Adonis JS - Hashing Password

Question

I have gone through

1. http://adonisjs.com/docs/3.1/database-hooks#_hooks_events
2. http://adonisjs.com/docs/3.1/encryption-and-hashing#_hashing_values
3. https://adonisjs.svbtle.com/basic-authentication-with-adonisjs#using-hash-provider_3
4. https://auth0.com/blog/creating-your-first-app-with-adonisj-and-adding-authentication/

and a few more.

This should be fairly simple, but I don't know why I am not being able to figure it out. I want to use the Authentication tool of Adonis while "signing in". For this I need to Hash passwords before saving. I am stuck here.

View

<h1>Sign up</h1>
{{ form.open({url: '/addNew', action: 'UserController.addNewUser'}) }}

{{ csrfField }}

<div class="field">
{{ form.label('username', 'Choose a username') }}
{{ form.text('username') }}
</div>

<div class="field">
{{ form.label('email', 'Enter email address') }}
{{ form.text('email') }}
</div>

<div class="field">
{{ form.label('password', 'Choose a strong password') }}
{{ form.password('password') }}
</div>

<div class="button">
{{ form.submit('Sign Up') }}
</div>

{{ form.close() }}

Controller: UserController

'use strict'

const Database = use('Database')
const User = use('App/Model/User')
const user = new User()

class UserController {

* index (request, response) {
 const users = yield Database.select('*').from('users')
 response.json(users)
}

* addNewUser (request, response){

 user.name = request.input('username')
 user.email = request.input('email')
 user.password = request.input('password')
 user.entry = "Lorem Ipsum";

//Insert into database
  const userId = yield Database
 .insert({name: user.name, email: user.email, password: user.password, entry: user.entry})
 .into('users')

 response.json(userId)
 }
}
module.exports = UserController

Model: User

'use strict'

const Lucid = use('Lucid')


class User extends Lucid {

static boot () {
   super.boot()
   this.addHook('beforeCreate', 'User.encryptPassword')
  }
}


module.exports = User

Hook: User

'use strict'

const Hash = use('Hash')
const User = exports = module.exports = {}

User.encryptPassword = function * (next) {
  this.password = yield Hash.make(request.input('password'))
  yield next
}

Thanks!

Answer 1

You should be using the Model itself to create the record. Why are using the Database provider for that?

No where in the documentation it says to new up a model and then make a call using database provider. So it should be

Controller

* addNewUser (request, response) {
  const user = new User()
  user.name = request.input('username')
  user.email = request.input('email')
  user.password = request.input('password')
  user.entry = "Lorem Ipsum";
  yield user.save()
  response.json(user.id)
}

Also inside your hook, you do not have access to the request object. I believe you did not bother reading the docs.

Hook

'use strict'

const Hash = use('Hash')
const User = exports = module.exports = {}

User.encryptPassword = function * (next) {
   this.password = yield Hash.make(this.password)
   yield next
}

Check the docs for hooks here http://adonisjs.com/docs/3.1/database-hooks#_basic_example

Hook for Adonis v4 inside model

class User extends Model {
  static boot () {
    super.boot()

    this.addHook('beforeCreate', async (userInstance) => {
      userInstance.password = await Hash.make(userInstance.password)
    })
  }
}

Check the docs for hooks here https://adonisjs.com/docs/4.1/database-hooks#_defining_hooks