Password hashing in Drizzle schema

Hi everyone, I'm looking at ways to hash the password in the "user" table and define them in the Drizzle ORM schema defining a Vercel Postgres database. I have not been able to find documentation on the topic. Could anyone kindly provide some guidance? Any help would be greatly appreciated. Thanks in advance!
6 Replies
Mark
Mark11mo ago
Do you want to hash the password and then insert it into the db? or hash the password that is already in the db?
nr7751
nr7751OP11mo ago
Hi @Mark. Thanks for your reply. I would like to follow best practices. From what I can gather, the flow is: 1) you generate the salt, 2) combine it with the password, 3) hash password + salt. I would like to get guidance on this flow using Drizzle ORM. Again, thanks for your help! So, in summary, Option 1, " hash the password and then insert it into the db"
Mark
Mark11mo ago
Many of the nextjs projects with any sort of functional login modules have the feature built in but it boils down to: * Get a crypto module (not crypto as in that one currency thing) but something like crypto-ts. * Use the modules to generate hashes use the hashed password in the db. * Use crypto's built in function to verify the password is correct upon logins.
Mark
Mark11mo ago
take a look at this. https://github.com/vercel/nextjs-postgres-auth-starter/blob/main/app/auth.ts ^ postgresql next auth example, specifically how it handles checking if the user password is correct or not.
GitHub
nextjs-postgres-auth-starter/app/auth.ts at main · vercel/nextjs-po...
Next.js + Tailwind + Typescript + Drizzle + NextAuth + PostgreSQL starter template. - vercel/nextjs-postgres-auth-starter
nr7751
nr7751OP11mo ago
@Mark , Thanks a bunch. Will look into it. Cheers!
Mark
Mark11mo ago
Happy to help 👍
Want results from more Discord servers?
Add your server