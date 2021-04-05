Automatic Password Hashing for Objection.js

This plugin automatically adds automatic password hashing to your Objection.js models. This makes it super-easy to secure passwords and other sensitive data.

Under the hood, the plugin uses bcrypt for hashing.

Installation

NPM

npm i objection-password

Yarn

yarn add objection-password

Version Compatibility

Node Version Plugin Version < 12 2.x >= 12 >= 3.x

If you're using Node 12 or greater, use version 3.x of the plugin as it contains bcrypt 5.x , which contains important security updates but is only compatible with Node 12+. It's also tested against Objection 2.x.

Usage

Hashing your data

const Password = require ( 'objection-password' )(); const Model = require ( 'objection' ).Model; class Person extends Password ( Model ) { static get tableName() { return 'person' ; } } const person = await Person.query().insert({ email : 'matt@damon.com' , password : 'q1w2e3r4' }); console .log(person.password);

Verifying the data

const password = 'q1w2e3r4' ; const person = await Person.query().first().where({ email : 'matt@damon.com' }); const passwordValid = await person.verifyPassword(password);

Options

There are a few options you can pass to customize the way the plugin works.

These options can be added when instantiating the plugin. For example:

const Password = require ( 'objection-password' )({ passwordField : 'hash' });

allowEmptyPassword (defaults to false )

Allows an empty password to be set.

passwordField (defaults to password )

Allows you to override the name of the field to be hashed.

rounds (defaults to 12 )

The number of bcrypt rounds to use when hashing the data.