Step 10

Import the hashPassword function to the UserDao.js:

const { hashPassword } = require("../util/hashing");

Next, update the UserDao.create function:

  async create({ username, password, role }) {
    if (username === undefined || username === "") {
      throw new ApiError(400, "Every user must have a username!");
    }

    if (password === undefined || password === "") {
      throw new ApiError(400, "Every user must have a password!");
    }

    if (role !== "ADMIN" && role !== "CLIENT") {
      throw new ApiError(400, "Every user must have a valid role!");
    }

+   const hash = await hashPassword(password);

-   const user = await User.create({ username, password, role });
+   const user = await User.create({ username, password: hash, role });
    return user;
  }

Save the file and try to register a user again!

Notice the password stored in the database is not the password the user provided during registration!

CS280 Homepage

Step 10