node-password-encrypter

    1.0.0 • Public • Published

    node password encrypter

    Standard - JavaScript Style Guide License: MIT

    Description

    Simple promise-style password (or generic strings) encrypter based on Node.js core module Crypto.

    Install

    $ yarn add node-password-encrypter

    or

    $ npm i --save node-password-encrypter

    Usage

    Encrypt function

    const { encrypt } = require('node-password-encrypter')
     
    // vanilla style
     
    encrypt({ content: 'password' })
      .then(result => {
        console.log(result.salt) // the salt used in encryption
        console.log(result.encryptedContent) // the original content encrypted
      })
      .catch(err => console.log(err)) // errors
     
    // new async/await style (node v7.6.0 or with babel support)
     
    try {
      const result = await encrypt({ content: 'password' })
      console.log(result.salt) // the salt used in encryption
      console.log(result.encryptedContent) // the original content encrypted
    } catch(e) {
      console.log(err)
    }

    The salt is returned as well, because (if it is not provided by the user) it is generated at runtime and you need to store with the encrypted password in order to be able to provide it when you'll need to compare a plain password with an encrypted one (a login scenario).

    Compare function

    const { compare } = require('node-password-encrypter')
     
    // vanilla style
     
    compare(
      { content: 'plainPassord',
        encryptedContent: 'superComplexEncryptedPsw',
        salt: 'saltUsed' // the one used for encrypting that encryptedContent
      })
      .then(result => console.log(result)) // true or false
      .catch(err => console.log(err)) // errors
     
    // new async/await style (node v7.6.0 or with babel support)
     
    try {
      const result = await compare(
      { content: 'plainPassord',
        encryptedContent: 'superComplexEncryptedPsw',
        salt: 'saltUsed'
      })
      console.log(result) // true or false
    } catch(e) {
      console.log(e)
    }
     

    API

    encrypt({ content, salt, iterations, keylen, digest })

    • content: the actual password or generic string to encrypt
    • salt: the salt to use, must be a Buffer. Default to crypto.randomBytes(256)
    • iterations: the number of iteration. Default to 10000
    • keylen: requested byte length of the result. Default to 512
    • digest: digest function to use, refer to crypto.getHashes() for availables digests. Default to sha512

    For more information refer to crypto.pbkdf2

    compare({ content, encryptedContent, salt, iterations, keylen, digest })

    • content: the plain password
    • encryptedContent: the encrypted password to compare
    • same options for encrypt({})

    For reliable results, you have to pass the same config you used for encrypt.

    Development

    • $ yarn install to add the devDependencies (mocha, chai, standard, nyc)
    • $ npm run standard to check code style against Standard.js
    • $ npm run test to launch the test suite
    • $ npm run coverage to check the code coverage through nyc

    License

    Licensed under the MIT License, Copyright © 2017 Giovanni Rodighiero.

    See LICENSE for more information.

    Install

    npm i node-password-encrypter

    DownloadsWeekly Downloads

    40

    Version

    1.0.0

    License

    MIT

    Last publish

    Collaborators

    • giovanni_rodighiero