npm
Sign UpSign In

rcn-hash.js

1.1.1 • Public • Published

rcn-hash.js is a node.js library to simplify use of hashed passwords.

Storing passwords in plain-text is bad. This library makes the storing of passwords (and subsequent validation of) hashed passwords a bit easier.

rcn-hash.js provides functions for generating a hashed passwords and verifying a plain-text password against a hashed password. For a bit of added strength, a random salt is generated when the password is hashed. The hashed password contains both the cryptographic algorithm that was used as well the salt, so all that is needed to verify a plain-text password is the hashed password itself.

Installation

npm i rcn-hash.js

Usage

generate(password, [options])

Generates a hash of the required password argument. Hashing behavior can be modified with the optional options object:

  • algorithm - A valid cryptographic algorithm for use with the crypto.createHmac function, defaults to 'sha1'.
  • saltLength - The length of the salt that will be generated when the password is hashed, defaults to 8.
  • iterations - The number of times the hashing algorithm should be applied, defaults to 1.

Errors are thrown if:

  • password is not a string
  • options.algorithm is specified but not a valid cryptographic algorithm
  • options.saltLength is specified but not a positive integer

The hashed password will be in the format algorithm$salt$hash.

Example:

    let passwordHash = require('rcn-hash.js');

    let hashedPassword = passwordHash.generate('password123');

    console.log(hashedPassword); // sha1$bd591359$1$6ec54980945aac5d0324210a80a2727b9bad63c1

verify(password, hashedPassword)

Compares a plain-text password (password) to a hashed password (hashedPassword) and returns a boolean. Both arguments are required.

Example:

    let passwordHash = require('rcn-hash.js');

    let hashedPassword = 'sha1$bd591359$1$6ec54980945aac5d0324210a80a2727b9bad63c1';
    
    console.log(passwordHash.verify('password123', hashedPassword)); // true
    console.log(passwordHash.verify('Password0', hashedPassword)); // false

isHashed(password)

Check if a password (password) is hashed. Returns a boolean.

Example:

    let passwordHash = require('rcn-hash.js');

    let hashedPassword = 'sha1$bd591359$1$6ec54980945aac5d0324210a80a2727b9bad63c1';
    
    console.log(passwordHash.isHashed('password123')); // false
    console.log(passwordHash.isHashed(hashedPassword)); // true

Readme

Keywords

Package Sidebar

Install

npm i rcn-hash.js

Repository

github.com/davidwood/node-password-hash

Homepage

github.com/davidwood/node-password-hash#readme

Weekly Downloads

0

Version

1.1.1

License

ISC

Unpacked Size

12.5 kB

Total Files

9

Last publish

Collaborators

  • oriappelbaum
Try on RunKit
Report malware