UNPKG

@expass/node

Version:

A modern and secure password hashing/encription library for node

86 lines (60 loc) 2.74 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
# ExPass for node Save your passwords securely with ExPass. ExPass is a library that allows you to encrypt and compare passwords in a simple and secure way. This library uses the scrypt algorithm to hash the password, and then follow the official [OWASP Password Storage Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html) recommendations to store the password. > **Note:** This software is under revision and may have future changes. ## Features * Use salt + pepper * Use scrypt algorithm _(Against GPU/FPGA/ASIC attacks)_ * Add simetric encryption _(Against data breaches)_ * Use global secret (a.k.a. pepper) for extra security * Customizable values * Easy to use * Modern and secure * Use Promises ## Installation ```bash npm install @expass/node ``` ## Usage ```JavaScript import { ExPass } from '@expass/node'; const SECRET = 'UDxv1fCm4SQ9yMGN1h7cXxhseQ5B3b1J5FhJ26m4'; (async () => { const expass = new ExPass(SECRET); const encoded = await expass.encode('my_password'); // $expass$v=1$fhuNdqUJe0hmYD7uGaAbmg$G2uVgUC0CnXoEy1lxs1BXuNd1sR9MDcP07b5.FxE1fGFMW7dDk_07eSEANZ.j5qX const isValid = await expass.verify('my_password', encoded); // true })(); ``` ## Customize params ```JavaScript import { ExPass } from '@expass/node'; const SECRET = 'UDxv1fCm4SQ9yMGN1h7cXxhseQ5B3b1J5FhJ26m4'; (async () => { const expass = new ExPass(SECRET, { power: 20, saltLength: 32, }); const encoded = await expass.encode('my_password'); })(); ``` ### Options The options are: | Option | Type | Description | Default | | ------ | ---- | ----------- | ------- | | power | number | The power of the scrypt algorithm | 14 | | encodeHashLenght | number | The block size used to encode the password | 64 | | saltLength | number | The length of the salt used in the scrypt algorithm | 16 | | preHashAlgorithm | string | The algorithm used to pre-hash the password | 'sha256' | | postHashAlgorithm | string | The algorithm used to post-hash the password | 'sha256' | | hmacAlgorithm | string | The algorithm used to generate the HMAC | 'sha256' | | keyDerivationPower | number | The power of the scrypt for simetric key derivation | 10 | | cipherAlgorithm | string | The algorithm used to encrypt the password | 'aes-256' | ## Contributing If you want to contribute to this project, you can fork this repository and make a pull request. You can also open an issue if you find a bug or have a suggestion.