typescript/libcrypto
1
0
Fork 0
Code Issues 5 Pull Requests Packages Projects Releases Wiki Activity

Implement password hash/verification

Browse Source
This commit is contained in:
Pascal Perrenoud
2024-05-14 13:40:50 +02:00
parent 6bc46bb0ab
commit 9935cf9a9c
3 changed files with 48 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
package.json
+2
View File
@@ -8,6 +8,7 @@
"test": "bun test"
},
"dependencies": {
"argon2": "^0.40.1",
"jose": "^5.2.3",
"log": "^6.3.1",
"result": "git+git@git.pband.ch:typescript/result.git",
@@ -15,6 +16,7 @@
},
"devDependencies": {
"@happy-dom/global-registrator": "^14.10.2",
"@types/argon2": "^0.15.0",
"@types/bun": "^1.1.2",
"@types/zxcvbn": "^4.4.4"
},
src/pwd.ts
+11 -4
View File
@@ -1,6 +1,13 @@
export function hash(pwd: string) : string {
throw "todo"
import argon from 'argon2'
export function hash(pwd: string): Promise<string> {
return argon.hash(pwd)
}
export function verify(pwd: string, hash: string) : boolean {
throw "todo"
export async function verify(pwd: string, hash: string): Promise<boolean> {
try {
return await argon.verify(hash, pwd)
} catch (_) {}
return false
}
test/pwd.test.ts
+35
View File
@@ -0,0 +1,35 @@
import {test, expect} from 'bun:test'
import {pwd} from '../index'
test('base case', async () => {
const password = "AwesomePassword123!"
const hash = await pwd.hash(password)
const verification = await pwd.verify(password, hash)
expect(verification).toBe(true)
})
test('wrong password', async () => {
const password1 = "AwesomePassword123!"
const password2 = "AwesomePassword321!"
expect(password1).not.toEqual(password2)
const hash = await pwd.hash(password1)
const verification = await pwd.verify(password2, hash)
expect(verification).toBe(false)
})
test('salt changes', async () => {
const password = "AwesomePassword123!"
const hash1 = await pwd.hash(password)
const hash2 = await pwd.hash(password)
expect(hash1).not.toEqual(hash2)
})
test('tampered hash', async () => {
const password = "AwesomePassword123"
const hash = await pwd.hash(password)
const tamperedHash = hash.replace('a', 'b')
const verification = await pwd.verify(password, tamperedHash)
expect(verification).toBe(false)
})