npmpackage.info

Gathering detailed insights and metrics for bcryptjs-react

Other packages similar to bcryptjs-react

create-e.x.p.r.re.s.s-app

1.2.27

[![License](https://img.shields.io/badge/license-MIT-blue.svg)](LICENSE) [![npm version](https://badge.fury.io/js/cea.svg)](https://badge.fury.io/js/cea)

credifyauth

1.0.4

A lightweight authentication and JWT utility package built with TypeScript for Node.js and React projects. It includes common methods for generating and verifying JSON Web Tokens (JWT), as well as password hashing using `bcryptjs`.

Gathering detailed insights and metrics for bcryptjs-react

bcryptjs-react - 2.4.6 | npmpackage.info

bcryptjs-react

Webpack v5 - Optimized bcrypt in plain JavaScript with zero dependencies.

2.4.6

NOASSERTION

JavaScript

8.99 kB

282,776

Installations

npm install bcryptjs-react

Developer Guide

BETA

Typescript

Yes

Module System

CommonJS, UMD

Node Version

16.16.0

NPM Version

8.11.0 Score

84.4

Supply Chain

99.6

Quality

75.3

Maintenance

100

Vulnerability

99.6

License

Pull Requests

Open

0

Total

0

Closed

0

Issues

Open

0

Total

0

Closed

0

Releases

v2.4.6 Release

v2.4.6

Updated on Aug 04, 2022

View All 1 releases

Languages

JavaScript

JavaScript (100%)

Developer

jayanta525

Download Statistics

Total Downloads

282,776

Last Day

256

Last Week

4,710

Last Month

17,280

Last Year

178,742

GitHub Statistics

NOASSERTION License

1 Stars

112 Commits

1 Branches

1 Contributors

Updated on Jan 12, 2023

Bundle Size

19.56 kB

Minified

8.99 kB

Minified + Gzipped

Bundlephobia

Maintainers

View All 1 Contributors

Package Meta Information

Latest Version

2.4.6

Package Id

bcryptjs-react@2.4.6

Unpacked Size

219.53 kB

Size

78.08 kB

File Count

NPM Version

8.11.0

Node Version

16.16.0

Total Downloads

Cumulative downloads

Total Downloads

282,776

Last Day

43%

256

Compared to previous day

Last Week

2.3%

4,710

Compared to previous week

Last Month

21.1%

17,280

Compared to previous month

Last Year

88.3%

178,742

Compared to previous year

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dev Dependencies

bcrypt google-closure-compiler metascript testjs

bcrypt.js-react

fixed for webpack v5

    BREAKING CHANGE: webpack < 5 used to include polyfills for node.js core modules by default.
    This is no longer the case. Verify if you need this module and configure a polyfill for it.

    If you want to include a polyfill, you need to:
        - add a fallback 'resolve.fallback: { "crypto": require.resolve("crypto-browserify") }'
        - install 'crypto-browserify'
    If you don't want to include a polyfill, you can use an empty module like this:
        resolve.fallback: { "crypto": false }

Optimized bcrypt in JavaScript with zero dependencies. Compatible to the C++ bcrypt binding on node.js and also working in the browser.

Installation

npm i bcryptjs-react

Usage

import bcrypt from "bcryptjs-react";

bcrypt.js

Optimized bcrypt in JavaScript with zero dependencies. Compatible to the C++ bcrypt binding on node.js and also working in the browser.

Security considerations

Besides incorporating a salt to protect against rainbow table attacks, bcrypt is an adaptive function: over time, the iteration count can be increased to make it slower, so it remains resistant to brute-force search attacks even with increasing computation power. (see)

While bcrypt.js is compatible to the C++ bcrypt binding, it is written in pure JavaScript and thus slower (about 30%), effectively reducing the number of iterations that can be processed in an equal time span.

The maximum input length is 72 bytes (note that UTF8 encoded characters use up to 4 bytes) and the length of generated hashes is 60 characters.

Usage

The library is compatible with CommonJS and AMD loaders and is exposed globally as dcodeIO.bcrypt if neither is available.

node.js

On node.js, the inbuilt crypto module's randomBytes interface is used to obtain secure random numbers.

npm install bcryptjs

1var bcrypt = require('bcryptjs');
2...

Browser

In the browser, bcrypt.js relies on Web Crypto API's getRandomValues interface to obtain secure random numbers. If no cryptographically secure source of randomness is available, you may specify one through bcrypt.setRandomFallback.

1var bcrypt = dcodeIO.bcrypt;
2...

1require.config({
2    paths: { "bcrypt": "/path/to/bcrypt.js" }
3});
4require(["bcrypt"], function(bcrypt) {
5    ...
6});

Usage - Sync

To hash a password:

1var bcrypt = require('bcryptjs');
2var salt = bcrypt.genSaltSync(10);
3var hash = bcrypt.hashSync("B4c0/\/", salt);
4// Store hash in your password DB.

To check a password:

1// Load hash from your password DB.
2bcrypt.compareSync("B4c0/\/", hash); // true
3bcrypt.compareSync("not_bacon", hash); // false

Auto-gen a salt and hash:

1var hash = bcrypt.hashSync('bacon', 8);

Usage - Async

To hash a password:

1var bcrypt = require('bcryptjs');
2bcrypt.genSalt(10, function(err, salt) {
3    bcrypt.hash("B4c0/\/", salt, function(err, hash) {
4        // Store hash in your password DB.
5    });
6});

To check a password:

1// Load hash from your password DB.
2bcrypt.compare("B4c0/\/", hash, function(err, res) {
3    // res === true
4});
5bcrypt.compare("not_bacon", hash, function(err, res) {
6    // res === false
7});
8
9// As of bcryptjs 2.4.0, compare returns a promise if callback is omitted:
10bcrypt.compare("B4c0/\/", hash).then((res) => {
11    // res === true
12});

Auto-gen a salt and hash:

1bcrypt.hash('bacon', 8, function(err, hash) {
2});

Note: Under the hood, asynchronisation splits a crypto operation into small chunks. After the completion of a chunk, the execution of the next chunk is placed on the back of JS event loop queue, thus efficiently sharing the computational resources with the other operations in the queue.

API

setRandomFallback(random)

Sets the pseudo random number generator to use as a fallback if neither node's crypto module nor the Web Crypto API is available. Please note: It is highly important that the PRNG used is cryptographically secure and that it is seeded properly!

Parameter	Type	Description
random	function(number):!Array.<number>	Function taking the number of bytes to generate as its sole argument, returning the corresponding array of cryptographically secure random byte values.
@see		http://nodejs.org/api/crypto.html
@see		http://www.w3.org/TR/WebCryptoAPI/

Hint: You might use isaac.js as a CSPRNG but you still have to make sure to seed it properly.

genSaltSync(rounds=, seed_length=)

Synchronously generates a salt.

Parameter	Type	Description
rounds	number	Number of rounds to use, defaults to 10 if omitted
seed_length	number	Not supported.
@returns	string	Resulting salt
@throws	Error	If a random fallback is required but not set

genSalt(rounds=, seed_length=, callback)

Asynchronously generates a salt.

Parameter	Type	Description
rounds	number \| function(Error, string=)	Number of rounds to use, defaults to 10 if omitted
seed_length	number \| function(Error, string=)	Not supported.
callback	function(Error, string=)	Callback receiving the error, if any, and the resulting salt
@returns	Promise	If `callback` has been omitted
@throws	Error	If `callback` is present but not a function

hashSync(s, salt=)

Synchronously generates a hash for the given string.

Parameter	Type	Description
s	string	String to hash
salt	number \| string	Salt length to generate or salt to use, default to 10
@returns	string	Resulting hash

hash(s, salt, callback, progressCallback=)

Asynchronously generates a hash for the given string.

Parameter	Type	Description
s	string	String to hash
salt	number \| string	Salt length to generate or salt to use
callback	function(Error, string=)	Callback receiving the error, if any, and the resulting hash
progressCallback	function(number)	Callback successively called with the percentage of rounds completed (0.0 - 1.0), maximally once per `MAX_EXECUTION_TIME = 100` ms.
@returns	Promise	If `callback` has been omitted
@throws	Error	If `callback` is present but not a function

compareSync(s, hash)

Synchronously tests a string against a hash.

Parameter	Type	Description
s	string	String to compare
hash	string	Hash to test against
@returns	boolean	true if matching, otherwise false
@throws	Error	If an argument is illegal

compare(s, hash, callback, progressCallback=)

Asynchronously compares the given data against the given hash.

Parameter	Type	Description
s	string	Data to compare
hash	string	Data to be compared to
callback	function(Error, boolean)	Callback receiving the error, if any, otherwise the result
progressCallback	function(number)	Callback successively called with the percentage of rounds completed (0.0 - 1.0), maximally once per `MAX_EXECUTION_TIME = 100` ms.
@returns	Promise	If `callback` has been omitted
@throws	Error	If `callback` is present but not a function

getRounds(hash)

Gets the number of rounds used to encrypt the specified hash.

Parameter	Type	Description
hash	string	Hash to extract the used number of rounds from
@returns	number	Number of rounds used
@throws	Error	If `hash` is not a string

getSalt(hash)

Gets the salt portion from a hash. Does not validate the hash.

Parameter	Type	Description
hash	string	Hash to extract the salt from
@returns	string	Extracted salt part
@throws	Error	If `hash` is not a string or otherwise invalid

Command line

Usage: bcrypt <input> [salt]

If the input has spaces inside, simply surround it with quotes.

Downloads

Credits

Based on work started by Shane Girish at bcrypt-nodejs (MIT-licensed), which is itself based on javascript-bcrypt (New BSD-licensed).

License

New-BSD / MIT (see)

No vulnerabilities found.

No security vulnerabilities found.