bcrypt-small

bcrypt-small provides functions to asynchronously create and verify password hashes.

Passwords are encoded as UTF-8, cannot contain null bytes, and must be no longer than 72 bytes; an error is produced if these conditions are not met.

Example

const bcrypt = require('bcrypt-small');

bcrypt.hash('password', 12, (error, hash) => {
	if (error) {
		console.error(error);
		return;
	}

	bcrypt.compare('password', hash, (error, result) => {
		console.log(result); // true
	});

	bcrypt.compare('not password', hash, (error, result) => {
		console.log(result); // false
	});

	console.log(bcrypt.getRounds(hash)); // 12
});

Functions returning built-in promises are provided by bcrypt-small/promises:

const bcrypt = require('bcrypt-small/promises');

(async () => {
	const hash = await bcrypt.hash('password', 12);

	console.log(await bcrypt.compare('password', hash)); // true
	console.log(await bcrypt.compare('not password', hash)); // false
	console.log(bcrypt.getRounds(hash)); // 12
})();

API

bcrypt.hash(password, logRounds, callback)

Hashes a password using 2**logRounds rounds. The callback receives two arguments: (error, hash), where hash is a 60-character string. logRounds should be at least 4 and at most 31. Aim for 0.1 seconds per hash or more.

bcrypt.compare(password, expectedHash, callback)

Compares a password to a hash. The callback receives two arguments: (error, result), where result is true if the password matches the hash and false if it does not.

bcrypt.getRounds(hash)

Returns the number of rounds used to produce the given hash.