In my project the user will provide an API key and I want to compare it to one's in the database. The only thing the server will have is the plain text key being provided in the request headers.
In bcrypt I want to find this key in the database to validate it. The only issue is that the values in the database are hashed and salted. bcrypt.compare() could work, but only if I had something like the user's email to specifically find one document in the database which I could compare the key to.
Is cycling through each document and comparing the keys my only option, or is there a more efficient method?
