Class Password

The Password class provides methods for securely hashing, comparing, and checking the strength of passwords. It integrates with bcrypt for hashing and comparison and also checks for weak or compromised passwords using both strength rules and the Pwned Passwords API.

Methods

compare hash isStrong toJSON from

Methods

compare

  • compare(hashed: string): Promise<boolean>

  • Compares the plain text password with a hashed password using bcrypt.

    Parameters

    • hashed: string

      The hashed password to compare against.

    Returns Promise<boolean>

    A promise that resolves to true if the passwords match, otherwise false.

hash

  • hash(salt?: number): Promise<string>

  • Hashes the password using bcrypt with a customizable salt rounds factor.

    Parameters

    • salt: number = SALT_ROUNDS

      The number of salt rounds to use. Defaults to 10.

    Returns Promise<string>

    A promise that resolves to the hashed password.

isStrong

  • isStrong(): Promise<void>

  • Checks if the password is weak. A password is considered weak if it does not meet the following criteria:

    • Minimum length of 8 characters (configured with a constant).
    • Contains at least one lowercase letter.
    • Contains at least one uppercase letter.
    • Contains at least one number.
    • Contains at least one special character.
    • Not found in the Pwned Passwords database.

    Returns Promise<void>

    A promise that resolves if the password is strong, otherwise throws an error.

    Throws

    If the password is considered weak.

toJSON

Staticfrom

Settings

Member Visibility

On This Page

Methods