Security News
The Unpaid Backbone of Open Source: Solo Maintainers Face Increasing Security Demands
Solo open source maintainers face burnout and security challenges, with 60% unpaid and 60% considering quitting.
By Sarah Gooding - Sep 20, 2024
@adonisjs/hash
Advanced tools
Password hashing
Module to hash values with support for PHC string format
This module is used by AdonisJs to hash user password with first class support for upgrading logic. A big thanks to the author of uphash, who inspired me to use PHC string format. I would have used uphash directly, but the user facing API is different from what I desire.
Table of contents
Features
- Support for multiple hashing algorithms.
- Option to extend and add your own hashing algorithms.
- Wraps the hash output to a PHC string format, this allows upgrading user passwords, when the underlying configuration changes.
Usage
Install the package from npm registry as follows:
npm i @adonisjs/hash
# yarn
yarn add @adonisjs/hash
and then use it as follows:
import { Hash } from '@adonisjs/hash/build/standalone'
const hash = new Hash({}, config)
const hashedValue = await hash.hash('password')
await hash.verify(hashedValue)
await hash.needsRehash(hashedValue) // false
Using with AdonisJs
The @adonisjs/core module includes this module by default. However, here's how you can set it up manually.
const providers = [
'@adonisjs/hash/build/providers/HashProvider'
]
And then also register the typings file inside tsconfig.json file.
{
"files": ["./node_modules/@adonisjs/hash/build/adonis-typings/hash.d.ts"]
}
And use it as follows:
import Hash from '@ioc:Adonis/Core/Hash'
await Hash.hash('password')
Switching drivers
You can switch drivers using the use method.
await Hash.use('bcrypt').hash('password')
API Docs
Following are the autogenerated files via Typedoc
Maintainers
FAQs
Framework agnostic Password hashing package with support for PHC string format
The npm package @adonisjs/hash receives a total of 21,127 weekly downloads. As such, @adonisjs/hash popularity was classified as popular.
We found that @adonisjs/hash demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Package last updated on 08 Sep 2019
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Understanding License Exceptions: What Developers Need to Know
License exceptions modify the terms of open source licenses, impacting how software can be used, modified, and distributed. Developers should be aware of the legal implications of these exceptions.
By Sarah Gooding - Sep 20, 2024
Security News
Developer Accuses Tencent of Copyright Violation After Python Utility’s License Changed from GPLv3 to BSD
A developer is accusing Tencent of violating the GPL by modifying a Python utility and changing its license to BSD, highlighting the importance of copyleft compliance.
By Sarah Gooding - Sep 18, 2024