1.0.0 • Published 5 years ago

mongoose-password-plugin v1.0.0

Weekly downloads
1
License
ISC
Repository
github
Last release
5 years ago

mongoose-password-plugin

A plugin that attaches a hashed password to a mongoose model using bcrypt

Installation

npm i -S mongoose-password-plugin

Usage

Using this plugin attaches a password field to your model. It's automatically hashed using bcrypt, so you never store the plaintext password in your database.

// user model file
const passwordPlugin = require('mongoose-password-plugin')
const mongoose = require('mongoose')

let userSchema = new mongoose.Schema({
  foo: String
})

userSchema.plugin(passwordPlugin)

module.exports = mongoose.model('User', userSchema)
// creating a new user
const User = require('./path/to/user/model/file')

let user = new User({
  password: 'asdf'
})

user.save().then(savedUser => {
  savedUser.password // hashed version of the password
})
// checking the user's password
let correctPassword = 'asdf'
let incorrectPassword = 'not asdf'

user.comparePassword(correctPassword).then(match => {
  match // true
})

user.comparePassword(incorrectPassword).then(match => {
  match // false
})
// changing the user's password
user.password = 'a new password'

user.save().then(savedUser => {
  savedUser.password // the hashed version of the new password
})

Options

You can pass in an optional configuration object as a second argument. Below are all the options available with their default values:

userSchema.plugin(passwordPlugin, {
  passwordField: 'password',
  bcryptRounds: 10
})

passwordField

This indicates what to use as the password field on the model. By default it'll be 'password'. If for instance you wanted your password field to be called 'pwd', you could configure it like this:

userSchema.plugin(passwordPlugin, {
  passwordField: 'pwd',
})

If you require your password field to be nested inside an object on the model, just specify the path in dot notation.

userSchema.plugin(passwordPlugin, {
  passwordField: 'auth.local.pwd',
})

bcryptRounds

This determines how many rounds of hasing bcrypt does to generate the password salt. Default value is 10.

userSchema.plugin(passwordPlugin, {
  bcryptRounds: 20,
})

Tests

A mongo instance must be running on port 27017 for the tests to run.

npm t
mongoosepasswordbcryptplugin
bcryptlodash
@infinitebrahmanuniverse/nolb-mongoose-p@everything-registry/sub-chunk-2199@zalastax/nolb-mongoose-p
1.0.0

5 years ago

0.1.2

8 years ago

0.1.1

8 years ago

0.1.0

8 years ago