为什么密码要MD5加密
md5就是为了防止人偷窥,而当密码很短的时候,利用暴力搜索也比较容易搜索到,只有密码强度足够的情况下才有意义,你想转换也就没那么容易了。md5类hash算法的设计初衷就是单向,即不可逆。
废话不多说,直接贴代码:
1、在跟目录下面新增utils/cryp.js 封装一个密码加密文件:
const crypto = require('crypto')
// 密匙
const SECRET_KEY = 'WJiol_8776#'
// md5 加密
function md5(content) {
let md5 = crypto.createHash('md5')
return md5.update(content).digest('hex')
}
// 加密函数
function genPassword(password) {
const str = `password=${password}&key=${SECRET_KEY}`
return md5(str)
}
module.exports = {
genPassword
}
2、在routes/users.js文件中加入注册路由
const router = require('koa-router')()
const { register, userNameFilter } = require('../controller/users')
const { SuccessModel, ErrorModel } = require('../model/resModel')
router.prefix('/api/users')
router.post('/register', async function (ctx, next) {
const { username, password } = ctx.request.body
if(!username || !password){
ctx.body = new ErrorModel('用户名或者密码不能为空')
return
}
const row = await userNameFilter(username)
if (row) {
ctx.body = new ErrorModel('用户名已存在')
return
}
const data = await register(username, password)
if (data.id) {
ctx.body = new SuccessModel(data)
return
}
ctx.body = new ErrorModel('注册失败,请检查用户名或密码')
})
module.exports = router
3、新增控制器controller/users.js
const { exec } = require('../db/mysql')
const { genPassword } = require('../utils/cryp')
const register = async (username, password) => {
// 生成加密密码
username = username
password = genPassword(password)
const sql = `
INSERT INTO users (username, password) VALUES ('${username}', '${password}')
`
const insertData = await exec(sql)
console.log(`insertData: ${insertData}`)
return {
id: insertData.insertId
}
}
const userNameFilter = async (username) => {
const sql = `
select id, username from users where username='${username}'
`
const row = await exec(sql)
return row[0] || ''
}
module.exports = {
register,
userNameFilter,
}
下面执行一下接口: