@foal/core
Version:
Full-featured Node.js framework, with no complexity
32 lines (31 loc) • 1.25 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
exports.PASSWORD_ITERATIONS = void 0;
exports.hashPassword = hashPassword;
const crypto_1 = require("crypto");
const util_1 = require("util");
exports.PASSWORD_ITERATIONS = 310000;
/**
* Hash a password using the PBKDF2 algorithm.
*
* Configured to use PBKDF2 + HMAC + SHA256.
* The result is a 64 byte binary string.
*
* The random salt is 16 bytes long.
* The number of iterations is 310000.
* The length key is 32 bytes long.
*
* @export
* @param {string} plainTextPassword - The password to hash.
* @returns {Promise<string>} The derived key with the algorithm name, the number of iterations and the salt.
*/
async function hashPassword(plainTextPassword) {
const saltBuffer = await (0, util_1.promisify)(crypto_1.randomBytes)(16);
const iterations = exports.PASSWORD_ITERATIONS;
const keylen = 32;
const digest = 'sha256';
const derivedKeyBuffer = await (0, util_1.promisify)(crypto_1.pbkdf2)(plainTextPassword, saltBuffer, iterations, keylen, digest);
const salt = saltBuffer.toString('base64');
const derivedKey = derivedKeyBuffer.toString('base64');
return `pbkdf2_${digest}$${iterations}$${salt}$${derivedKey}`;
}