Example #1
0
  verify(value1: string, value2: string): boolean {
    if (!value1 && !value2) return true; // both values null or undefined
    if (!value1 || !value2) return false; // one value null or undefined
    // both values are hashed or both values are unhashed
    if ((passwordHash.isHashed(value1) && passwordHash.isHashed(value2)) || 
        (!passwordHash.isHashed(value1) && !passwordHash.isHashed(value2))) 
    {
      return value1 === value2;
    }     

    // Only value2 is hashed
    if (!passwordHash.isHashed(value1) && passwordHash.isHashed(value2))
      return passwordHash.verify(value1, value2);
    
    // Only value1 is hashed
    return passwordHash.verify(value2, value1);
  }
 model.Users.findOne({ email: req.body.email}, (err, user) => {
   if (err) {
     return res.status(404).json({
       title: 'An error ocurred',
       error: err
     });
   }
   if (!user) {
     return res.status(404).json({
       title: 'No user found',
       error: { message: "can't find the user" }
     });
   }
   if (!passwordHash.verify(req.body.password, user.password)) {
     return res.status(404).json({
       title: "Can't signin",
       error: { message: "Invalid password"}
     });
   }
   var token = jwt.sign({ user: user}, Config.SUPER_SECRET,
                         { expiresIn: TWO_MONTHS })
   res.status(200).json({ message: 'Success', token: token})
 })
'use strict';

import {generate, verify, isHashed} from 'password-hash';

let password = '******';
let hashed: string;

hashed = generate(password);
hashed = generate(password, {algorithm: 'sha256'});
hashed = generate(password, {saltLength: 10});
hashed = generate(password, {iterations: 11});
hashed = generate(password, {algorithm: 'sha512', saltLength: 9, iterations: 11});

let isOk: boolean;

isOk = verify(password, hashed);
isOk = isHashed(password);
  it('getHashedValue() hashes the password', () => {
    let hashedPassword = service.getHashedValue('myPa$$word')

    expect(passwordHash.verify('wrongPa$$word', hashedPassword)).toBeFalsy();
    expect(passwordHash.verify('myPa$$word', hashedPassword)).toBeTruthy();
  })