Helper for encrypting and generating password using crypto in node.js. The encryption is made using cryptos pbkdf2 method. Salt, iterations and digest is automatically added to the password hash so no need to save anything but the returned hash.
Install via NPM using command:
$ npm install --save crypto-password-helper
The hash is always returned via a promise as a string (URL-safe). Two simple methods are available from the password helper, usage below:
var password = require('crypto-password-helper');
// Using default configuration
password.encrypt(plainPassword).then(hash => { // using default settings
console.log(hash); // save hash to user/database
}).catch(err => { throw err; }); // handle internal server error. (crypto error)
// Using your own configuration
password.encrypt(plainPassword, config).then(hash => { // using your own configuration
console.log(hash);
}).catch(err => { throw err; }); // handle internal server error. (crypto error)
// Generate password-hash synchronous. (with options) - throws on error
let hash = password.encryptSync(plainPassword, options);
// Generate password-hash synchronous. (without options) - throws on error
let hash = password.encryptSync(plainPassword);
// Check if password match
password.compare(plainPassword, hashedPassword).then(isMatch => {
if(isMatch) { // isMatch is true if the plainPassword matches the hashedPassword, otherwise false.
login();
} else {
unauthorized();
}
}).catch(err => { throw err; }); // Handle internal server error. (crypto error)
// Compare synchronous. (Throws on error)
let isMatch = password.compareSync(plainPassword, hashedPassword);
There are four values that are configurable. See below for default configuration. All settings are adjustable.
let defaults = {
// Number of iterations (higher number -> more secure but takes longer time to complete.)
iterations: 612484,
// Number of bytes for the password hash.
hashSize: 32,
// Number of bytes for the password salt.
saltSize: 16,
// The digest used to hash the password. See list of digests for crypto.
digest: 'sha512'
}
Pull requests and stars are always welcome. For bugs and feature requests, please create an issue.
MIT © Tommy Dronkers