happn-password-hash-and-salt
v1.2.1
Published
Simple, safe and straight-forward password hashing / salting for node.js
Downloads
5,298
Maintainers
Readme
happn-password-hash-and-salt
forked from https://github.com/florianheinemann/password-hash-and-salt.git version 1.1.4
####This module provides straight-forward password hashing for node.js applications using default settings considered to be safe. SHA512 is used by default, also backward compatible with previous versions that used SHA1.
Usage
First, install the module:
$ npm install happn-password-hash-and-salt --save
Afterwards, usage is as simple as shown in the following example:
var password = require('password-hash-and-salt');
var myuser = [];
// Creating hash and salt
password('mysecret').hash(function(error, hash) {
if(error)
throw new Error('Something went wrong!');
// Store hash (incl. algorithm, iterations, and salt)
myuser.hash = hash;
// Verifying a hash
password('hack').verifyAgainst(myuser.hash, function(error, verified) {
if(error)
throw new Error('Something went wrong!');
if(!verified) {
console.log("Don't try! We got you!");
} else {
console.log("The secret is...");
}
});
})
Crypto
password-hash-and-salt uses node.js' internal crypto module. Hashes are generated with pbkdf2 using 10,000 iterations.
Created hash
The created hash is of 270 characters length and is of the following format:
pbkdf2$10000$hash$salt$digest
This allows for future upgrades of the algorithm and/or increased number of iterations in future version. It also simplifies storage as no dedicated database field for the salt is required.
Credits and License
express-sslify is licensed under the MIT license. If you'd like to be informed about new projects follow @TheSumOfAll.
Copyright (c) 2013-2014 Florian Heinemann Modified by S. Bishop