A Bookshelf.js plugin for handling secure passwords.
Adds a method to set and authenticate against a BCrypt password.
Similar to has_secure_password in Ruby on Rails.
yarn add bookshelf-secure-password
or
npm install bookshelf-secure-password --save
- Initialize the plugin
const bookshelf = require('bookshelf')(knex);
const securePassword = require('bookshelf-secure-password');
bookshelf.plugin(securePassword);
- Add
hasSecurePassword
to the model(s) which require a secure password
const User = bookshelf.Model.extend({
tableName: 'users',
hasSecurePassword: true
});
By default, this requires a field on the table named password_digest
. To use a different column, simply set true
to be the column name. For example:
const User = bookshelf.Model.extend({
tableName: 'users',
hasSecurePassword: 'custom_password_digest_field'
});
- To authenticate against the password, simply call the instance method
authenticate
:
let isAuthenticated = user.authenticate('some-password');
- This library uses the sync methods for bcrypt. This is to ensure the raw password is never stored on the model.