Neanderthals Programming Machines
    Wondering what’s next for npm?Check out our public roadmap! »

    secure-identifier

    1.0.1 • Public • Published

    secure-identifier

    secure identifier for usernames

    NPM version Build Status

    Generates a unique and secure identifier for usernames, login-IDs, public-IDs and accounts by:

    1. Normalizing confusable chars from Unicode Security Mechanisms TR39
    2. Perform case-folding according to 5.18 Case Mappings - Unicode 10.0
    3. Check for allowed symbols in accordance with Unicode Security Mechanisms TR39
    4. Check length of input - default is (min: 2 chars, max: 60 chars)
    5. Check the sanitized string against a list of reserved words
    6. Only if all checks pass, the secured identifier is returned

    This secure identifier shall be stored alongside the username/ loginId to ensure uniqueness amongst the whole set.

    Further reading...

    For the complexity of a valid usernames I recommend Let’s talk about usernames which also inspired me for this project. To read about where to use such identifier check The Tripartite Identity Pattern.

    Usage

    For use in your project:

    npm i -S secure-identifier
    

    Then:

    const {secureIdentifier} = require('secure-identifier')
    
    const username = '\u{1D5A2}\u{1D5C2}\u{1D5CB}\u{1D5BC}\u{1D5C5}\u{1D5BE}'
    //> 𝖢𝗂𝗋𝖼𝗅𝖾 - looks like Circle but isn`t
    const secure = secureIdentifier(username)
    //> secure === 'circle'

    API

    Apart from the simple secureIdentifier you can use Identifier for mor advanced use-cases.

    const {Identifier} = require('secure-identifier')
    
    const username = ' Аᖯ𝗎𝗌е'
    const opts = {minLength: 3, maxLength: 20}
    const ident = new Identifier(username, opts)
      ident.confusables().trim()
        //> 'Abuse'
        .caseFolding()
        //> 'abuse'
    
      ident.status() // get list of offending chars
      //> []
      ident.isReserved() // 'abuse' is in the list of reserved names
      //> true
      ident.isValid()
      //> false
      ident.isMinLength() // check for minLength >= 3
      //> true
      ident.isMaxLength() // check for maxLength <= 20
      //> true
      ident.toString() // get current string
      //> 'abuse'
      ident.valid() // get valid string
      //> undefined

    Please check out ./src/Identifier.js and ./src/IdentifierBase.js for further methods.

    It is also possible to use your own list of reserved words. See ./test/Identifier.spec.js

    License

    MIT licensed

    References

    Reserved-names-lists are from:

    Install

    npm i secure-identifier

    DownloadsWeekly Downloads

    2

    Version

    1.0.1

    License

    MIT

    Unpacked Size

    224 kB

    Total Files

    16

    Last publish

    Collaborators

    • avatar