContext
Route53
Java
IOC
mybatis
์ž๋ฐ”์Šคํฌ๋ฆฝํŠธ
Karpenter
Action Cache
WebApplicationContext
Action Runner Controller
Cert Manager
์„œ๋ธ”๋ฆฟ
Di
์„œ๋ธ”๋ฆฟ ์ปจํ…Œ์ด๋„ˆ
EC2
AWS
session ์ฟ ํ‚ค
kubeadm
load balancer
istio
terraform
node.js

ํ‹ฐ์Šคํ† ๋ฆฌํˆด๋ฐ”