mongoose-password-plugin
A plugin that attaches a hashed password to a mongoose model using bcrypt
Installation
npm i -S mongoose-password-plugin
Usage
Using this plugin attaches a password field to your model. It's automatically hashed using bcrypt, so you never store the plaintext password in your database.
// user model fileconst passwordPlugin = const mongoose = let userSchema = foo: String userSchema moduleexports = mongoose
// creating a new userconst User = let user = password: 'asdf' user
// checking the user's passwordlet correctPassword = 'asdf'let incorrectPassword = 'not asdf' user user
// changing the user's passworduserpassword = 'a new password' user
Options
You can pass in an optional configuration object as a second argument. Below are all the options available with their default values:
userSchema
passwordField
This indicates what to use as the password field on the model. By default it'll be 'password'
. If for instance you wanted your password field to be called 'pwd'
, you could configure it like this:
userSchema
If you require your password field to be nested inside an object on the model, just specify the path in dot notation.
userSchema
bcryptRounds
This determines how many rounds of hasing bcrypt does to generate the password salt. Default value is 10.
userSchema
Tests
A mongo instance must be running on port 27017 for the tests to run.
npm t