pg-password-util
Version:
Client-side encoding of PostgreSQL user passwords for use in CREATE USER and ALTER USER
52 lines (51 loc) • 1.79 kB
TypeScript
/// <reference types="node" />
import { Client } from 'pg';
/**
* Encode the password for md5 authentication.
* This should only be used for legacy servers.
*/
export declare function encodeMd5(opts: {
username: string;
password: string;
}): string;
/**
* Encode the password for SCRAM-SHA-256 authentication.
* The iterations and salt are optional.
* If not provided, the defaults will be used that match the defaults for the PostgreSQL server.
*/
export declare function encodeScramSha256(opts: {
password: string;
salt?: Buffer;
iterations?: number;
}): string;
export type PasswordEncryptionType = 'md5' | 'scram-sha-256';
/**
* Encode the password using the specified password encryption mechanism.
* This function takes the username as once of it's options, but it is only used for the md5 mechanism.
* @param opts Encoding options
* @returns the encoded password as an unescaped string literal
*/
export declare function encodePassword(opts: {
username: string;
password: string;
passwordEncryption: PasswordEncryptionType;
}): string;
/**
* Generate SQL for changing a user's password.
* A specific passwordEncryption must be specified.
* @returns a SQL statement that can be executed to update the user's password to the encoded value
*/
export declare function genAlterUserPasswordSql(opts: {
username: string;
password: string;
passwordEncryption: string;
}): string;
/**
* Use the provided DB client to change the user's password.
* If the passwordEncryption is not specified, the database will be queried for the current password_encryption.
*/
export declare function alterUserPassword(client: Client, opts: {
username: string;
password: string;
passwordEncryption?: string | null;
}): Promise<void>;