Created
December 29, 2017 13:15
-
-
Save adnan-i/958ee5c14df4b87fb75a4f6407cf004c to your computer and use it in GitHub Desktop.
Password hashing using crypto.pbkdf2Sync
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * Password are never stored as plain-text. | |
| * Instead, their one-way hashes are stored along with a unique salt. | |
| * This means that not even the DB owner can reverse-engineer the plain passwords | |
| */ | |
| static hashPassword(password, salt) { | |
| if (!password) throw new Error('Missing password argument'); | |
| if (!salt) throw new Error('Missing salt argument'); | |
| return crypto.pbkdf2Sync(password, new Buffer(salt, 'base64'), 10000, 64, 'sha512').toString('base64'); | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment