0.0.2 • Published 5 years ago
securemyloginjs v0.0.2
SecureMyLoginJS
Description
SecureMyLoginJs is a simple node module that does the complicated security stuff behind the scenes for you, so you can focus more of your time on the web app you want to create. This is an excellent tool for those who don't unserstand the basics of security but still want to develop a seure web app.
The module is created in such a way that you can use any database you'd like.
Example
const secureLogin = require('securemyloginjs');
const userHandler = secureLogin(options);
const DatabaseObject = userHandler.DatabaseObject;
//function when a user tries to login
function userLogin(login,password)
{
//DO DATABASE QUERY HERE
//dbSalt is only required if mergePassword is disabled in the options
let dbObj = new DatabaseObject(dbLogin,dbPassword,dbSalt);
uh.authenticateUser(login,password,dbObj,function(cookie)
{
//REGISTER COOKIE IN DATABASE WITH DATE
//SET THE COOKIE ON THE CLIENT
});
}
function userRegistration(login, password [, other params])
{
uh.registerUser(login, password, entropystr, function(dbObj)
{
//REGISTER DATABASEOBJECT IN YOUR DATABASE
});
}
Options
{
digest: "sha512", //The hash algorithm used to hash the password.
encoding: "base64", //The encoding used to encode all the data
iterations: 10000, //Amount of iterations the HMAC should do
keylen: 256, //The length in bytes the passwordhash should be
saltlen: 64, //The length in btes the salt should be
cookielen: 64, //The length in bytes the cookie should be
mergePassword: true, //If true the password and salt are stored in the same database field.
divider: ':' //The char(s) to split the password and salt from eachother not required if mergePassword is set to false
}