bcryptjs

Optimized bcrypt in plain JavaScript with zero dependencies. 100% typed code. Fully compatible to 'bcrypt'.

npm install bcryptjs
537 downloads in the last day
4 036 downloads in the last week
19 029 downloads in the last month

bcrypt.js - bcrypt in plain JavaScript

Optimized bcrypt in plain JavaScript with zero dependencies. Compiled through Closure Compiler using advanced optimizations, 100% typed code. Fully compatible to bcrypt and also working in the browser.

Features Build Status

  • CommonJS/node.js compatible (via crypto), also available via npm
  • Shim/browser compatible (via WebCryptoAPI)
  • RequireJS/AMD compatible
  • Zero production dependencies
  • Small footprint
  • Closure Compiler externs included

Usage

node.js

npm install bcryptjs

var bcrypt = require('bcryptjs');
...

RequireJS/AMD

require.config({
    "paths": {
        "bcrypt": "/path/to/bcrypt.js"
    }
});
require(["bcrypt"], function(bcrypt) {
    ...
});

Shim/browser

<script src="//raw.github.com/dcodeIO/bcrypt.js/master/bcrypt.min.js"></script>
var bcrypt = dcodeIO.bcrypt;
...

Usage - Sync

To hash a password:

var bcrypt = require('bcryptjs');
var salt = bcrypt.genSaltSync(10);
var hash = bcrypt.hashSync("B4c0/\/", salt);
// Store hash in your password DB.

To check a password:

// Load hash from your password DB.
bcrypt.compareSync("B4c0/\/", hash); // true
bcrypt.compareSync("not_bacon", hash); // false

Auto-gen a salt and hash:

var hash = bcrypt.hashSync('bacon', 8);

Usage - Async

To hash a password:

var bcrypt = require('bcryptjs');
bcrypt.genSalt(10, function(err, salt) {
    bcrypt.hash("B4c0/\/", salt, function(err, hash) {
        // Store hash in your password DB.
    });
});

To check a password:

// Load hash from your password DB.
bcrypt.compare("B4c0/\/", hash, function(err, res) {
    // res == true
});
bcrypt.compare("not_bacon", hash, function(err, res) {
    // res = false
});

Auto-gen a salt and hash:

bcrypt.hash('bacon', 8, function(err, hash) {
});

API

bcrypt

bcrypt namespace.

bcrypt.genSaltSync(rounds*, seed_length*)

Synchronously generates a salt.

Name Type Description
rounds* number Number of rounds to use, defaults to 10 if omitted
seed_length* number Not supported.
returns string Resulting salt

bcrypt.genSalt(rounds*, seed_length*, callback*)

Asynchronously generates a salt.

Name Type Description
rounds* (number ¦ function(Error, ?string)) Number of rounds to use, defaults to 10 if omitted
seed_length* (number ¦ function(Error, ?string)) Not supported.
callback* function(Error, ?string) Callback receiving the error, if any, and the resulting salt

bcrypt.hashSync(s, salt*)

Synchronously generates a hash for the given string.

Name Type Description
s string String to hash
salt* (number ¦ string) Salt length to generate or salt to use, default to 10
returns ?string Resulting hash, actually never null

bcrypt.hash(s, salt, callback)

Asynchronously generates a hash for the given string.

Name Type Description
s string String to hash
salt number ¦ string Salt length to generate or salt to use
callback function(Error, ?string) Callback receiving the error, if any, and the resulting hash

bcrypt.compareSync(s, hash)

Synchronously tests a string against a hash.

Name Type Description
s string String to compare
hash string Hash to test against
returns boolean true if matching, otherwise false
throws Error If an argument is illegal

bcrypt.compare(s, hash, callback)

Asynchronously compares the given data against the given hash.

Name Type Description
s string Data to compare
hash string Data to be compared to
callback function(Error, boolean) Callback receiving the error, if any, otherwise the result
throws Error If the callback argument is invalid

bcrypt.getRounds(hash)

Gets the number of rounds used to encrypt the specified hash.

Name Type Description
hash string Hash to extract the used number of rounds from
returns number Number of rounds used
throws Error If hash is not a string

bcrypt.getSalt(hash)

Gets the salt portion from a hash.

Name Type Description
hash string Hash to extract the salt from
returns string Extracted salt part portion
throws Error If hash is not a string or otherwise invalid

Command line

Usage: bcrypt <input> [salt]

If the input has spaces inside, simply surround it with quotes.

Downloads

Credits

Based on work started by Shane Girish at bcrypt-nodejs (MIT-licensed), which is itself based on javascript-bcrypt (New BSD-licensed).

License

Apache License, Version 2.0 if not stated otherwise

npm loves you