Giter Club home page Giter Club logo

bookshelf-bcrypt's Introduction

bookshelf-bcrypt

Build Status Code Climate Test Coverage Version Downloads

Automatic password hashing for your bookshelf models

Installation

After installing bookshelf-bcrypt with npm i --save bookshelf-bcrypt, all you need to do is add it as a bookshelf plugin and enable it on your models.

let knex = require('knex')(require('./knexfile.js').development)
let bookshelf = require('bookshelf')(knex)

// Add the plugin
bookshelf.plugin(require('bookshelf-bcrypt'))

// Enable it on your models
let User = bookshelf.Model.extend({ tableName: 'users', bcrypt: { field: 'password' } })

// By default, an error will be thrown if a null/undefined password is detected. Use the following to allow null/undefined passwords
let User = bookshelf.Model.extend({ tableName: 'users', bcrypt: { field: 'password', allowEmptyPassword: true } })

Usage

Nothing fancy here, just keep using bookshelf as usual.

// Wow such h4x0r, much password
let user = yield User.forge({ password: 'h4x0r' }).save()
console.log(user.get('password')) // $2a$12$K2CtDP7zSGOKgjXjxD9SYey9mSZ9Udio9C95K6wCKZewSP9oBWyPO

This plugin will also hash the password again if it detects that the field changed, so you're good to do this:

let user = yield User.forge({ id: 1000 }).fetch()

// Update the user
user.set('password', 'another_pwd')
yield user.save() // Password automatically hashed with the new value

// You can also avoid hashing by using an options
yield user.save({ bcrypt: false })

Settings

bookshelf-bcrypt uses 12 salt rounds by default and throws an error when it detect a rehash of a bcrypt hash. You can change this behavior when adding the plugin to bookshelf

bookshelf.plugin(require('bookshelf-bcrypt'), {
  rounds: 10 // >= 12 recommended though,
  onRehash: function () {
    // This will avoid throwing error but be aware that you can loose
    // user's password if you don't know what you're doing.
    // The function is also binded to the model instance that raised the event
    // so you can use any method to better handle it
    console.warn(`Rehash detected for ${this.tableName}`)
    this.set('need_password_change', true)
  }
})

Testing

git clone [email protected]:estate/bookshelf-bcrypt.git
cd bookshelf-bcrypt && npm install && npm test

bookshelf-bcrypt's People

Contributors

alanhoff avatar bsiddiqui avatar jamesdixon avatar

Watchers

avatar avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.