28 lines
820 B
JavaScript
28 lines
820 B
JavaScript
import argon2 from 'argon2'
|
|
|
|
// --- Hash a password (e.g. at signup) ---
|
|
export async function hashPassword(plainPassword) {
|
|
try {
|
|
const hash = await argon2.hash(plainPassword, {
|
|
type: argon2.argon2id, // recommended variant
|
|
memoryCost: 2 ** 16, // ~64 MB
|
|
timeCost: 3, // iterations
|
|
parallelism: 1 // threads
|
|
})
|
|
return hash // store this string in MySQL
|
|
} catch (err) {
|
|
console.error('Error hashing password:', err)
|
|
throw err
|
|
}
|
|
}
|
|
|
|
// --- Verify a password (e.g. at login) ---
|
|
export async function verifyPassword(plainPassword, storedHash) {
|
|
try {
|
|
const match = await argon2.verify(storedHash, plainPassword)
|
|
return match // true or false
|
|
} catch (err) {
|
|
console.error('Error verifying password:', err)
|
|
return false
|
|
}
|
|
} |