Threaded bcrypt bindings for Node.js
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
src
.editorconfig
.eslintignore
.eslintrc.json
.gitignore
.travis.yml
LICENSE
README.md
binding.gyp
index.js
package-lock.json
package.json
promises.js
test.js

README.md

bcrypt-small

Build status

bcrypt-small provides functions to asynchronously create and verify password hashes.

Passwords are encoded as UTF-8, cannot contain null bytes, and must be no longer than 72 bytes; an error is produced if these conditions are not met.

Example

const bcrypt = require('bcrypt-small');

bcrypt.hash('password', 12, (error, hash) => {
	if (error) {
		console.error(error);
		return;
	}

	bcrypt.compare('password', hash, (error, result) => {
		console.log(result); // true
	});

	bcrypt.compare('not password', hash, (error, result) => {
		console.log(result); // false
	});

	console.log(bcrypt.getRounds(hash)); // 12
});

Functions returning built-in promises are provided by bcrypt-small/promises:

const bcrypt = require('bcrypt-small/promises');

(async () => {
	const hash = await bcrypt.hash('password', 12);

	console.log(await bcrypt.compare('password', hash)); // true
	console.log(await bcrypt.compare('not password', hash)); // false
	console.log(bcrypt.getRounds(hash)); // 12
})();

API

bcrypt.hash(password, logRounds, callback)

Hashes a password using 2**logRounds rounds. The callback receives two arguments: (error, hash), where hash is a 60-character string. logRounds should be at least 4 and at most 31. Aim for 0.1 seconds per hash or more.

bcrypt.compare(password, expectedHash, callback)

Compares a password to a hash. The callback receives two arguments: (error, result), where result is true if the password matches the hash and false if it does not.

bcrypt.getRounds(hash)

Returns the number of rounds used to produce the given hash.