bcrypt is a node library to handle password hashing.
npm install bcrypt
Now we can use bcrypt inside our user routes, the register and login routes specifically. We will hash passwords and save them to the database and also use bcrypt to compare a given password to a hash.
var bcrypt = require('bcrypt');
This is the function to create a new password. 10 is the number of salt rounds.
const hash = await bcrypt.hash(req.body.password, 10);
This is the function check if a given password matches a given hash.
const valid = await bcrypt.compare(req.body.password, user.password);