diff --git a/README.md b/README.md index a0fd81d..870855b 100644 --- a/README.md +++ b/README.md @@ -1 +1,19 @@ Hash and verify passwords hashed with PHP's built-in password_* functions + +Designed to be future proof for new hashing algorithms. + +Usage: + +var Password = require("node-php-password"); + +var hash = Password.password_hash("password123", "PASSWORD_DEFAULT", { cost: 10 }); +//hash: "$2y$10$8mNOnsos8qo4qHLcd32zrOg7gmyvfZ6/o9.2nsP/u6TRbrANdLREy" + +console.log(Password.password_verify("password123", hash); +//true + +var hash = $1$7576f3a00f6de47b0c72c5baf2d505b0 +console.log(Password.password_needs_rehash(hash, "PASSWORD_DEFAULT"); +//true + +WARNING password_needs_rehash is currently not working \ No newline at end of file diff --git a/index.js b/index.js index eceed0b..705dfec 100644 --- a/index.js +++ b/index.js @@ -77,7 +77,11 @@ function password_hash(password, algorithm, options){ } function password_needs_rehash(hash, algorithm, options){ - var info = password_get_info(hash); + try{ + var info = password_get_info(hash); + }catch(e){ + return true; + } if(typeof aliases[algorithm] !== 'undefined'){ algorithm = aliases[algorithm]; } @@ -87,12 +91,12 @@ function password_needs_rehash(hash, algorithm, options){ if(algorithms[algorithm].name == info.algoName){ if(typeof options !== 'undefined' && typeof options.cost !== 'undefined'){ if(info.options.cost != options.cost){ - return false; + return true; } } - return true; + return false; } - return false; + return true; } function password_verify(password, hash){ diff --git a/package.json b/package.json index da200dd..b480c06 100644 --- a/package.json +++ b/package.json @@ -3,6 +3,10 @@ "version": "0.0.1", "description": "A node compatibility layer to verify and hash php compatible password hashes", "main": "index.js", + "repository": { + "type": "git", + "url": "git+https://github.com/alrek-consulting/node-php-password.git" + }, "scripts": { "test": "echo \"Error: no test specified\" && exit 1" },