argon2-pass1.0.1 • Public • Published
SecurePass (argon2-pass) is a module for the creation of hashes from passwords, allowing you to store passwords securely. The module also provides a facility for the generation and verification of one time authentication tokens for use in your own password reset flows. This module is a wrapper for libsodium's implementation of the Argon2ID password hashing algorithm and Poly1305.
- Uses the state of the art, secure modern password hashing algorithm Argon2ID.
- Uses Buffer's for safer memory management.
- Uses static functions for basic operations, so you don't have to create a new instance every time.
- asynchronous functions are defined to work with async/await, promises and callbacks. Synchronous versions are also available just in-case you don't want your hashing and verification to be asynchronous.
- Allows for generation of one time use authentication tokens to be used in your own password reset flow.
- Easily configurable work factors, allowing you to increase the security of your hashes over time.
- Three default difficulty configurations for password hashing, as defined in libsodium's implementation. Allowing you to configure your security level based on some recommended predefined values.
- Simple rehashing of passwords you are already storing. Allowing you to improve the security of your hashes over time.
- The module is written in typescript and ships with a type definition file by default.
Install argon2-pass using
yarn add argon2-pass
npm install argon2-pass
Basic Usage Information:
;// Call the async function defined above to run the example.main;
This package is configured with jest tests, these tests ensure that the module is working correctly and as specified as well as generating code coverage reports to ensure every line of code is covered by a unit test.
To run the jest tests manualy run the test script defined in package.json:
This module also has the following automated testing:
- CI Builds on Travis.
- Code Coverage Reports on CodeCov.
- Dependency Update Checks on david-dm.
- Dependency Vulnerabilities Checks on snyk.
- Automated Code Review and Quality Report on codacy.
- Special thanks to the creators of libsodium and sodium-native both of which are used extensively in this package, and without which the creation of this module wouldn't have been possible.
Licensed under MIT.
Copyright (C) 2018 DrBarnabus