Node-red-contrib-bcrypt - Password hashing

It's well-established that running the command-line password hash utility will give a different hash each time; eg,

https://discourse.nodered.org/t/hashing-password

But the node-red-contrib-bcrypt node seems to give the same hash each time:

image1372×715 68.2 KB

(From the example provided at node-red-contrib-bcrypt (node) - Node-RED)

Is this expected?

That is a known issue with that node:

You should add to the existing GitHub issue. However the node hasn’t been updated in three years so it may be abandoned.

Hi Paul,
Yes indeed the genSaltSync (see here) should be called - in this particular use case - for every input message...

Thanks, @BartButenaers & @zenofmud.

There is a solution proposed in that GitHub issue - how would I apply that to what's installed in my Node-RED (on Raspberry Pi) ?

You could edit the code and make the change. On the Pi, do a

cd $HOME/.node-red/node_modules/node-red-contib-bcrypt/bcrypt

you could then use nano, or vi or another editor to edit the bcrypt.js file. Make the change and save it, then stop and restart NR and see if it fixed the issue.

or try installing directly from the Github branch of the person that forked the original node and did the patch.
not the cleanest way .. unless someone contacts them again to release a new node

from .node-red folder

npm install martenjacobs/node-red-contrib-bcrypt#patch-1

Source of the list of commands

Actually, the author has just done an update - v0.1.3 does now give a different hash each time:

image856×593 40.5 KB

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.