This package will generate hash and salt given a password. It also has a function to validate a password input.
npm i @kdcio/password
const { getHashSalt } = require('@kdcio/password');
const register = (password) => {
...
const {hash, salt} = getHashSalt(password);
...
};
Store the hash and salt in your database.
const { isValidPassword } = require('@kdcio/password');
const login = (username, password) => {
...
const {hash, salt} = getFromDatabase(username);
if(isValidPassword(password, hash, salt)) {
console.log("Password is correct");
} else {
console.log("Password is wrong");
}
...
};
Iterations, keylen and digest can be configured by defining environment variables.
- PW_ITERATIONS
- PW_KEYLEN
- PW_DIGEST
See algorithms in NodeJs crypto docs for possible values for digest. More info on the link below.