UNPKG

@foal/core

Version:

Full-featured Node.js framework, with no complexity

32 lines (31 loc) 1.25 kB
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.PASSWORD_ITERATIONS = void 0; exports.hashPassword = hashPassword; const crypto_1 = require("crypto"); const util_1 = require("util"); exports.PASSWORD_ITERATIONS = 310000; /** * Hash a password using the PBKDF2 algorithm. * * Configured to use PBKDF2 + HMAC + SHA256. * The result is a 64 byte binary string. * * The random salt is 16 bytes long. * The number of iterations is 310000. * The length key is 32 bytes long. * * @export * @param {string} plainTextPassword - The password to hash. * @returns {Promise<string>} The derived key with the algorithm name, the number of iterations and the salt. */ async function hashPassword(plainTextPassword) { const saltBuffer = await (0, util_1.promisify)(crypto_1.randomBytes)(16); const iterations = exports.PASSWORD_ITERATIONS; const keylen = 32; const digest = 'sha256'; const derivedKeyBuffer = await (0, util_1.promisify)(crypto_1.pbkdf2)(plainTextPassword, saltBuffer, iterations, keylen, digest); const salt = saltBuffer.toString('base64'); const derivedKey = derivedKeyBuffer.toString('base64'); return `pbkdf2_${digest}$${iterations}$${salt}$${derivedKey}`; }