@sapphirejs/hash
v0.0.14
Published
Hashing Package for Sapphire Framework
Downloads
6
Readme
Hash
Generates and compares hashes using bcrypt or argon2. It serves as a simple interface to those 2 libraries for easy of use and configuration internally in Sapphire Framework.
Usage
$ npm install --save @sapphirejs/hash
The main Hash
class takes an algorithm as a parameter, either Algorithm.Bcrypt
or Algorithm.Argon2
.
To generate a hash:
const { Hash, Algorithm } = require('@sapphirejs/hash')
const hasher = new Hash(new Algorithm.Bcrypt())
const hash = await hasher.generate('sTr0nG_pA55')
To compare a plaintext password against a hash:
if (await hasher.compare('some_pass', hash)) {
// you got in!
}
Both generate
and compare
return a Promise, and when used with await
, need to be called in an async
function which was omitted in the examples for brevity.
Configuration
Bcrypt takes a single rounds
option that configures the number of rounds the module will go through to hash the password. The higher the value, the stronger the hash but the more expensive to compute. By default it's set to 12
rounds, which is a good start.
new Hash(new Algorithm.Bcrypt({ rounds: 14 }))
Argon2 has more flexibility in terms of configuration. Below are the options it takes and their default values:
new Hash(new Algorithm.Argon2({
timeCost: 3,
memoryCost: 12,
parallelism: 1
}))
Custom Algorithms
If you need to extend the provided algorithms with another third-party one, you can achieve it with a simple class that implements the generate
and compare
methods. Both of them should return promises. An example:
class AwesomeAlgorithm {
generate(plain) {
// return the hash
}
compare(plain, hash) {
// compare and return true|false
}
}