bcrypt-ts - npm Package Compare versions

bcrypt-ts

Package Overview

Dependencies

Maintainers

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

Comparing version 2.2.0 to 2.2.1

LICENSE

package.json

		{
		"name": "bcrypt-ts",
		"version": "2.2.0",
		"version": "2.2.1",
		"description": "bcrypt written in typescript",
		@@ -18,2 +18,3 @@ "keywords": [
		".": {
		"types": "./dist/node.d.mts",
		"browser": "./dist/browser.mjs",
		@@ -26,2 +27,3 @@ "node": "./dist/node.mjs",
		"./browser": {
		"types": "./dist/browser.d.mts",
		"import": "./dist/browser.mjs",
		@@ -32,2 +34,3 @@ "require": "./dist/browser.cjs",
		"./node": {
		"types": "./dist/node.d.mts",
		"import": "./dist/node.mjs",
		@@ -45,13 +48,13 @@ "require": "./dist/node.cjs",
		],
		"packageManager": "pnpm@7.9.5",
		"packageManager": "pnpm@7.14.0",
		"devDependencies": {
		"@rollup/plugin-alias": "3.1.9",
		"@rollup/plugin-replace": "4.0.0",
		"@rollup/plugin-typescript": "8.3.4",
		"@types/node": "18.7.11",
		"@typescript-eslint/eslint-plugin": "5.34.0",
		"@typescript-eslint/parser": "5.34.0",
		"@vitest/coverage-c8": "0.22.1",
		"@rollup/plugin-alias": "4.0.2",
		"@rollup/plugin-replace": "5.0.1",
		"@rollup/plugin-typescript": "9.0.2",
		"@types/node": "18.11.8",
		"@typescript-eslint/eslint-plugin": "5.42.0",
		"@typescript-eslint/parser": "5.42.0",
		"@vitest/coverage-c8": "0.24.4",
		"c8": "7.12.0",
		"eslint": "8.22.0",
		"eslint": "8.26.0",
		"eslint-config-prettier": "8.5.0",
		@@ -61,9 +64,9 @@ "eslint-plugin-prettier": "4.2.1",
		"rimraf": "3.0.2",
		"rollup": "2.78.1",
		"rollup-plugin-dts": "4.2.2",
		"rollup": "3.2.5",
		"rollup-plugin-dts": "5.0.0",
		"rollup-plugin-terser": "7.0.2",
		"tslib": "2.4.0",
		"typescript": "4.8.2",
		"vite": "3.0.9",
		"vitest": "0.22.1"
		"tslib": "2.4.1",
		"typescript": "4.8.4",
		"vite": "3.2.2",
		"vitest": "0.24.4"
		},
		@@ -70,0 +73,0 @@ "scripts": {

209

README.md

		@@ -1,5 +0,208 @@
		# bycrypt-ts
		# bcrypt-ts

		A typescript version of [bcrypt.js](https://github.com/dcodeIO/bcrypt.js).
		Optimized bcrypt written in typescript. Working in both Node.js and browser.

		Provides ES modules and declaration files.
		> Heavily inspired by [bcrypt.js](https://github.com/dcodeIO/bcrypt.js).

		## Security considerations

		Besides incorporating a salt to protect against rainbow table attacks, bcrypt is an adaptive function: over time, the
		iteration count can be increased to make it slower, so it remains resistant to brute-force search attacks even with
		increasing computation power. ([see](http://en.wikipedia.org/wiki/Bcrypt))

		While bcrypt-ts is compatible to the C++ bcrypt binding, it is providing pure JavaScript and thus slower about 30%, effectively reducing the number of iterations that can be processed in an equal time span.

		The maximum input length is 72 bytes (note that UTF8 encoded characters use up to 4 bytes) and the length of generated
		hashes is 60 characters.

		## Highlights

		- 0 dependencies, with ONLY 8KB Gzip size
		- Written in typescript
		- Provide tree-shakable ES module

		## Usage

		### Node.js

		On Node.js, the inbuilt [crypto module](http://nodejs.org/api/crypto.html)'s randomBytes interface is used to obtain secure random numbers.

		### Browser

		In the browser, bcrypt.js relies on [Web Crypto API](http://www.w3.org/TR/WebCryptoAPI)'s getRandomValues interface to obtain secure random numbers. If no cryptographically secure source of randomness is available, the package will throw an error.

		## Usage - Sync

		To hash a password:

		```js
		import { genSaltSync, hashSync } from "bcrypt-ts";

		const salt = genSaltSync(10);
		const hash = hashSync("B4c0//", salt);
		// Store hash in your password DB.
		```

		To check a password:

		```js
		import { compareSync } from "bcrypt-ts";

		// Load hash from your password DB.
		compareSync("B4c0//", hash); // true
		compareSync("not_bacon", hash); // false
		```

		Auto-gen a salt and hash at the same time:

		```js
		import { hashSync } from "bcrypt-ts";

		const hash = hashSync("bacon", 8);
		```

		## Usage - Async

		To hash a password:

		```js
		import { genSalt, hash } from "bcrypt-ts";

		genSalt(10)
		.then((salt) => hash("B4c0//", salt))
		.then((hash) => {
		// Store hash in your password DB.
		});
		```

		To check a password:

		```js
		import { compare } from "bcrypt-ts";

		// Load hash from your password DB.
		const hash = "xxxxxx";

		compare("B4c0//", hash).then((result) => {
		// result is `true`
		});
		compare("not_bacon", hash).then((result) => {
		// result is `false`
		});
		```

		Auto-gen a salt and hash:

		```js
		import { hash } from "bcrypt-ts";

		hash("bacon").then((hash) => {
		// do something with hash
		});
		```

		Note: Under the hood, asynchronisation splits a crypto operation into small chunks. After the completion of a chunk, the execution of the next chunk is placed on the back of [JS event loop queue](https://developer.mozilla.org/en/docs/Web/JavaScript/EventLoop), thus efficiently sharing the computational resources with the other operations in the queue.

		## API

		```ts
		/**
		* Encodes a byte array to base64 with up to len bytes of input, using the custom bcrypt alphabet.
		*
		* @param byteArray Byte array
		* @param length Maximum input length
		*/
		export const encodeBase64: (
		byteArray: number[] \| Buffer,
		length: number
		) => string;
		/**
		* Decodes a base64 encoded string to up to len bytes of output, using the custom bcrypt alphabet.
		*
		* @param contentString String to decode
		* @param length Maximum output length
		*/
		export const decodeBase64: (contentString: string, length: number) => number[];

		/**
		* Synchronously tests a string against a hash.
		*
		* @param content String to compare
		* @param hash Hash to test against
		*/
		export const compareSync: (content: string, hash: string) => boolean;
		/**
		* Asynchronously compares the given data against the given hash.
		*
		* @param content Data to compare
		* @param hash Data to be compared to
		* @param progressCallback Callback successively called with the percentage of rounds completed
		* (0.0 - 1.0), maximally once per `MAX_EXECUTION_TIME = 100` ms.
		*/
		export const compare: (
		content: string,
		hash: string,
		progressCallback?: ((percent: number) => void) \| undefined
		) => Promise<boolean>;

		/**
		* Synchronously generates a hash for the given string.
		*
		* @param contentString String to hash
		* @param salt Salt length to generate or salt to use, default to 10
		* @returns Resulting hash
		*/
		export const hashSync: (
		contentString: string,
		salt?: string \| number
		) => string;
		/**
		* Asynchronously generates a hash for the given string.
		*
		* @param contentString String to hash
		* @param salt Salt length to generate or salt to use
		* @param progressCallback Callback successively called with the percentage of rounds completed
		* (0.0 - 1.0), maximally once per `MAX_EXECUTION_TIME = 100` ms.
		*/
		export const hash: (
		contentString: string,
		salt: number \| string,
		progressCallback?: ((progress: number) => void) \| undefined
		) => Promise<string>;

		/**
		* Gets the number of rounds used to encrypt the specified hash.
		*
		* @param hash Hash to extract the used number of rounds from
		* @returns Number of rounds used
		* @throws {Error} If `hash` is not a string
		*/
		export const getRounds: (hash: string) => number;
		/**
		* Gets the salt portion from a hash. Does not validate the hash.
		*
		* @param hash Hash to extract the salt from
		* @returns Extracted salt part
		* @throws {Error} If `hash` is not a string or otherwise invalid
		*/
		export const getSalt: (hash: string) => string;

		/**
		* Synchronously generates a salt.
		*
		* @param rounds Number of rounds to use, defaults to 10 if omitted
		* @returns Resulting salt
		* @throws {Error} If a random fallback is required but not set
		*/
		export const genSaltSync: (rounds?: number) => string;
		/**
		* Asynchronously generates a salt.
		*
		* @param rounds Number of rounds to use, defaults to 10 if omitted
		*/
		export const genSalt: (rounds?: number) => Promise<string>;
		```

		## License

		New-BSD / MIT ([see](https://github.com/Mister-Hope/bcrypt-ts/blob/main/LICENSE))

dist/browser.d.ts

dist/node.d.ts

dist/browser.cjs