Skip to content

venables/bookshelf-secure-password

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
lib
lib
 
 
test
test
 
 
.gitignore
.gitignore
 
 
.travis.yml
.travis.yml
 
 
README.md
README.md
 
 
package.json
package.json
 
 
yarn.lock
yarn.lock
 
 

Repository files navigation

bookshelf-secure-password

Version Build Status Coverage Status Dependency Status Standard - JavaScript Style Guide Downloads

A Bookshelf.js plugin for handling secure passwords.

Adds a method to securely set and authenticate a password using BCrypt.

Similar to has_secure_password in Ruby on Rails.

Installation

yarn add bookshelf-secure-password

or

npm install bookshelf-secure-password --save

Usage

  1. Enable the plugin in your Bookshelf setup
const bookshelf = require('bookshelf')(knex)
const securePassword = require('bookshelf-secure-password')

bookshelf.plugin(securePassword)
  1. Add hasSecurePassword to the model(s) which require a secure password
const User = bookshelf.Model.extend({
  tableName: 'users',
  hasSecurePassword: true
})

By default, this will use the database column named password_digest. To use a different column, simply change true to be the column name. For example:

const User = bookshelf.Model.extend({
  tableName: 'users',
  hasSecurePassword: 'custom_password_digest_field'
})
  1. To authenticate against the password, simply call the instance method authenticate, which returns a Promise resolving to the authenticated Model.
user.authenticate('some-password').then(function (user) {
  // do something with the authenticated user
}, function (err) {
  // invalid password.
  // `err` will be of type `PasswordMismatchError`, which extends the `Error` class
})

Example

const User = require('./models/User')

/**
 * Sign up a new user.
 *
 * @returns {Promise.<User>} A promise resolving to the newly registered User, or rejected with an error.
 */
function signUp (email, password) {
  let user = new User({ email: email, password: password })

  return user.save()
}

/**
 * Sign in with a given email, password combination
 *
 * @returns {Promise.<User>} A promise resolving to the authenticated User, or rejected with a `PasswordMismatchError`.
 */
function signIn (email, password) {
  return User.forge({ email: email })
    .fetch()
    .then(function (user) {
      return user.authenticate(password)
    })
}

Notes

  • BCrypt requires that passwords are 72 characters maximum (it ignores characters after 72).
  • This library uses the bcrypt synchronous methods when setting a password. This is to ensure the raw password is never stored on the model (in memory, or otherwise).
  • This library enables the built-in virtuals plugin on Bookshelf.
  • Passing a null value to the password will clear the password_digest.
  • Passing undefined or a zero-length string to the password will leave the password_digest as-is

Testing

To run the tests locally, simply run yarn test or npm test

About

A Bookshelf.js plugin for handling secure passwords

Topics

security password hash secure bcrypt secure-by-default bookshelf bookshelf-plugin secure-password

Resources

Readme

License

MIT license
Activity

Stars

24 stars

Watchers

4 watching

Forks

14 forks
Report repository

Releases 7

v5.0.0 Latest
Dec 2, 2019
+ 6 releases

Packages

No packages published

Contributors 6

Languages