Methods for checking passwords against phpass or argon2 hashes, and upgrading then to argon2 where needed.
Methods for checking passwords against phpass or argon2 hashes,
and upgrading then to argon2 where needed.
``javascript
import verify, { hash } from 'phpass-to-argon2';
/**
* An example login function using phpass-to-argon2
* @param user The user object to verify against
* @param password The password submitted by the login form
*/
export default async function login(user, password) {
return verify(
// Supply the password and the hash to verify against
user.passwordHash,
password,
// Supply a function for updating the hash when needed
async newHash => {
user.passwordHash = newHash;
await user.save();
}
)
}
// We also export the argon2 hash method
// for setting the password normally.
export async function updatePassword(user, newPassword) {
user.passwordHash = await hash(newPassword);
await user.save();
}
`
Verify a password against a phpass or argon2 hash.
If the update argument is passed, it will be called when a password hash needs updating from phpass to argon2
stringHash a password using argon2
booleanCheck if a hash needs to be updated
| Param | Type | Description |
| --- | --- | --- |
| hash | string | The hash to compare with |
| password | string | The password to compare |
| [update] | function | A function to execute when the stored hash needs updating, taking the new hash as the first argument |
| [options] | object | The argon2 options object |
stringReturns: string - The hashed password
| Param | Type | Description |
| --- | --- | --- |
| password | string | The password to be hashed |
| options | object | The argon2 options object |
boolean
| Param | Type | Description |
| --- | --- | --- |
| hash | string | The hash to check |