Nourished Personal Mucus
    Share your code. npm Orgs help your team discover, share, and reuse code. Create a free org »

    passport-local-authenticatepublic

    Passport-Local-Authenticate

    Encapsulates methods used to hash and verify user credentials for use in a passport-local strategy. This simplifies building username and password login with Passport.

    Build Status Coverage Status

    Installation

    $ npm install passport-local-authenticate --save
    

    Usage

    var auth = require('passport-local-authenticate');
    
    auth.hash('password', function(err, hashed) {
      console.log(hashed.hash); // Hashed password
      console.log(hashed.salt); // Salt
    });
    
    auth.hash('password', function(err, hashed) {
      auth.verify('password', hashed, function(err, verified) {
        console.log(verified); // True, passwords match
      ));
    });
    
    auth.hash('password', function(err, hashed) {
      auth.verify('password2', hashed, function(err, verified) {
        console.log(verified); // False, passwords don't match
      ));
    });
    

    Attention options.digestAlgorithm is set to 'SHA1' which is not considered too safe but was chosen for backward compatibility. Future versions (major) will use some 'SHA-256' digest algorithm!

    Options

    Attention! Changing any of the hashing options (saltlen, iterations or keylen) in a production environment will prevent that existing users to authenticate!

    • saltlen: specifies the salt length in bytes. Default: 32
    • iterations: specifies the number of iterations used in pbkdf2 hashing algorithm. Default: 25000
    • keylen: specifies the length in byte of the generated key. Default: 512
    • encoding: specifies the encoding the generated salt and hash will be stored in. Defaults to 'hex'.
    • digestAlgorithm: digest algorith to use in pbkdf2. Valid values can be retrieved using crypto.getHashes(). A popular choices is 'sha256' or 'sha512'. Attention Only working in node.js versions greater 0.10. And in case your sitting on a 0.10 project consider an upgrade. Really!

    Hash Algorithm

    Passport-Local-Authenticate uses the pbkdf2 algorithm of the node crypto library. Pbkdf2 was chosen because platform independent (in contrary to bcrypt). For every user a generated salt value is saved to make rainbow table attacks even harder.

    License

    Passport-Local-Authenticate is licenses under the MIT license.

    install

    npm i passport-local-authenticate

    Downloadsweekly downloads

    106

    version

    1.2.0

    license

    MIT

    repository

    githubgithub

    last publish

    collaborators

    • avatar