Indeed. But you can solve this easily:
Store the hashed password by using lifecycles
const bcrypt = require('bcryptjs');
module.exports = {
lifecycles: {
/**
* Triggered before entry creation.
*/
async beforeCreate(data) {
data.passwordField = bcrypt.hash(data.passwordField,10);
},
/**
* Triggered before entry update.
*/
async beforeUpdate(params,data) {
data.passwordField = bcrypt.hash(data.passwordField,10);
},
},
};
Note: encryption != hashing
Hashing is a one-way action and is used to hash sensitive data that you never gonna decrypt. If you hash data then you only can compare if new data is equal. It is mostly used for passwords.
Encryption is used to encrypt sensitive data that you want to decrypt in the future, for example, it can be used to store API tokens of third-party services in DB, if you don’t want to keep them as plain text for security reasons. Encrypted data usually offers the possibility to decrypt it. If you want to be able to encrypt/decrypt data then take a look at the node’s built-in module: crypto.