Hash A Password
The JSTime.password.hash() function provides a fast, built-in mechanism for securely hashing passwords in JSTime. No third-party dependencies are required.
const password = "super-secure-pa$$word";
const hash = await JSTime.password.hash(password);// => $argon2id$v=19$m=65536,t=2,p=1$tFq+9AVr1bfPxQdh6E8DQRhEXg/M/...By default this uses the Argon2id algorithm. Pass a second argument to JSTime.hash.password() to use a different algorithm or configure the hashing parameters.
const password = "super-secure-pa$$word";
// use argon2 (default)const argonHash = await JSTime.password.hash(password, { memoryCost: 4, // memory usage in kibibytes timeCost: 3, // the number of iterations});JSTime also implements the bcrypt algorithm. Specify algorithm: "bcrypt" to use it.
// use bcryptconst bcryptHash = await JSTime.password.hash(password, { algorithm: "bcrypt", cost: 4, // number between 4-31});To verify a password, use JSTime.password.verify(). The algorithm and its parameters are stored in the hash itself, so there’s no need to re-specify any configuration.
const password = "super-secure-pa$$word";const hash = await JSTime.password.hash(password);
const isMatch = await JSTime.password.verify(password, hash);// => trueSee Docs > API > Hashing for complete documentation.