Considering that requests are now made via HTTPS, it is time to improve our security with tokens and encryption, for when we store sensitive data on the database.
Improving API security
Using bcrypt to encrypt a password
The next step is to make sure that the user's password will be encrypted when we store it on MongoDB. This process is really easy and only uses a new library, called bcrypt .
bcrypt is available at https://www.npmjs.com/package/bcrypt.
To use bcrypt, install it through npm:
$ npm install --save bcrypt
You also need to install the types:
$ npm install --save @types/bcrypt
Once you have installed bcrypt, as well as its types, change the 02_user.spec.ts file to create a new user on the before step, with...