Learn about our RFC process, Open RFC meetings & more.Join in the discussion! »

node-password-encrypter

1.0.0 • Public • Published

node password encrypter

Standard - JavaScript Style Guide License: MIT

Description

Simple promise-style password (or generic strings) encrypter based on Node.js core module Crypto.

Install

$ yarn add node-password-encrypter

or

$ npm i --save node-password-encrypter

Usage

Encrypt function

const { encrypt } = require('node-password-encrypter')
 
// vanilla style
 
encrypt({ content: 'password' })
  .then(result => {
    console.log(result.salt) // the salt used in encryption
    console.log(result.encryptedContent) // the original content encrypted
  })
  .catch(err => console.log(err)) // errors
 
// new async/await style (node v7.6.0 or with babel support)
 
try {
  const result = await encrypt({ content: 'password' })
  console.log(result.salt) // the salt used in encryption
  console.log(result.encryptedContent) // the original content encrypted
} catch(e) {
  console.log(err)
}

The salt is returned as well, because (if it is not provided by the user) it is generated at runtime and you need to store with the encrypted password in order to be able to provide it when you'll need to compare a plain password with an encrypted one (a login scenario).

Compare function

const { compare } = require('node-password-encrypter')
 
// vanilla style
 
compare(
  { content: 'plainPassord',
    encryptedContent: 'superComplexEncryptedPsw',
    salt: 'saltUsed' // the one used for encrypting that encryptedContent
  })
  .then(result => console.log(result)) // true or false
  .catch(err => console.log(err)) // errors
 
// new async/await style (node v7.6.0 or with babel support)
 
try {
  const result = await compare(
  { content: 'plainPassord',
    encryptedContent: 'superComplexEncryptedPsw',
    salt: 'saltUsed'
  })
  console.log(result) // true or false
} catch(e) {
  console.log(e)
}
 

API

encrypt({ content, salt, iterations, keylen, digest })

  • content: the actual password or generic string to encrypt
  • salt: the salt to use, must be a Buffer. Default to crypto.randomBytes(256)
  • iterations: the number of iteration. Default to 10000
  • keylen: requested byte length of the result. Default to 512
  • digest: digest function to use, refer to crypto.getHashes() for availables digests. Default to sha512

For more information refer to crypto.pbkdf2

compare({ content, encryptedContent, salt, iterations, keylen, digest })

  • content: the plain password
  • encryptedContent: the encrypted password to compare
  • same options for encrypt({})

For reliable results, you have to pass the same config you used for encrypt.

Development

  • $ yarn install to add the devDependencies (mocha, chai, standard, nyc)
  • $ npm run standard to check code style against Standard.js
  • $ npm run test to launch the test suite
  • $ npm run coverage to check the code coverage through nyc

License

Licensed under the MIT License, Copyright © 2017 Giovanni Rodighiero.

See LICENSE for more information.

Install

npm i node-password-encrypter

DownloadsWeekly Downloads

40

Version

1.0.0

License

MIT

Last publish

Collaborators

  • avatar