/    Sign up×
Community /Pin to ProfileBookmark

I finally have to ask the question about node.js

Where I am ever seeking to educate myself, as a good Padawan should, I just have to ask the question.

It is my understanding that Node.js is a version of JavaScript for doing server-side programming. Where I have **not** found any information to indicate it can be used in your browser code (believe me I’ve looked), I have to assume that Node.js is to be used for server-side coding ONLY.

On www.npmjs.com there is a [bCrypt package](https://www.npmjs.com/package/bcrypt) for hashing passwords. If Node.js is server-side only how is the password getting to server for hashing? OR is there a way to hash a password at the browser/client with a Node.js package?

_It would be fantastic to get some clarification on when and where I can use Node.js._

On my current project I have used pure, or what some would call vanilla, JavaScript, and have steered completely clear of any framework, so I can get a solid foundation in programming with JavaScript.

Thanks a ‘heap’
Walt

to post a comment
JavaScript

6 Comments(s)

Copy linkTweet thisAlerts:
@sibertJan 21.2023 — > @Programming_Padawan#1650105 If Node.js is server-side only how is the password getting to server for hashing? OR is there a way to hash a password at the browser/client with a Node.js package?

I have no experience with Node, but generally there is some ways to communicate between server and client.

  • 1. From client to server: normal endpoints, javascript fetch() and read/write cookies.

  • 2. From server to client: write to header (pages etc), read and write cookies.


  • And sometimes you may let the database do some stuff (hashing, notifying etc)

    I am just in the beginning of the same journey, but I pretty sure that everything that smells security should be done by the backend (Node or Database). Maybe @NogDog can jump in and confirm (or not) my thoughts :-)
    Copy linkTweet thisAlerts:
    @NogDogJan 21.2023 — > @Programming_Padawan#1650105 I have to assume that Node.js is to be used for server-side coding ONLY

    Yes, you'd use it on your web server in the same way you might use PHP, Python, C#, Ruby, whatever. It has no inherent advantage/disadvantage over those other options (well, I'm sure people have preferences), other than if you know JavaScript in general, then you essentially know the language whether writing for the client or server side.

    > @Programming_Padawan#1650105 is there a way to hash a password at the browser/client with a Node.js package

    Well, my initial answer is: why would you want to? (I.e., I would not want the method I'm using to hash passwords to be visible in the JavaScript code in the browser, nor provide evidence of a (Node.js) server-side endpoint I'm using to do it). But putting that aside for the moment, you could access anything on the server side (whether Node.js or other language) via AJAX-type calls in your JavaScript to server-side API endpoints.
    Copy linkTweet thisAlerts:
    @ChChyeJan 21.2023 — https://www.youtube.com/watch?v=Zl7B3Jc6Fnw
    Copy linkTweet thisAlerts:
    @Programming_PadawanauthorJan 26.2023 — I was under the impression that the purposing of hashing passwords is to hide what the password is in case it gets intercepted between the client and server. Then after it is stored in the DB the hashing protects against someone who might invade the server looking for passwords to rainbow table. What appears to be happening is passwords are being sent in cleat-text across the Internet to the server and then hashed and stored (DB).
    Copy linkTweet thisAlerts:
    @tracknutJan 26.2023 — > @Programming_Padawan#1650231 What appears to be happening is passwords are being sent in cleat-text across the Internet to the server and then hashed and stored (DB).

    If you're sending passwords or other information that requires privacy, the site should use https: so that all communications is encrypted. That's what allows you to do that hashing just on the server.
    Copy linkTweet thisAlerts:
    @Layla043Jan 26.2023 — Node.js is an open-source, cross-platform JavaScript runtime environment and library to run web applications outside the client's browser. It is used to create server-side web applications[.](https://insulin-store.com/)
    ×

    Success!

    Help @Programming_Padawan spread the word by sharing this article on Twitter...

    Tweet This
    Sign in
    Forgot password?
    Sign in with TwitchSign in with GithubCreate Account
    about: ({
    version: 0.1.9 BETA 3.28,
    whats_new: community page,
    up_next: more Davinci•003 tasks,
    coming_soon: events calendar,
    social: @webDeveloperHQ
    });

    legal: ({
    terms: of use,
    privacy: policy
    });
    changelog: (
    version: 0.1.9,
    notes: added community page

    version: 0.1.8,
    notes: added Davinci•003

    version: 0.1.7,
    notes: upvote answers to bounties

    version: 0.1.6,
    notes: article editor refresh
    )...
    recent_tips: (
    tipper: @darkwebsites540,
    tipped: article
    amount: 10 SATS,

    tipper: @Samric24,
    tipped: article
    amount: 1000 SATS,

    tipper: Anonymous,
    tipped: article
    amount: 10 SATS,
    )...