Performance issue using bcryptjs module in NodeJs

joydeep02780
Participant II

pwdcompare.txt

Dear All,

We have a node.js proxy deployed. Which is using bcrypt module to compare plaintext and hashed password. Just for comparison its taking around 30~40 seconds. Where as when running in local its taking 1 sec. Similar comparison in Java also taking around 1 to 2 seconds. Anyone has faced similar issue? I am using both sync and async method of compare.

What would be the alternative efficient way of doing this?

Any suggestions would be appreciated. Code is attached herewith.

Thanks

Joydeep

Solved Solved
0 5 841
1 ACCEPTED SOLUTION

You can do this in a Java callout using the BouncyCastle provider.

Here's an example that worked for me:

https://github.com/DinoChiesa/ApigeeEdge-Java-Bcrypt-Password-Check

In my onesy-twosy tests, it takes about 370ms to perform one check.

6693-bcrypt-callout-trace.png

View solution in original post

5 REPLIES 5

Not applicable

Can you post example real data for the hash and plaintext? Testing with your code on locally and within Edge on my org returns within 1-6ms. My vars are var plainTextpassword = '11111111111'; var hashedPwd = 'xxxxxxxxxxxxxxxxxxxxx' ;

Use this value -

var plainTextpassword = 'test12';

var hashedPwd = '$2a$12$omb.VDDXHvxuadIZv6A/IexkMkrZBvf0LrQ5O262pckusWIfjE7V6' ;

joydeep02780
Participant II

While running with trireme in local, its taking lot of time. We tried to install jar but its not allowed in cloud version.

Anyone can suggest an option other than using java policy?

You can do this in a Java callout using the BouncyCastle provider.

Here's an example that worked for me:

https://github.com/DinoChiesa/ApigeeEdge-Java-Bcrypt-Password-Check

In my onesy-twosy tests, it takes about 370ms to perform one check.

6693-bcrypt-callout-trace.png

Dear @Dino,

May I request you to give another jar which can hash the text password. And above jar will be used to compare the hashed password with text password.

Thanks in advance!